Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/LPBD8iktYwDRpT6ikyWPgqFJSWA.roa
File: LPBD8iktYwDRpT6ikyWPgqFJSWA.roa (raw, json)
Hash identifier: 1vRCcRvW3jhel8/fv/aBWoTGP7okzjL8VJRYA1ZokSs=
Subject key identifier: 2C:F0:43:F2:29:2D:63:00:D1:A5:3E:A2:93:25:8F:82:A1:49:49:60
Certificate issuer: /CN=3bdfd7604dfa0eb8ae20e90fcf130393b8a8564a
Certificate serial: 0185708C8E3B3B20C34CB6D522034B49A38A
Authority key identifier: 3B:DF:D7:60:4D:FA:0E:B8:AE:20:E9:0F:CF:13:03:93:B8:A8:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9_XYE36DriuIOkPzxMDk7ioVko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/LPBD8iktYwDRpT6ikyWPgqFJSWA.roa
Signing time: Mon 02 Jan 2023 03:35:37 +0000
ROA not before: Mon 02 Jan 2023 03:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34987
IP address blocks: 185.90.4.0/24 maxlen: 24
185.90.6.0/24 maxlen: 24
185.90.7.0/24 maxlen: 24
185.90.5.0/24 maxlen: 24
2a05:dd00::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:8e:3b:3b:20:c3:4c:b6:d5:22:03:4b:49:a3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bdfd7604dfa0eb8ae20e90fcf130393b8a8564a
Validity
Not Before: Jan 2 03:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cf043f2292d6300d1a53ea293258f82a1494960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3b:8d:24:df:dc:8d:c4:61:45:23:a5:73:2e:
1c:5b:f7:67:86:65:60:49:ee:66:e9:1c:ad:e9:de:
d8:57:79:9c:61:37:26:c1:3e:63:cc:a9:09:53:cf:
5a:90:20:a5:bf:69:42:a5:4b:4b:22:35:fc:6b:b5:
47:ac:fb:91:3e:96:cb:b8:2b:14:b3:a1:58:f0:6d:
91:9d:ec:67:06:99:76:f2:1f:27:ce:ad:24:3c:88:
0c:bf:fa:63:12:ed:d3:eb:02:a8:dc:dc:41:0b:57:
a6:3e:a5:7c:5a:ba:da:56:32:05:53:2b:e1:bf:49:
4f:7c:d5:7e:f2:8b:be:19:72:a8:08:9b:d8:70:48:
86:e7:3b:c7:16:7a:f3:b4:0e:d4:42:5f:f0:7f:63:
a0:11:a0:42:a0:bd:5b:e6:40:b0:99:07:4a:0f:3a:
e8:57:0b:ac:98:fa:25:f4:16:1b:60:85:6a:ee:6a:
dc:18:1c:57:c1:18:f2:c0:84:5e:dc:c8:6b:84:31:
8d:5b:85:d3:55:3c:38:e0:c7:bd:4e:14:20:72:24:
c9:09:19:18:2e:a7:cb:de:14:59:78:bc:e8:19:b5:
c8:28:8a:80:e0:b5:6a:e5:00:f5:6f:db:2e:0b:63:
0b:ed:5f:cf:f5:c6:b1:57:cf:fa:52:7f:a9:0d:14:
36:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F0:43:F2:29:2D:63:00:D1:A5:3E:A2:93:25:8F:82:A1:49:49:60
X509v3 Authority Key Identifier:
keyid:3B:DF:D7:60:4D:FA:0E:B8:AE:20:E9:0F:CF:13:03:93:B8:A8:56:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9_XYE36DriuIOkPzxMDk7ioVko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/LPBD8iktYwDRpT6ikyWPgqFJSWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/O9_XYE36DriuIOkPzxMDk7ioVko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.4.0/22
IPv6:
2a05:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
82:ca:cd:af:5e:fc:49:d9:19:62:c2:13:ca:bc:e6:47:e8:6d:
4e:d9:4a:2c:5d:c4:3f:a3:b7:c6:26:4a:eb:61:ef:33:ee:e5:
f5:5b:40:cc:1c:a5:38:2b:ee:ca:08:c7:8b:46:8d:5d:4a:02:
3e:0b:bd:1c:7b:a5:50:b9:5f:28:e0:a0:f3:95:02:48:f7:70:
21:5f:14:8c:e0:0e:a3:90:cf:d4:76:c8:79:47:ab:dd:69:87:
88:6c:97:6c:ec:68:0d:82:de:db:a1:b1:96:83:b0:b1:77:a8:
50:06:eb:69:61:03:bc:37:24:4d:47:4f:e5:2d:a9:d9:c4:33:
3b:bc:b3:7b:bb:41:f9:06:82:39:4a:96:11:98:d4:0f:e9:28:
74:ad:88:46:63:47:8d:b3:7e:8a:40:81:4d:4a:0f:a4:f0:88:
eb:52:3c:ed:fb:4a:1a:7f:cd:67:42:46:46:7c:be:15:e3:5c:
95:14:60:c2:da:c9:fb:71:05:4a:25:c8:12:f2:88:55:00:ef:
c0:3c:ec:7c:37:40:52:0a:e4:ee:20:c4:48:d2:81:bd:e5:3e:
4a:23:42:11:f6:55:bd:09:42:cd:31:5b:6d:91:f0:0e:bf:ed:
12:27:3e:76:96:d8:7b:0f:50:63:4c:4a:f3:e8:74:8b:68:3a:
9c:24:83:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjI47OyDDTLbVIgNLSaOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGZkNzYwNGRmYTBlYjhhZTIwZTkwZmNmMTMwMzkzYjhh
ODU2NGEwHhcNMjMwMTAyMDMzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2YwNDNmMjI5MmQ2MzAwZDFhNTNlYTI5MzI1OGY4MmExNDk0OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzuNJN/cjcRhRSOlcy4cW/dnhmVg
Se5m6Ryt6d7YV3mcYTcmwT5jzKkJU89akCClv2lCpUtLIjX8a7VHrPuRPpbLuCsU
s6FY8G2RnexnBpl28h8nzq0kPIgMv/pjEu3T6wKo3NxBC1emPqV8WrraVjIFUyvh
v0lPfNV+8ou+GXKoCJvYcEiG5zvHFnrztA7UQl/wf2OgEaBCoL1b5kCwmQdKDzro
VwusmPol9BYbYIVq7mrcGBxXwRjywIRe3MhrhDGNW4XTVTw44Me9ThQgciTJCRkY
LqfL3hRZeLzoGbXIKIqA4LVq5QD1b9suC2ML7V/P9caxV8/6Un+pDRQ2MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCzwQ/IpLWMA0aU+opMlj4KhSUlgMB8GA1UdIwQY
MBaAFDvf12BN+g64riDpD88TA5O4qFZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlfWFlFMzZEcml1SU9rUHp4TURrN2lvVmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS84ZGMyYzctM2ZjMC00NDZkLTgwN2Mt
ZWY2YzllYWQ2MTFjLzEvTFBCRDhpa3RZd0RScFQ2aWt5V1BncUZKU1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS84ZGMyYzctM2ZjMC00NDZkLTgwN2MtZWY2YzllYWQ2MTFj
LzEvTzlfWFlFMzZEcml1SU9rUHp4TURrN2lvVmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVoEMA0E
AgACMAcDBQMqBd0AMA0GCSqGSIb3DQEBCwUAA4IBAQCCys2vXvxJ2RliwhPKvOZH
6G1O2UosXcQ/o7fGJkrrYe8z7uX1W0DMHKU4K+7KCMeLRo1dSgI+C70ce6VQuV8o
4KDzlQJI93AhXxSM4A6jkM/Udsh5R6vdaYeIbJds7GgNgt7bobGWg7Cxd6hQButp
YQO8NyRNR0/lLanZxDM7vLN7u0H5BoI5SpYRmNQP6Sh0rYhGY0eNs36KQIFNSg+k
8IjrUjzt+0oaf81nQkZGfL4V41yVFGDC2sn7cQVKJcgS8ohVAO/APOx8N0BSCuTu
IMRI0oG95T5KI0IR9lW9CULNMVttkfAOv+0SJz52lth7D1BjTErz6HSLaDqcJIOd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:56 2024 by rpki-client on console-fra.rpki-client.org