Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/LKs-Im530dC06gPD5vIJHBFcnw4.roa
File: LKs-Im530dC06gPD5vIJHBFcnw4.roa (raw, json)
Hash identifier: XvVn61ifIqblKNp2cz1frO9qLH5EEIG3pe5pFk3Bz74=
Subject key identifier: 2C:AB:3E:22:6E:77:D1:D0:B4:EA:03:C3:E6:F2:09:1C:11:5C:9F:0E
Certificate issuer: /CN=a26855980b273e5ae57dc1b9eb22e9f5f3a7cdf7
Certificate serial: 01856E6FB838BC0632E7002A4EC091C7AA5A
Authority key identifier: A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/LKs-Im530dC06gPD5vIJHBFcnw4.roa
Signing time: Sun 01 Jan 2023 17:44:53 +0000
ROA not before: Sun 01 Jan 2023 17:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 193.204.0.0/15 maxlen: 15
192.167.0.0/16 maxlen: 16
193.205.16.0/20 maxlen: 20
212.189.128.0/17 maxlen: 17
90.147.0.0/16 maxlen: 16
192.167.59.0/24 maxlen: 24
185.191.180.0/22 maxlen: 22
193.206.0.0/16 maxlen: 16
138.41.0.0/16 maxlen: 16
2001:760::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b8:38:bc:06:32:e7:00:2a:4e:c0:91:c7:aa:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a26855980b273e5ae57dc1b9eb22e9f5f3a7cdf7
Validity
Not Before: Jan 1 17:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cab3e226e77d1d0b4ea03c3e6f2091c115c9f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:75:34:e0:cc:0c:b4:86:c8:b8:f1:39:65:
af:07:5b:20:1a:9d:0c:88:8f:56:9f:0b:cd:f9:35:
5f:77:47:1b:70:fa:10:a3:18:36:5f:dd:f8:c6:4a:
9c:86:da:02:c1:d4:a3:b9:36:45:9f:7e:9d:fd:c9:
7a:b4:a5:3a:78:82:07:92:96:fd:2a:ba:18:25:8f:
cc:52:64:c6:e4:be:46:0d:20:80:0e:35:71:05:be:
0b:48:62:65:ee:7a:e4:2b:1e:c2:b9:1a:ad:7f:8e:
b9:9f:1a:de:e0:13:ad:91:0b:ac:28:cf:ef:42:7a:
1f:b5:15:5f:ba:b2:86:aa:8e:25:47:f9:3e:c5:63:
1f:f0:ce:8f:35:e3:6e:0e:be:12:d1:07:1e:50:5e:
8d:b3:c8:4e:e1:80:ea:48:44:d8:0f:c1:46:a1:4e:
e9:7d:28:22:84:36:74:a5:7f:d8:58:6a:cd:22:b4:
78:67:7b:25:e8:31:f1:ac:ee:b6:85:13:6b:3f:16:
2f:e6:bd:1b:4e:70:29:f1:df:17:fd:d2:e4:f6:81:
51:ef:86:5d:c4:f4:98:ef:a2:c8:87:53:00:80:38:
19:08:2c:5a:55:25:17:6f:55:52:14:6c:1a:b9:98:
cb:dc:39:1d:a6:9f:f3:43:85:0f:18:f1:3a:ff:40:
cf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:AB:3E:22:6E:77:D1:D0:B4:EA:03:C3:E6:F2:09:1C:11:5C:9F:0E
X509v3 Authority Key Identifier:
keyid:A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/LKs-Im530dC06gPD5vIJHBFcnw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/omhVmAsnPlrlfcG56yLp9fOnzfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.147.0.0/16
138.41.0.0/16
185.191.180.0/22
192.167.0.0/16
193.204.0.0-193.206.255.255
212.189.128.0/17
IPv6:
2001:760::/32
Signature Algorithm: sha256WithRSAEncryption
22:5b:b5:f3:0a:ec:96:d8:f5:51:cc:e1:2e:90:ae:d1:2e:14:
7f:80:64:aa:16:c9:ed:36:0f:60:a0:34:b4:6f:ea:19:b5:3f:
36:c3:fb:1c:66:b4:ce:30:18:9c:bd:0f:d4:63:84:58:ce:e8:
44:82:8d:c6:27:90:76:11:b6:76:0d:62:d0:89:64:2c:8f:a7:
61:fc:71:2c:f8:65:5c:2a:4c:92:f8:0d:41:f4:b7:3c:07:82:
84:f7:8c:f9:7d:d1:6e:ac:cb:17:ea:a4:d9:46:7d:db:54:17:
25:6c:30:be:75:bf:d1:06:85:09:8d:47:ed:f5:97:c1:29:4a:
63:c2:e0:82:9a:de:ae:2f:63:d4:5e:cb:d3:e0:df:6c:17:f2:
bf:a9:bb:c0:0f:78:74:51:13:47:1a:04:d7:ac:f0:57:49:2c:
d3:aa:00:a2:59:fc:f8:74:4f:82:20:52:7f:7a:59:7e:22:99:
cd:10:bd:ef:17:54:ed:06:35:fa:91:3e:f2:92:1f:b4:25:87:
9f:a2:c5:64:e4:28:82:22:07:82:86:28:34:26:77:ae:cd:a9:
9e:74:37:91:8d:4a:03:64:9a:eb:e5:35:b0:58:a6:30:45:36:
f1:af:c6:62:d1:80:05:8d:ee:af:4d:7c:7a:7d:8e:14:3b:17:
0c:18:67:c0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVub7g4vAYy5wAqTsCRx6paMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNjg1NTk4MGIyNzNlNWFlNTdkYzFiOWViMjJlOWY1ZjNh
N2NkZjcwHhcNMjMwMTAxMTc0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2FiM2UyMjZlNzdkMWQwYjRlYTAzYzNlNmYyMDkxYzExNWM5ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmZ1NODMDLSGyLjxOWWvB1sgGp0M
iI9WnwvN+TVfd0cbcPoQoxg2X934xkqchtoCwdSjuTZFn36d/cl6tKU6eIIHkpb9
KroYJY/MUmTG5L5GDSCADjVxBb4LSGJl7nrkKx7CuRqtf465nxre4BOtkQusKM/v
QnoftRVfurKGqo4lR/k+xWMf8M6PNeNuDr4S0QceUF6Ns8hO4YDqSETYD8FGoU7p
fSgihDZ0pX/YWGrNIrR4Z3sl6DHxrO62hRNrPxYv5r0bTnAp8d8X/dLk9oFR74Zd
xPSY76LIh1MAgDgZCCxaVSUXb1VSFGwauZjL3Dkdpp/zQ4UPGPE6/0DP3wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCyrPiJud9HQtOoDw+byCRwRXJ8OMB8GA1UdIwQY
MBaAFKJoVZgLJz5a5X3Buesi6fXzp833MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb21oVm1Bc25QbHJsZmNHNTZ5THA5Zk9uemZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84YWZkZGEtNmM2Yi00NTg3LThhMjEt
ODFlYjYxZjViNzFlLzEvTEtzLUltNTMwZEMwNmdQRDV2SUpIQkZjbnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84YWZkZGEtNmM2Yi00NTg3LThhMjEtODFlYjYxZjViNzFl
LzEvb21oVm1Bc25QbHJsZmNHNTZ5THA5Zk9uemZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWpMDAwCK
KQMEArm/tAMDAMCnMAoDAwLBzAMDAMHOAwQH1L2AMA0EAgACMAcDBQAgAQdgMA0G
CSqGSIb3DQEBCwUAA4IBAQAiW7XzCuyW2PVRzOEukK7RLhR/gGSqFsntNg9goDS0
b+oZtT82w/scZrTOMBicvQ/UY4RYzuhEgo3GJ5B2EbZ2DWLQiWQsj6dh/HEs+GVc
KkyS+A1B9Lc8B4KE94z5fdFurMsX6qTZRn3bVBclbDC+db/RBoUJjUft9ZfBKUpj
wuCCmt6uL2PUXsvT4N9sF/K/qbvAD3h0URNHGgTXrPBXSSzTqgCiWfz4dE+CIFJ/
ell+IpnNEL3vF1TtBjX6kT7ykh+0JYefosVk5CiCIgeChig0JneuzamedDeRjUoD
ZJrr5TWwWKYwRTbxr8Zi0YAFje6vTXx6fY4UOxcMGGfA
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:01 2024 by rpki-client on console-fra.rpki-client.org