Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/lz3bavUQc8O7bfBMg2Lxci2d3-Q.roa
File: lz3bavUQc8O7bfBMg2Lxci2d3-Q.roa (raw, json)
Hash identifier: C46m3+9HHiY2617k8F2jc+sO+zHYDv82n2fmQlkOUg8=
Subject key identifier: 97:3D:DB:6A:F5:10:73:C3:BB:6D:F0:4C:83:62:F1:72:2D:9D:DF:E4
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 01857155652D849669D733399057F1E6B73C
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/lz3bavUQc8O7bfBMg2Lxci2d3-Q.roa
Signing time: Mon 02 Jan 2023 07:14:59 +0000
ROA not before: Mon 02 Jan 2023 07:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 37.0.9.0/24 maxlen: 24
37.0.12.0/23 maxlen: 24
85.202.170.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 05:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:65:2d:84:96:69:d7:33:39:90:57:f1:e6:b7:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 2 07:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=973ddb6af51073c3bb6df04c8362f1722d9ddfe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:bf:73:0f:4e:c2:59:f4:57:24:20:95:0b:
d3:9d:28:68:02:e3:cf:b6:db:69:51:01:f5:4c:8c:
42:ef:2c:f3:de:b9:a1:67:6d:93:da:11:cb:41:1d:
fc:fe:b1:7b:fc:31:95:db:52:c2:ad:a9:dd:08:b4:
e5:d6:3e:56:6d:d6:a0:9c:7f:54:bd:12:1c:62:af:
70:bd:4e:04:97:90:4c:de:a4:aa:c1:80:98:e2:6b:
78:9f:8c:2b:74:da:e8:f6:13:bb:ea:bd:61:04:12:
fd:0d:c9:1e:b0:f9:e0:07:29:4f:e3:96:e2:8c:94:
43:bc:ed:c8:e8:cd:07:be:98:4e:37:e1:5b:8a:2c:
30:b6:48:fa:07:6a:d6:29:78:f0:c1:94:f1:40:9f:
45:55:81:17:4d:45:16:bc:f1:c7:5e:51:56:eb:8b:
38:cb:43:31:d4:2e:cc:f0:f0:9e:89:10:71:34:e2:
d3:1f:38:b5:fc:d7:da:9e:28:21:21:cb:6a:c3:56:
b8:35:f6:f0:af:24:68:9c:99:33:31:fa:7a:a7:8f:
a1:a2:dc:29:17:f3:ea:b3:20:90:46:b5:40:e0:e0:
75:84:c1:c4:b3:4f:d4:10:7b:28:4e:36:e4:68:62:
26:0d:03:72:55:cb:a5:ea:33:6c:dc:d4:30:f3:94:
f0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3D:DB:6A:F5:10:73:C3:BB:6D:F0:4C:83:62:F1:72:2D:9D:DF:E4
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/lz3bavUQc8O7bfBMg2Lxci2d3-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.9.0/24
37.0.12.0/23
85.202.170.0/23
Signature Algorithm: sha256WithRSAEncryption
49:84:86:23:1c:7a:59:34:4c:4b:cc:b1:a4:44:de:8c:02:93:
10:fc:96:71:b9:e2:f4:d0:f2:11:76:26:24:0c:10:68:a4:f6:
7d:29:4f:2f:38:12:42:70:e6:3c:50:8a:01:60:f9:28:d4:c2:
40:83:74:37:67:e5:ba:8a:b0:92:46:0e:9d:14:d2:30:63:83:
72:00:7f:5d:aa:80:ee:96:d8:d1:7f:42:1a:d5:72:80:8e:0b:
81:75:95:12:e4:9d:97:3a:54:b5:cb:c1:d7:d7:d3:cf:e8:68:
9e:c4:7b:7d:be:71:47:eb:e6:c9:53:11:6e:1e:9d:b2:b0:d5:
d5:b8:44:11:77:4a:bb:97:e8:36:71:5e:fc:98:b4:cf:be:75:
a1:27:33:61:d7:fc:50:8b:64:bd:98:8b:37:85:5b:32:11:bc:
d3:b2:fc:b0:2f:de:e4:37:bb:f0:e5:05:b8:02:fc:ff:81:a4:
0b:e5:3d:f7:f8:74:e9:be:d6:91:73:4c:77:cb:f1:a2:c0:c9:
1c:5b:69:c4:49:00:0f:86:57:44:7c:bf:f6:0c:06:f8:2e:db:
5b:00:57:c7:32:7c:7b:53:28:ad:97:2e:34:c4:ec:04:13:fb:
f6:1d:ee:10:3e:3e:2d:ae:bc:99:a9:a6:35:31:c1:19:18:05:
f8:d7:ec:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxVWUthJZp1zM5kFfx5rc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjMwMTAyMDcxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNkZGI2YWY1MTA3M2MzYmI2ZGYwNGM4MzYyZjE3MjJkOWRkZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbO/cw9Owln0VyQglQvTnShoAuPP
tttpUQH1TIxC7yzz3rmhZ22T2hHLQR38/rF7/DGV21LCrandCLTl1j5WbdagnH9U
vRIcYq9wvU4El5BM3qSqwYCY4mt4n4wrdNro9hO76r1hBBL9DckesPngBylP45bi
jJRDvO3I6M0HvphON+Fbiiwwtkj6B2rWKXjwwZTxQJ9FVYEXTUUWvPHHXlFW64s4
y0Mx1C7M8PCeiRBxNOLTHzi1/NfanighIctqw1a4NfbwryRonJkzMfp6p4+hotwp
F/PqsyCQRrVA4OB1hMHEs0/UEHsoTjbkaGImDQNyVcul6jNs3NQw85TwEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJc922r1EHPDu23wTINi8XItnd/kMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvbHozYmF2VVFjOE83YmZCTWcyTHhjaTJkMy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJQAJAwQB
JQAMAwQBVcqqMA0GCSqGSIb3DQEBCwUAA4IBAQBJhIYjHHpZNExLzLGkRN6MApMQ
/JZxueL00PIRdiYkDBBopPZ9KU8vOBJCcOY8UIoBYPko1MJAg3Q3Z+W6irCSRg6d
FNIwY4NyAH9dqoDultjRf0Ia1XKAjguBdZUS5J2XOlS1y8HX19PP6GiexHt9vnFH
6+bJUxFuHp2ysNXVuEQRd0q7l+g2cV78mLTPvnWhJzNh1/xQi2S9mIs3hVsyEbzT
svywL97kN7vw5QW4Avz/gaQL5T33+HTpvtaRc0x3y/GiwMkcW2nESQAPhldEfL/2
DAb4LttbAFfHMnx7Uyitly40xOwEE/v2He4QPj4trryZqaY1McEZGAX41+xO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:56 2024 by rpki-client on console-fra.rpki-client.org