Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/LcyzcoRZCytLKMk6YUc8GNznDRE.roa
File: LcyzcoRZCytLKMk6YUc8GNznDRE.roa (raw, json)
Hash identifier: e97tITiTRtnp9qnqysQLj7mc40YfZbUegOFAgAgprqo=
Subject key identifier: 2D:CC:B3:72:84:59:0B:2B:4B:28:C9:3A:61:47:3C:18:DC:E7:0D:11
Certificate issuer: /CN=1ccd05226cb4c1979f96a06d2eb6683b5b0f6a8e
Certificate serial: 01857246B7FB3AFAF47F8D55D09D8933432A
Authority key identifier: 1C:CD:05:22:6C:B4:C1:97:9F:96:A0:6D:2E:B6:68:3B:5B:0F:6A:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HM0FImy0wZeflqBtLrZoO1sPao4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/LcyzcoRZCytLKMk6YUc8GNznDRE.roa
Signing time: Mon 02 Jan 2023 11:38:35 +0000
ROA not before: Mon 02 Jan 2023 11:38:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15699
IP address blocks: 37.46.72.0/21 maxlen: 32
185.32.28.0/22 maxlen: 32
185.32.28.0/24 maxlen: 32
2a00:6640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:b7:fb:3a:fa:f4:7f:8d:55:d0:9d:89:33:43:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ccd05226cb4c1979f96a06d2eb6683b5b0f6a8e
Validity
Not Before: Jan 2 11:38:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dccb37284590b2b4b28c93a61473c18dce70d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:96:ea:72:76:67:2e:14:5a:25:c4:4c:4c:6c:
e6:c9:61:b4:ff:28:c6:e8:20:a9:ce:fa:c3:3c:3b:
97:80:16:97:bd:32:38:e3:21:78:f1:db:bf:e8:b1:
92:ed:f9:ef:d0:87:80:b0:71:f2:45:47:94:e1:5e:
f9:20:ee:d4:aa:9f:b0:f3:9c:44:c6:19:69:e6:98:
3c:f4:cf:af:03:fb:6f:54:8f:2f:44:f2:a6:74:2b:
aa:01:d8:77:6a:d1:67:d5:48:fa:59:1a:4b:5d:2b:
60:af:04:1b:a8:d7:f3:6e:09:61:a1:83:f9:32:eb:
59:ed:16:15:6d:74:aa:97:23:f4:9e:97:36:f3:c3:
8a:f4:3c:69:c2:6f:c0:6f:a1:bf:2e:a4:0a:6e:12:
29:10:b1:52:16:ab:d6:aa:69:53:59:43:22:3b:f5:
c6:2f:5d:34:43:47:53:96:8e:db:d4:71:92:43:42:
1c:f3:1e:ff:d7:7c:bd:3e:85:01:2d:c3:93:7b:9a:
1c:63:00:a6:bf:47:c7:20:87:e4:d7:a2:31:11:3b:
51:10:01:48:c4:3b:f3:cf:38:92:d2:b4:10:05:55:
04:d3:1d:31:a8:e5:8d:25:80:05:8a:93:78:1d:5c:
43:df:a5:43:0a:83:ec:22:74:f7:fd:b8:34:0d:0b:
c5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CC:B3:72:84:59:0B:2B:4B:28:C9:3A:61:47:3C:18:DC:E7:0D:11
X509v3 Authority Key Identifier:
keyid:1C:CD:05:22:6C:B4:C1:97:9F:96:A0:6D:2E:B6:68:3B:5B:0F:6A:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HM0FImy0wZeflqBtLrZoO1sPao4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/LcyzcoRZCytLKMk6YUc8GNznDRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/HM0FImy0wZeflqBtLrZoO1sPao4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.72.0/21
185.32.28.0/22
IPv6:
2a00:6640::/32
Signature Algorithm: sha256WithRSAEncryption
b4:94:86:3b:48:58:71:13:5f:2e:b8:29:4a:4a:77:a8:73:a1:
69:53:d0:d6:7b:c5:14:21:81:12:c3:eb:82:34:9d:55:56:9d:
55:f6:2c:6d:5b:55:8d:2a:c5:e4:bc:ca:18:54:9a:45:7d:12:
01:09:aa:24:e2:e2:af:a3:d6:72:04:0d:fb:7a:9c:65:48:d1:
cb:28:66:51:c8:6d:2e:56:1c:9a:96:0c:8f:ba:35:05:22:9e:
6d:0e:b2:cb:5b:5f:6c:0e:de:6f:88:d6:3d:f3:2e:8b:f3:a8:
98:4c:0c:d7:92:1f:77:75:db:56:75:ba:4c:87:5c:89:ab:c3:
74:d5:9b:a9:65:3d:d7:04:79:46:8e:9c:59:56:77:4c:7d:bc:
9b:32:11:1b:bb:a3:48:25:63:c3:29:20:8a:b3:20:f6:68:56:
88:2f:5d:10:85:fc:61:53:b4:05:ba:2a:9d:b1:cf:77:77:dd:
9c:c7:70:40:ef:d9:86:95:b1:ec:17:f1:64:75:eb:df:94:6d:
fd:d3:b3:4b:cd:a7:eb:96:e0:09:02:75:75:df:29:fa:6f:af:
9b:b4:cf:8e:43:d1:11:3c:8a:40:d1:5c:b1:0e:74:29:42:c5:
1d:ce:5d:8b:d3:71:97:b4:c7:00:8e:9d:f6:2c:34:de:66:f4:
10:7d:7b:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyRrf7Ovr0f41V0J2JM0MqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjY2QwNTIyNmNiNGMxOTc5Zjk2YTA2ZDJlYjY2ODNiNWIw
ZjZhOGUwHhcNMjMwMTAyMTEzODM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNjYjM3Mjg0NTkwYjJiNGIyOGM5M2E2MTQ3M2MxOGRjZTcwZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpbqcnZnLhRaJcRMTGzmyWG0/yjG
6CCpzvrDPDuXgBaXvTI44yF48du/6LGS7fnv0IeAsHHyRUeU4V75IO7Uqp+w85xE
xhlp5pg89M+vA/tvVI8vRPKmdCuqAdh3atFn1Uj6WRpLXStgrwQbqNfzbglhoYP5
MutZ7RYVbXSqlyP0npc288OK9Dxpwm/Ab6G/LqQKbhIpELFSFqvWqmlTWUMiO/XG
L100Q0dTlo7b1HGSQ0Ic8x7/13y9PoUBLcOTe5ocYwCmv0fHIIfk16IxETtREAFI
xDvzzziS0rQQBVUE0x0xqOWNJYAFipN4HVxD36VDCoPsInT3/bg0DQvFXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC3Ms3KEWQsrSyjJOmFHPBjc5w0RMB8GA1UdIwQY
MBaAFBzNBSJstMGXn5agbS62aDtbD2qOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE0wRklteTB3WmVmbHFCdExyWm9PMXNQYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lMjE3MzktYjAwYi00MWM4LWE2NDUt
ZGI5YzNhMGMwOGI5LzEvTGN5emNvUlpDeXRMS01rNllVYzhHTnpuRFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lMjE3MzktYjAwYi00MWM4LWE2NDUtZGI5YzNhMGMwOGI5
LzEvSE0wRklteTB3WmVmbHFCdExyWm9PMXNQYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJS5IAwQC
uSAcMA0EAgACMAcDBQAqAGZAMA0GCSqGSIb3DQEBCwUAA4IBAQC0lIY7SFhxE18u
uClKSneoc6FpU9DWe8UUIYESw+uCNJ1VVp1V9ixtW1WNKsXkvMoYVJpFfRIBCaok
4uKvo9ZyBA37epxlSNHLKGZRyG0uVhyalgyPujUFIp5tDrLLW19sDt5viNY98y6L
86iYTAzXkh93ddtWdbpMh1yJq8N01ZupZT3XBHlGjpxZVndMfbybMhEbu6NIJWPD
KSCKsyD2aFaIL10QhfxhU7QFuiqdsc93d92cx3BA79mGlbHsF/FkdevflG3907NL
zafrluAJAnV13yn6b6+btM+OQ9ERPIpA0VyxDnQpQsUdzl2L03GXtMcAjp32LDTe
ZvQQfXsw
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:17 2024 by rpki-client on console-ams.rpki-client.org