Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/LXKzbDebzxzLwvej93rBpYo4vlI.roa
File: LXKzbDebzxzLwvej93rBpYo4vlI.roa (raw, json)
Hash identifier: RtcqDQ+7Ww8AM+UPkDxysIOIM9hQ288u0jtUU23VCsM=
Subject key identifier: 2D:72:B3:6C:37:9B:CF:1C:CB:C2:F7:A3:F7:7A:C1:A5:8A:38:BE:52
Certificate issuer: /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial: 01856D38603BE0F4A58363D8A6AB1F4A247B
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/LXKzbDebzxzLwvej93rBpYo4vlI.roa
Signing time: Sun 01 Jan 2023 12:04:49 +0000
ROA not before: Sun 01 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60422
IP address blocks: 188.116.39.0/24 maxlen: 24
185.31.76.0/22 maxlen: 22
2a00:b920::/40 maxlen: 40
2a00:b920::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:60:3b:e0:f4:a5:83:63:d8:a6:ab:1f:4a:24:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Validity
Not Before: Jan 1 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d72b36c379bcf1ccbc2f7a3f77ac1a58a38be52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b1:a8:fe:ae:5c:68:4c:b5:7e:e0:51:85:ec:
e0:2e:8c:13:8c:84:a3:3b:10:e6:16:80:be:0f:a1:
fc:36:fa:90:26:67:f1:7d:d2:01:27:50:82:b1:48:
b8:50:45:95:72:11:5d:97:ac:ea:f4:cb:85:91:26:
8b:fc:a4:b6:bf:4c:da:f7:66:c0:af:72:82:30:74:
fd:f6:61:36:54:cd:68:77:b6:30:c3:29:47:87:c8:
16:c3:c8:5f:47:2a:b0:ab:af:81:f2:ca:ca:62:b7:
01:0a:e4:a4:b1:f7:e4:9f:50:06:6f:d9:96:d1:55:
21:e3:03:eb:16:25:76:24:07:b2:eb:f2:28:51:d2:
a4:c6:62:ef:43:03:40:62:49:d5:bb:2d:78:52:60:
26:80:e4:dc:07:76:dc:c7:38:8e:ab:7a:ee:c0:fa:
2a:97:c7:3f:ef:5d:b7:5a:08:cc:7e:99:53:a0:d0:
75:b8:01:7e:c6:bd:56:98:95:37:be:43:b2:95:8a:
c5:08:c9:0a:ec:8a:a5:ef:a1:80:bf:61:89:2b:3a:
de:b4:eb:12:c8:80:97:e9:00:ea:66:d9:e9:6c:4e:
f5:8d:d3:34:94:c1:e5:cb:2f:67:c4:db:7c:b1:d9:
ad:f7:78:99:57:83:ed:bc:53:9a:3d:f0:a7:e9:45:
1e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:72:B3:6C:37:9B:CF:1C:CB:C2:F7:A3:F7:7A:C1:A5:8A:38:BE:52
X509v3 Authority Key Identifier:
keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/LXKzbDebzxzLwvej93rBpYo4vlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.76.0/22
188.116.39.0/24
IPv6:
2a00:b920::/32
Signature Algorithm: sha256WithRSAEncryption
84:de:b8:cc:01:82:66:1c:6e:35:94:db:a9:d7:e2:af:b7:55:
d6:ca:c5:80:47:6a:55:87:06:81:d4:c1:80:b7:b5:3e:28:41:
01:2d:fd:32:bb:43:8f:8a:4a:1a:61:42:5b:77:54:50:0a:f4:
e5:27:bc:37:10:ce:bb:18:e6:5d:fe:e2:bf:88:84:57:f5:b3:
80:b4:9e:ca:0d:6e:c1:f1:80:2b:ed:01:95:b0:00:d7:c5:3a:
7b:02:4d:f5:db:ce:1d:90:c0:b4:33:00:0a:03:d4:99:27:42:
22:4a:1f:f5:ba:ef:b2:18:70:23:bd:3a:40:0a:49:3e:68:0a:
63:11:51:8d:f4:8b:cc:e7:dd:6e:2d:ed:ef:77:0e:05:80:fc:
90:8b:64:6e:f9:0d:ef:9f:af:42:df:b9:82:c2:56:bd:4e:9b:
de:45:b1:12:44:f3:1f:29:96:1d:e4:85:c5:b6:35:c3:02:83:
2a:f1:5a:d9:0e:0c:3e:0e:a3:d5:90:63:7f:b9:e0:28:d1:af:
76:f5:27:30:bd:2e:f3:19:93:f7:b4:9e:1e:67:7d:48:22:a9:
20:71:ee:19:59:06:97:23:90:e7:cb:f2:74:7e:62:63:69:d7:
0e:63:cb:c8:38:df:bb:91:cf:e8:c6:8d:73:98:78:79:ee:c5:
a3:46:44:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtOGA74PSlg2PYpqsfSiR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdmZjJhNzMzZTMzYmVhZjUzNDk0YTkwZWVjMTUyYmJj
NzU4YmMwHhcNMjMwMTAxMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDcyYjM2YzM3OWJjZjFjY2JjMmY3YTNmNzdhYzFhNThhMzhiZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobGo/q5caEy1fuBRhezgLowTjISj
OxDmFoC+D6H8NvqQJmfxfdIBJ1CCsUi4UEWVchFdl6zq9MuFkSaL/KS2v0za92bA
r3KCMHT99mE2VM1od7YwwylHh8gWw8hfRyqwq6+B8srKYrcBCuSksffkn1AGb9mW
0VUh4wPrFiV2JAey6/IoUdKkxmLvQwNAYknVuy14UmAmgOTcB3bcxziOq3ruwPoq
l8c/7123WgjMfplToNB1uAF+xr1WmJU3vkOylYrFCMkK7Iql76GAv2GJKzretOsS
yICX6QDqZtnpbE71jdM0lMHlyy9nxNt8sdmt93iZV4PtvFOaPfCn6UUeCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC1ys2w3m88cy8L3o/d6waWKOL5SMB8GA1UdIwQY
MBaAFLKH/ypzPjO+r1NJSpDuwVK7x1i8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYt
NGY1ZWMwYTdlMDA2LzEvTFhLemJEZWJ6eHpMd3ZlajkzckJwWW80dmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYtNGY1ZWMwYTdlMDA2
LzEvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuR9MAwQA
vHQnMA0EAgACMAcDBQAqALkgMA0GCSqGSIb3DQEBCwUAA4IBAQCE3rjMAYJmHG41
lNup1+Kvt1XWysWAR2pVhwaB1MGAt7U+KEEBLf0yu0OPikoaYUJbd1RQCvTlJ7w3
EM67GOZd/uK/iIRX9bOAtJ7KDW7B8YAr7QGVsADXxTp7Ak31284dkMC0MwAKA9SZ
J0IiSh/1uu+yGHAjvTpACkk+aApjEVGN9IvM591uLe3vdw4FgPyQi2Ru+Q3vn69C
37mCwla9TpveRbESRPMfKZYd5IXFtjXDAoMq8VrZDgw+DqPVkGN/ueAo0a929Scw
vS7zGZP3tJ4eZ31IIqkgce4ZWQaXI5Dny/J0fmJjadcOY8vION+7kc/oxo1zmHh5
7sWjRkR5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:42 2024 by rpki-client on console-ams.rpki-client.org