Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lgrXXrp9hwMzzbtYmivB1sGFUCU.roa
File: lgrXXrp9hwMzzbtYmivB1sGFUCU.roa (raw, json)
Hash identifier: vnlvhNdNSo5Eq4DViBMAqZ3hNWlrRcu+iJc+NuXqQ3I=
Subject key identifier: 96:0A:D7:5E:BA:7D:87:03:33:CD:BB:58:9A:2B:C1:D6:C1:85:50:25
Certificate issuer: /CN=970ebd0469a5c69c1098971caab36fe032ece311
Certificate serial: 01856FF955F56E92BBDBF0F3BB0E44427834
Authority key identifier: 97:0E:BD:04:69:A5:C6:9C:10:98:97:1C:AA:B3:6F:E0:32:EC:E3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lw69BGmlxpwQmJccqrNv4DLs4xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lgrXXrp9hwMzzbtYmivB1sGFUCU.roa
Signing time: Mon 02 Jan 2023 00:54:49 +0000
ROA not before: Mon 02 Jan 2023 00:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 786
IP address blocks: 149.157.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:55:f5:6e:92:bb:db:f0:f3:bb:0e:44:42:78:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=970ebd0469a5c69c1098971caab36fe032ece311
Validity
Not Before: Jan 2 00:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=960ad75eba7d870333cdbb589a2bc1d6c1855025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e8:4b:6e:b8:c9:c8:22:82:ea:b4:8f:12:ae:
f2:e6:a3:99:93:c5:ad:33:e3:0b:a7:b9:be:8d:91:
33:5a:b4:f7:63:8c:0f:79:77:a4:0a:ae:d2:3c:22:
ce:e7:ad:93:98:d4:40:0b:b6:7d:86:a4:bb:ae:59:
a6:5e:46:42:a1:92:af:b8:5f:a2:1f:25:7d:4e:9e:
f3:69:b0:3c:05:67:3c:51:03:02:83:ca:c5:39:98:
8e:e9:06:64:37:82:6f:e1:8c:64:40:03:f3:11:32:
21:b5:13:3b:70:ac:7f:b1:f0:f9:b6:e5:ec:87:fd:
1b:dc:e0:45:1a:2f:d2:a3:69:25:75:54:a6:7f:29:
c2:32:19:21:eb:dc:a7:01:6c:63:8b:d9:e5:9a:29:
f7:f9:15:eb:25:15:5c:f7:24:4a:4d:2a:79:22:d1:
bb:25:f9:a7:d4:6e:d1:5b:a9:5e:a2:ba:32:ab:fb:
70:0e:5e:7b:84:52:4c:f3:86:85:c5:88:b4:6b:d2:
d0:84:45:be:2b:a6:02:e8:7c:b5:5f:fc:07:8d:94:
3d:9f:43:2b:fa:8b:e7:90:3f:b5:d0:f3:1b:4f:98:
4f:07:be:f7:64:dc:aa:70:fc:44:ed:aa:4a:cd:ff:
4d:5e:01:dd:a8:63:fc:22:91:dd:38:a9:75:be:90:
39:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0A:D7:5E:BA:7D:87:03:33:CD:BB:58:9A:2B:C1:D6:C1:85:50:25
X509v3 Authority Key Identifier:
keyid:97:0E:BD:04:69:A5:C6:9C:10:98:97:1C:AA:B3:6F:E0:32:EC:E3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lw69BGmlxpwQmJccqrNv4DLs4xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lgrXXrp9hwMzzbtYmivB1sGFUCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lw69BGmlxpwQmJccqrNv4DLs4xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.157.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:02:a7:a2:a1:2a:a1:d7:e6:90:24:36:42:4a:d2:64:0c:b8:
39:5d:a6:1b:73:ab:26:d7:4f:8e:62:4b:4f:23:9b:d4:db:21:
29:04:61:7c:37:7b:af:4b:2d:3e:0a:28:75:80:a8:34:80:41:
5f:c8:3e:a9:48:ec:73:5a:38:5f:08:43:6e:14:40:ae:41:7a:
66:23:10:8a:c9:d8:ec:3d:11:0f:54:16:94:1d:23:e5:b4:4a:
c5:45:ae:4b:84:c3:eb:50:d9:c3:c1:8d:42:19:3d:43:67:b6:
12:02:20:4b:e1:05:6d:5f:c0:33:4c:2c:46:d5:82:3e:35:2f:
08:65:d6:42:58:54:b1:ca:54:73:52:cf:ae:ee:ee:6e:19:1a:
92:ed:76:3a:38:69:83:73:f3:df:f7:01:c6:f4:90:e9:bb:2a:
30:b5:56:f4:a5:8e:ef:08:65:ed:16:c1:f8:15:91:c5:9f:a5:
55:90:8a:40:11:be:bc:4e:05:d0:77:a6:61:45:b1:5c:8e:87:
2e:3c:57:90:22:25:ab:f1:af:2e:a8:0a:aa:22:9b:49:ca:9a:
d9:ac:76:5f:a8:53:d9:c0:e6:37:86:f7:bd:f2:cf:b5:7e:10:
cf:e8:f7:a7:b9:a9:ce:ec:06:3c:a0:09:61:87:6c:a2:29:42:
77:2c:e3:ca
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVv+VX1bpK72/Dzuw5EQng0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MGViZDA0NjlhNWM2OWMxMDk4OTcxY2FhYjM2ZmUwMzJl
Y2UzMTEwHhcNMjMwMTAyMDA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjBhZDc1ZWJhN2Q4NzAzMzNjZGJiNTg5YTJiYzFkNmMxODU1MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouhLbrjJyCKC6rSPEq7y5qOZk8Wt
M+MLp7m+jZEzWrT3Y4wPeXekCq7SPCLO562TmNRAC7Z9hqS7rlmmXkZCoZKvuF+i
HyV9Tp7zabA8BWc8UQMCg8rFOZiO6QZkN4Jv4YxkQAPzETIhtRM7cKx/sfD5tuXs
h/0b3OBFGi/So2kldVSmfynCMhkh69ynAWxji9nlmin3+RXrJRVc9yRKTSp5ItG7
Jfmn1G7RW6leoroyq/twDl57hFJM84aFxYi0a9LQhEW+K6YC6Hy1X/wHjZQ9n0Mr
+ovnkD+10PMbT5hPB773ZNyqcPxE7apKzf9NXgHdqGP8IpHdOKl1vpA5rQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJYK1166fYcDM827WJorwdbBhVAlMB8GA1UdIwQY
MBaAFJcOvQRppcacEJiXHKqzb+Ay7OMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHc2OUJHbWx4cHdRbUpjY3FyTnY0RExzNHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82MjAwMWEtYTMxMy00ZTMzLWJiMDQt
OTE0YjRiMzRmOTgxLzEvbGdyWFhycDlod016emJ0WW1pdkIxc0dGVUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82MjAwMWEtYTMxMy00ZTMzLWJiMDQtOTE0YjRiMzRmOTgx
LzEvbHc2OUJHbWx4cHdRbUpjY3FyTnY0RExzNHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlZ0wDQYJ
KoZIhvcNAQELBQADggEBAJYCp6KhKqHX5pAkNkJK0mQMuDldphtzqybXT45iS08j
m9TbISkEYXw3e69LLT4KKHWAqDSAQV/IPqlI7HNaOF8IQ24UQK5BemYjEIrJ2Ow9
EQ9UFpQdI+W0SsVFrkuEw+tQ2cPBjUIZPUNnthICIEvhBW1fwDNMLEbVgj41Lwhl
1kJYVLHKVHNSz67u7m4ZGpLtdjo4aYNz89/3Acb0kOm7KjC1VvSlju8IZe0WwfgV
kcWfpVWQikARvrxOBdB3pmFFsVyOhy48V5AiJavxry6oCqoim0nKmtmsdl+oU9nA
5jeG973yz7V+EM/o96e5qc7sBjygCWGHbKIpQncs48o=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:25 2024 by rpki-client on console-fra.rpki-client.org