Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/12bd09-6917-4b10-8623-335c2a52a71a/1/20LuzmoNHTRGlFDn_yUekpNNK00.roa
File: 20LuzmoNHTRGlFDn_yUekpNNK00.roa (raw, json)
Hash identifier: pGyCYGmTtToVlh2Y1dSJe1GYp19JYd94Z7gqcO3vjrc=
Subject key identifier: DB:42:EE:CE:6A:0D:1D:34:46:94:50:E7:FF:25:1E:92:93:4D:2B:4D
Certificate issuer: /CN=465e78a5ec57231c693d654544618c6782d6190a
Certificate serial: 01856F8B72262FB8315B9E58D87701E25E57
Authority key identifier: 46:5E:78:A5:EC:57:23:1C:69:3D:65:45:44:61:8C:67:82:D6:19:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl54pexXIxxpPWVFRGGMZ4LWGQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/12bd09-6917-4b10-8623-335c2a52a71a/1/20LuzmoNHTRGlFDn_yUekpNNK00.roa
Signing time: Sun 01 Jan 2023 22:54:47 +0000
ROA not before: Sun 01 Jan 2023 22:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51540
IP address blocks: 46.31.145.0/24 maxlen: 24
46.31.144.0/24 maxlen: 24
185.198.196.0/24 maxlen: 24
185.198.197.0/24 maxlen: 24
185.198.198.0/24 maxlen: 24
185.198.199.0/24 maxlen: 24
46.31.146.0/24 maxlen: 24
46.31.147.0/24 maxlen: 24
46.31.148.0/24 maxlen: 24
46.31.149.0/24 maxlen: 24
46.31.150.0/24 maxlen: 24
46.31.151.0/24 maxlen: 24
185.14.20.0/24 maxlen: 24
185.14.21.0/24 maxlen: 24
185.14.22.0/24 maxlen: 24
185.14.23.0/24 maxlen: 24
2a03:6c40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:72:26:2f:b8:31:5b:9e:58:d8:77:01:e2:5e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465e78a5ec57231c693d654544618c6782d6190a
Validity
Not Before: Jan 1 22:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db42eece6a0d1d34469450e7ff251e92934d2b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b1:f6:93:95:de:ec:4c:cb:85:b9:76:40:ff:
c0:04:48:53:08:e1:44:4d:26:be:9a:82:7e:48:ae:
7c:71:5d:08:a5:80:49:10:f4:96:b8:b2:46:0d:b5:
e6:aa:af:c3:37:9e:cf:c3:7c:54:b2:c3:ab:ac:2f:
a7:c4:86:9f:98:c3:79:f9:c3:14:ba:89:7e:33:c9:
36:02:94:13:5e:f8:0b:4e:cc:31:f6:a4:f6:44:76:
45:54:78:35:22:6f:8c:4c:cc:6f:ba:58:fa:45:7b:
3f:cf:34:95:eb:55:ad:a8:db:9e:bb:ca:5a:f6:82:
f2:37:2e:f3:ab:e5:d5:83:94:1a:8c:65:87:76:ba:
f1:e8:28:30:50:e5:fd:b9:b4:3e:32:60:7d:cd:ef:
f4:f4:f5:06:ff:c7:9b:e2:ec:cd:86:86:57:23:d3:
c2:90:1f:d5:b3:2e:5f:3c:b2:59:a5:86:3d:0e:11:
a2:34:77:a7:4e:0b:4a:49:61:15:82:22:46:8b:33:
b1:d0:fd:f1:ac:5e:2b:6c:d1:97:f0:a3:79:00:f1:
5d:23:6b:67:04:92:d6:16:de:22:35:f4:4b:3f:90:
f7:f7:c0:37:18:8c:b0:69:bd:c3:8b:6c:42:b9:78:
1d:fe:3a:b3:13:be:86:17:71:00:16:b9:ee:eb:de:
08:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:42:EE:CE:6A:0D:1D:34:46:94:50:E7:FF:25:1E:92:93:4D:2B:4D
X509v3 Authority Key Identifier:
keyid:46:5E:78:A5:EC:57:23:1C:69:3D:65:45:44:61:8C:67:82:D6:19:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl54pexXIxxpPWVFRGGMZ4LWGQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/12bd09-6917-4b10-8623-335c2a52a71a/1/20LuzmoNHTRGlFDn_yUekpNNK00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/12bd09-6917-4b10-8623-335c2a52a71a/1/Rl54pexXIxxpPWVFRGGMZ4LWGQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.144.0/21
185.14.20.0/22
185.198.196.0/22
IPv6:
2a03:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
01:27:f9:e8:3f:1b:ff:6a:cc:16:a4:c6:b9:1c:c5:93:8d:43:
cd:75:6e:aa:20:82:cf:0b:7c:3c:5b:e3:fb:f5:54:54:82:a7:
9b:5b:d7:f9:d3:ee:d9:b1:26:61:78:dd:1e:03:b1:dc:d4:13:
83:00:40:b3:37:13:78:3d:22:39:eb:64:79:de:07:d0:b1:63:
54:3a:45:b3:e7:f3:4f:12:c8:d8:12:8d:51:a1:60:61:72:c3:
3d:4f:33:cf:ab:5b:7c:bb:1e:72:31:25:50:92:5e:ad:ec:49:
18:a7:f5:20:a3:01:04:7d:6c:31:a9:d3:02:f1:2b:11:68:81:
35:90:95:c8:ad:f9:4c:b2:3c:3b:8c:0a:13:7f:00:7b:86:bf:
18:31:e4:4c:f0:02:91:58:eb:37:24:df:eb:a5:4f:be:7f:87:
0c:a9:8e:4e:d7:ba:48:ab:e9:54:5f:da:71:5a:ba:eb:a8:2b:
27:3d:ac:0f:15:63:0f:84:73:18:16:93:15:ae:c3:40:c0:d2:
b9:fa:ec:99:58:84:be:fa:6b:55:77:47:22:51:34:74:5b:04:
fe:73:d0:fd:ed:50:34:bd:3c:9f:f5:7e:c6:88:8c:f9:e5:c7:
04:73:89:6d:8f:bc:02:2f:c8:3e:d3:b5:21:8c:8b:20:44:64:
b6:8a:28:c6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvi3ImL7gxW55Y2HcB4l5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWU3OGE1ZWM1NzIzMWM2OTNkNjU0NTQ0NjE4YzY3ODJk
NjE5MGEwHhcNMjMwMTAxMjI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQyZWVjZTZhMGQxZDM0NDY5NDUwZTdmZjI1MWU5MjkzNGQyYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rH2k5Xe7EzLhbl2QP/ABEhTCOFE
TSa+moJ+SK58cV0IpYBJEPSWuLJGDbXmqq/DN57Pw3xUssOrrC+nxIafmMN5+cMU
uol+M8k2ApQTXvgLTswx9qT2RHZFVHg1Im+MTMxvulj6RXs/zzSV61WtqNueu8pa
9oLyNy7zq+XVg5QajGWHdrrx6CgwUOX9ubQ+MmB9ze/09PUG/8eb4uzNhoZXI9PC
kB/Vsy5fPLJZpYY9DhGiNHenTgtKSWEVgiJGizOx0P3xrF4rbNGX8KN5APFdI2tn
BJLWFt4iNfRLP5D398A3GIywab3Di2xCuXgd/jqzE76GF3EAFrnu694IrQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNtC7s5qDR00RpRQ5/8lHpKTTStNMB8GA1UdIwQY
MBaAFEZeeKXsVyMcaT1lRURhjGeC1hkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw1NHBleFhJeHhwUFdWRlJHR01aNExXR1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMmJkMDktNjkxNy00YjEwLTg2MjMt
MzM1YzJhNTJhNzFhLzEvMjBMdXptb05IVFJHbEZEbl95VWVrcE5OSzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMmJkMDktNjkxNy00YjEwLTg2MjMtMzM1YzJhNTJhNzFh
LzEvUmw1NHBleFhJeHhwUFdWRlJHR01aNExXR1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLh+QAwQC
uQ4UAwQCucbEMA0EAgACMAcDBQAqA2xAMA0GCSqGSIb3DQEBCwUAA4IBAQABJ/no
Pxv/aswWpMa5HMWTjUPNdW6qIILPC3w8W+P79VRUgqebW9f50+7ZsSZheN0eA7Hc
1BODAECzNxN4PSI562R53gfQsWNUOkWz5/NPEsjYEo1RoWBhcsM9TzPPq1t8ux5y
MSVQkl6t7EkYp/UgowEEfWwxqdMC8SsRaIE1kJXIrflMsjw7jAoTfwB7hr8YMeRM
8AKRWOs3JN/rpU++f4cMqY5O17pIq+lUX9pxWrrrqCsnPawPFWMPhHMYFpMVrsNA
wNK5+uyZWIS++mtVd0ciUTR0WwT+c9D97VA0vTyf9X7GiIz55ccEc4ltj7wCL8g+
07UhjIsgRGS2iijG
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:43 2024 by rpki-client on console-ams.rpki-client.org