Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/LuNZnkSzwgrO3mcGKVRjjvlD7HA.roa
File: LuNZnkSzwgrO3mcGKVRjjvlD7HA.roa (raw, json)
Hash identifier: CfgEiYpZ7Te7CcAVFRBhnpnGYt2N5pN01c1H/oK0ok0=
Subject key identifier: 2E:E3:59:9E:44:B3:C2:0A:CE:DE:67:06:29:54:63:8E:F9:43:EC:70
Certificate issuer: /CN=7b5754e4d208c6435f1abec937cde20009204dc0
Certificate serial: 01856DDD2F6AB65EAFD70D019234B151A48D
Authority key identifier: 7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/LuNZnkSzwgrO3mcGKVRjjvlD7HA.roa
Signing time: Sun 01 Jan 2023 15:04:50 +0000
ROA not before: Sun 01 Jan 2023 15:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199486
IP address blocks: 185.214.158.0/24 maxlen: 24
185.214.157.0/24 maxlen: 24
185.214.156.0/24 maxlen: 24
31.47.64.0/21 maxlen: 21
31.47.69.0/24 maxlen: 24
2a09:2e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:2f:6a:b6:5e:af:d7:0d:01:92:34:b1:51:a4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5754e4d208c6435f1abec937cde20009204dc0
Validity
Not Before: Jan 1 15:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ee3599e44b3c20acede67062954638ef943ec70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d2:24:54:45:23:dc:3c:c8:9f:e3:f0:77:7f:
04:dd:8b:31:39:db:d2:ca:3b:0f:c9:d6:71:97:ef:
e1:e1:7d:fb:d1:83:45:fb:48:bb:e7:f1:97:42:97:
48:fe:45:e7:3c:77:84:f3:aa:5b:37:5e:20:1d:da:
ae:7c:08:8f:f3:f7:6a:7c:b4:00:32:3d:87:e9:18:
41:21:ff:a0:60:24:c9:87:79:27:ec:77:5e:1c:41:
13:6b:04:83:c9:09:9e:3c:66:ce:75:67:5c:2f:7e:
e5:c7:12:be:2f:67:15:4d:4e:cd:42:ba:da:06:23:
16:ec:1c:ee:f2:86:fb:4a:ee:d7:cf:72:ee:f7:21:
87:a4:b2:c9:be:04:b6:f8:2a:bf:e1:e1:f7:fe:ac:
be:2c:f3:cf:c1:21:56:6b:39:f7:09:ff:d1:46:9b:
30:1c:67:a3:51:5d:46:76:35:d3:d4:92:5a:61:45:
42:c4:b3:07:39:ad:56:7a:73:c1:e6:c9:2c:f8:3c:
00:37:20:fe:dd:f1:ad:e5:89:ef:d4:4f:d1:8b:6c:
be:4d:3b:16:30:9d:f5:85:04:2b:b1:b1:86:0b:06:
eb:3b:94:35:98:4a:f3:6e:92:00:a4:27:9b:0a:92:
c6:35:49:53:25:73:a7:39:e9:f1:c0:48:db:cf:01:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E3:59:9E:44:B3:C2:0A:CE:DE:67:06:29:54:63:8E:F9:43:EC:70
X509v3 Authority Key Identifier:
keyid:7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/LuNZnkSzwgrO3mcGKVRjjvlD7HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/e1dU5NIIxkNfGr7JN83iAAkgTcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.64.0/21
185.214.156.0-185.214.158.255
IPv6:
2a09:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
0b:16:53:ae:e9:67:09:67:8d:29:56:0c:18:7d:5d:51:2b:dd:
0e:a3:d0:6c:22:bf:c3:62:9a:e1:e2:b2:72:6f:11:26:a1:52:
37:75:7e:fa:a9:ba:1e:50:39:5a:90:8a:d6:58:e5:ff:9c:4d:
e8:bc:a3:80:c5:1c:4c:58:79:3c:78:50:f5:9e:57:1b:f4:62:
af:38:d4:23:20:fa:7f:c0:de:2e:d6:94:c7:7e:50:69:60:de:
c3:1c:8b:04:b5:ae:e2:c7:a7:9a:2b:65:25:81:98:9f:fb:01:
ab:6b:85:8e:19:28:9b:f3:f3:c9:06:9a:7f:1b:e8:91:56:c0:
f8:32:51:d1:6d:d5:6f:68:8e:56:09:36:b9:0f:7d:af:84:09:
be:ad:b2:ff:62:fb:fe:75:7e:1f:be:a3:ea:c5:c0:87:d8:3a:
ee:77:2d:6f:c2:05:2a:1c:38:e8:2f:02:fb:11:08:e7:55:ba:
e3:9d:60:c5:d2:af:71:4d:4e:6c:ca:41:fc:22:6f:e1:ee:54:
27:01:1b:52:1f:d1:08:fa:c3:b0:95:b6:f0:2f:bd:9d:22:46:
36:62:14:90:eb:1f:2e:d6:f9:f0:22:78:c0:91:2c:47:b7:56:
af:72:f1:81:cd:07:99:83:11:3c:71:4b:6d:a6:f8:88:e2:f5:
8d:47:01:8c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVt3S9qtl6v1w0BkjSxUaSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNTc1NGU0ZDIwOGM2NDM1ZjFhYmVjOTM3Y2RlMjAwMDky
MDRkYzAwHhcNMjMwMTAxMTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWUzNTk5ZTQ0YjNjMjBhY2VkZTY3MDYyOTU0NjM4ZWY5NDNlYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtIkVEUj3DzIn+Pwd38E3YsxOdvS
yjsPydZxl+/h4X370YNF+0i75/GXQpdI/kXnPHeE86pbN14gHdqufAiP8/dqfLQA
Mj2H6RhBIf+gYCTJh3kn7HdeHEETawSDyQmePGbOdWdcL37lxxK+L2cVTU7NQrra
BiMW7Bzu8ob7Su7Xz3Lu9yGHpLLJvgS2+Cq/4eH3/qy+LPPPwSFWazn3Cf/RRpsw
HGejUV1GdjXT1JJaYUVCxLMHOa1WenPB5sks+DwANyD+3fGt5Ynv1E/Ri2y+TTsW
MJ31hQQrsbGGCwbrO5Q1mErzbpIApCebCpLGNUlTJXOnOenxwEjbzwGmtwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC7jWZ5Es8IKzt5nBilUY475Q+xwMB8GA1UdIwQY
MBaAFHtXVOTSCMZDXxq+yTfN4gAJIE3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTIt
ZmQ0OTNjNmE1Yzc2LzEvTHVOWm5rU3p3Z3JPM21jR0tWUmpqdmxEN0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTItZmQ0OTNjNmE1Yzc2
LzEvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDHy9AMAwD
BAK51pwDBAC51p4wDQQCAAIwBwMFAyoJLoAwDQYJKoZIhvcNAQELBQADggEBAAsW
U67pZwlnjSlWDBh9XVEr3Q6j0Gwiv8NimuHisnJvESahUjd1fvqpuh5QOVqQitZY
5f+cTei8o4DFHExYeTx4UPWeVxv0Yq841CMg+n/A3i7WlMd+UGlg3sMciwS1ruLH
p5orZSWBmJ/7AatrhY4ZKJvz88kGmn8b6JFWwPgyUdFt1W9ojlYJNrkPfa+ECb6t
sv9i+/51fh++o+rFwIfYOu53LW/CBSocOOgvAvsRCOdVuuOdYMXSr3FNTmzKQfwi
b+HuVCcBG1If0Qj6w7CVtvAvvZ0iRjZiFJDrHy7W+fAieMCRLEe3Vq9y8YHNB5mD
ETxxS22m+Iji9Y1HAYw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:34 2024 by rpki-client on console-ams.rpki-client.org