Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/LMa54YKj5hIqpksxyp_DCWD3ISM.roa
File: LMa54YKj5hIqpksxyp_DCWD3ISM.roa (raw, json)
Hash identifier: E3gRjIBQskhahkYjNrGOSpguPa6+k0m7McMKukFMdmo=
Subject key identifier: 2C:C6:B9:E1:82:A3:E6:12:2A:A6:4B:31:CA:9F:C3:09:60:F7:21:23
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018D768B4998AF9B71861D22E473C292115F
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/LMa54YKj5hIqpksxyp_DCWD3ISM.roa
Signing time: Sun 04 Feb 2024 23:54:16 +0000
ROA not before: Sun 04 Feb 2024 23:54:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6898
IP address blocks: 185.155.176.0/22 maxlen: 22
185.155.184.0/24 maxlen: 24
2a00:bd00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Feb 2024 02:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:76:8b:49:98:af:9b:71:86:1d:22:e4:73:c2:92:11:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Feb 4 23:54:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cc6b9e182a3e6122aa64b31ca9fc30960f72123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9e:4c:cf:c9:a7:3e:05:4b:7b:69:7b:ff:40:
ac:79:d5:e7:8e:1e:01:72:89:b3:be:6d:56:64:a8:
98:21:c2:28:0a:66:fb:54:a7:d1:c2:78:16:c7:36:
31:22:e6:1b:0f:dd:fa:d2:a1:b0:e6:9d:39:9f:ce:
43:94:19:bd:01:19:40:d3:9b:7c:d3:43:f3:3a:28:
4e:2b:fb:5c:ac:c7:d4:11:20:81:1c:1c:a4:e7:d2:
12:e4:c9:73:b3:ac:1f:01:88:6b:76:c4:ea:9a:48:
68:06:f8:ea:6d:64:d2:0c:aa:8e:9d:e3:49:2e:74:
d2:79:6f:8d:f9:0a:e4:af:12:e5:2e:dd:3a:1f:9d:
72:da:85:2b:28:b4:04:0d:b5:55:4f:0e:2d:7a:81:
63:bc:21:f5:02:63:11:42:84:d8:15:d1:de:a0:d5:
81:77:66:c2:58:75:28:e4:91:3a:3e:c5:9a:4e:d9:
54:52:8b:0c:6a:88:a4:74:85:9e:c2:61:61:eb:7f:
b1:f7:cf:21:2d:26:ab:f1:90:3a:6a:91:c2:f7:0e:
85:f3:13:26:f5:b8:44:2b:ec:38:95:89:5e:9a:ef:
d7:d1:a8:27:76:d2:9a:51:66:f8:58:85:7e:c6:c7:
12:85:b9:28:15:cc:d8:ef:0e:26:d2:97:e2:d7:e6:
c2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C6:B9:E1:82:A3:E6:12:2A:A6:4B:31:CA:9F:C3:09:60:F7:21:23
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/LMa54YKj5hIqpksxyp_DCWD3ISM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.176.0/22
185.155.184.0/24
IPv6:
2a00:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
19:29:6a:74:35:d3:5f:a0:e5:51:d5:8b:72:7b:30:3f:f8:76:
cc:4c:7c:8f:62:7b:3b:d0:73:9f:d4:27:5d:5b:f0:4b:01:d0:
13:4c:dc:c7:5d:8f:f0:f9:d2:ce:7d:8e:23:f5:1d:6c:ef:ac:
f3:92:ca:38:72:b7:c9:0e:08:5d:f8:53:e0:3d:dc:94:cc:a0:
f9:39:d0:c8:8a:8a:19:e0:90:32:b8:d6:7a:83:ba:bf:ac:47:
2e:b3:71:f2:49:d0:20:c0:7e:b9:5d:ae:95:25:e7:4d:67:11:
59:84:a1:cb:e4:cd:74:69:73:d8:92:75:97:8f:ab:83:89:cb:
78:e5:36:5a:4a:ff:23:92:37:4a:b6:59:ec:fc:e8:34:a3:f3:
43:98:01:59:1e:e6:1f:64:81:3e:eb:d6:e3:d3:f6:bd:67:6a:
2a:c9:6e:26:6f:59:99:d9:de:ad:6b:53:7c:e7:af:e2:bf:e6:
1a:71:2f:da:f0:74:13:c8:6f:25:d0:61:93:68:56:e8:09:d6:
1d:46:28:79:f5:5f:f1:b0:0c:2b:32:b9:c9:25:6d:bd:b5:8c:
a5:81:5a:8a:b3:e9:29:8f:e3:71:e9:bd:fa:12:2e:d3:c1:91:
05:ed:70:92:7d:4a:86:e2:e9:f8:d1:58:7a:06:c6:0a:7a:b3:
05:9f:a9:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY12i0mYr5txhh0i5HPCkhFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwMjA0MjM1NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M2YjllMTgyYTNlNjEyMmFhNjRiMzFjYTlmYzMwOTYwZjcyMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj55Mz8mnPgVLe2l7/0CsedXnjh4B
comzvm1WZKiYIcIoCmb7VKfRwngWxzYxIuYbD9360qGw5p05n85DlBm9ARlA05t8
00PzOihOK/tcrMfUESCBHByk59IS5Mlzs6wfAYhrdsTqmkhoBvjqbWTSDKqOneNJ
LnTSeW+N+QrkrxLlLt06H51y2oUrKLQEDbVVTw4teoFjvCH1AmMRQoTYFdHeoNWB
d2bCWHUo5JE6PsWaTtlUUosMaoikdIWewmFh63+x988hLSar8ZA6apHC9w6F8xMm
9bhEK+w4lYlemu/X0agndtKaUWb4WIV+xscShbkoFczY7w4m0pfi1+bCVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCzGueGCo+YSKqZLMcqfwwlg9yEjMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvTE1hNTRZS2o1aElxcGtzeHlwX0RDV0QzSVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZuwAwQA
uZu4MA0EAgACMAcDBQAqAL0AMA0GCSqGSIb3DQEBCwUAA4IBAQAZKWp0NdNfoOVR
1YtyezA/+HbMTHyPYns70HOf1CddW/BLAdATTNzHXY/w+dLOfY4j9R1s76zzkso4
crfJDghd+FPgPdyUzKD5OdDIiooZ4JAyuNZ6g7q/rEcus3HySdAgwH65Xa6VJedN
ZxFZhKHL5M10aXPYknWXj6uDict45TZaSv8jkjdKtlns/Og0o/NDmAFZHuYfZIE+
69bj0/a9Z2oqyW4mb1mZ2d6ta1N856/iv+YacS/a8HQTyG8l0GGTaFboCdYdRih5
9V/xsAwrMrnJJW29tYylgVqKs+kpj+Nx6b36Ei7TwZEF7XCSfUqG4un40Vh6BsYK
erMFn6kb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:31 2025 by rpki-client