Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/Loz3ZnMo5EA4gBbUnDT2foOx78c.roa
File: Loz3ZnMo5EA4gBbUnDT2foOx78c.roa (raw, json)
Hash identifier: rBYuR713f4VqgRC7c6rX6jHEnBqmmFIiy3v+BYeO8Lk=
Subject key identifier: 2E:8C:F7:66:73:28:E4:40:38:80:16:D4:9C:34:F6:7E:83:B1:EF:C7
Certificate issuer: /CN=b9cc6d734492e4106608a24fa1b95efaa879c45a
Certificate serial: 01857079AD00696BF98F979DF76627CCC702
Authority key identifier: B9:CC:6D:73:44:92:E4:10:66:08:A2:4F:A1:B9:5E:FA:A8:79:C4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucxtc0SS5BBmCKJPoble-qh5xFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/Loz3ZnMo5EA4gBbUnDT2foOx78c.roa
Signing time: Mon 02 Jan 2023 03:15:00 +0000
ROA not before: Mon 02 Jan 2023 03:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34288
IP address blocks: 109.233.176.0/21 maxlen: 21
46.234.32.0/19 maxlen: 19
81.94.112.0/20 maxlen: 20
85.158.24.0/21 maxlen: 21
2001:4b20::/32 maxlen: 32
2001:4b20::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:ad:00:69:6b:f9:8f:97:9d:f7:66:27:cc:c7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9cc6d734492e4106608a24fa1b95efaa879c45a
Validity
Not Before: Jan 2 03:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e8cf7667328e440388016d49c34f67e83b1efc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:67:ce:33:e5:1e:f4:9e:75:ac:d6:f8:26:e0:
97:e0:2c:40:a8:f7:89:85:8e:1f:33:16:ff:44:35:
73:2e:18:dd:ea:c2:33:a7:90:49:27:af:5a:9e:ac:
de:d2:51:20:bb:a2:14:f1:82:f4:e4:95:ba:7c:0a:
b7:4b:e0:80:a0:7b:c7:b5:73:a1:06:49:5f:2f:10:
50:42:f9:c4:f0:63:cc:06:84:fd:03:98:8c:14:b3:
f0:ae:d9:95:e5:23:8e:da:33:76:e7:4a:48:77:99:
ab:37:9b:77:09:96:2d:f6:06:e8:1c:85:ac:40:d9:
3b:fd:58:4f:bc:ed:a9:a4:60:7f:62:ea:90:6e:b9:
f6:64:d8:2c:e7:c3:ff:83:65:9a:2c:a7:2a:64:dc:
40:7a:1a:eb:53:20:68:e6:24:1c:d8:4a:16:38:08:
9a:a9:87:01:75:b9:f1:99:4f:ee:65:6e:0f:1e:79:
24:49:0d:7c:ab:d0:08:e0:5d:6e:48:23:ae:95:44:
b8:af:dc:2e:11:5e:1f:27:d9:09:4e:80:1b:ee:84:
e1:cf:19:14:86:0b:99:69:4a:f7:06:10:8e:1d:77:
c1:7d:8a:9b:69:52:16:07:a1:59:e7:be:c6:31:4e:
63:c7:81:fc:6c:93:a4:af:2b:aa:d5:e4:9f:e9:23:
aa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8C:F7:66:73:28:E4:40:38:80:16:D4:9C:34:F6:7E:83:B1:EF:C7
X509v3 Authority Key Identifier:
keyid:B9:CC:6D:73:44:92:E4:10:66:08:A2:4F:A1:B9:5E:FA:A8:79:C4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucxtc0SS5BBmCKJPoble-qh5xFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/Loz3ZnMo5EA4gBbUnDT2foOx78c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/ucxtc0SS5BBmCKJPoble-qh5xFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.234.32.0/19
81.94.112.0/20
85.158.24.0/21
109.233.176.0/21
IPv6:
2001:4b20::/29
Signature Algorithm: sha256WithRSAEncryption
a0:94:5b:a2:83:b6:74:f4:a9:e5:b9:41:e6:4b:77:2b:9b:64:
28:d2:a3:95:19:91:db:cc:8d:80:ba:3d:a8:02:4a:d7:66:ab:
72:90:c7:a8:fb:be:89:a1:db:e7:d7:9a:57:70:b9:d1:53:92:
fa:b3:e3:5f:8a:4d:0b:b8:10:b7:40:b4:32:51:56:4b:22:e2:
e3:dd:af:c6:5a:ae:e4:ab:f7:3d:7c:39:9e:ff:02:7d:98:a6:
9f:83:8b:be:bc:13:63:b8:74:a7:06:ed:0f:09:49:60:bf:02:
e2:be:92:33:84:03:4b:74:f1:31:7a:b7:f1:25:f7:68:b6:f3:
45:35:01:6d:45:d3:73:9d:03:76:c0:b7:e3:49:34:ca:c0:e0:
9f:76:b1:4c:54:c4:26:fc:f6:c7:bd:30:7e:03:90:03:d8:eb:
c3:6d:7f:38:c5:1e:9a:ff:a7:5a:e2:e7:4a:60:d4:1c:fe:4c:
1a:27:91:5c:b7:95:77:de:1f:a2:f4:c3:62:9c:d5:a6:bd:9a:
a0:8d:a6:65:a5:db:43:87:38:16:65:9b:e5:2e:ce:83:78:21:
cf:b3:94:ce:14:a7:aa:e8:8a:27:0b:14:2e:80:a7:75:16:54:
fe:60:6e:b6:2a:b2:a5:3c:6d:5b:6b:ec:f0:ac:18:9e:79:52:
07:a5:45:e9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwea0AaWv5j5ed92YnzMcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Y2M2ZDczNDQ5MmU0MTA2NjA4YTI0ZmExYjk1ZWZhYTg3
OWM0NWEwHhcNMjMwMTAyMDMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZThjZjc2NjczMjhlNDQwMzg4MDE2ZDQ5YzM0ZjY3ZTgzYjFlZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWfOM+Ue9J51rNb4JuCX4CxAqPeJ
hY4fMxb/RDVzLhjd6sIzp5BJJ69anqze0lEgu6IU8YL05JW6fAq3S+CAoHvHtXOh
BklfLxBQQvnE8GPMBoT9A5iMFLPwrtmV5SOO2jN250pId5mrN5t3CZYt9gboHIWs
QNk7/VhPvO2ppGB/YuqQbrn2ZNgs58P/g2WaLKcqZNxAehrrUyBo5iQc2EoWOAia
qYcBdbnxmU/uZW4PHnkkSQ18q9AI4F1uSCOulUS4r9wuEV4fJ9kJToAb7oThzxkU
hguZaUr3BhCOHXfBfYqbaVIWB6FZ577GMU5jx4H8bJOkryuq1eSf6SOqwwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC6M92ZzKORAOIAW1Jw09n6Dse/HMB8GA1UdIwQY
MBaAFLnMbXNEkuQQZgiiT6G5XvqoecRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWN4dGMwU1M1QkJtQ0tKUG9ibGUtcWg1eEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMTA5MjItOTk1NC00NTNmLWIxYzYt
ODIwZDVmYzQ0ZTM1LzEvTG96M1puTW81RUE0Z0JiVW5EVDJmb094NzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMTA5MjItOTk1NC00NTNmLWIxYzYtODIwZDVmYzQ0ZTM1
LzEvdWN4dGMwU1M1QkJtQ0tKUG9ibGUtcWg1eEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFLuogAwQE
UV5wAwQDVZ4YAwQDbemwMA0EAgACMAcDBQMgAUsgMA0GCSqGSIb3DQEBCwUAA4IB
AQCglFuig7Z09KnluUHmS3crm2Qo0qOVGZHbzI2Auj2oAkrXZqtykMeo+76Jodvn
15pXcLnRU5L6s+Nfik0LuBC3QLQyUVZLIuLj3a/GWq7kq/c9fDme/wJ9mKafg4u+
vBNjuHSnBu0PCUlgvwLivpIzhANLdPExerfxJfdotvNFNQFtRdNznQN2wLfjSTTK
wOCfdrFMVMQm/PbHvTB+A5AD2OvDbX84xR6a/6da4udKYNQc/kwaJ5Fct5V33h+i
9MNinNWmvZqgjaZlpdtDhzgWZZvlLs6DeCHPs5TOFKeq6IonCxQugKd1FlT+YG62
KrKlPG1ba+zwrBieeVIHpUXp
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:32 2024 by rpki-client on console-fra.rpki-client.org