Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/LSXH5Dmv6PSjllx3GG727NYicnQ.roa
File: LSXH5Dmv6PSjllx3GG727NYicnQ.roa (raw, json)
Hash identifier: EwN/feYDQ/KHl+WytrE2LAt+VT191ENS9Yu1wtDSVCE=
Subject key identifier: 2D:25:C7:E4:39:AF:E8:F4:A3:96:5C:77:18:6E:F6:EC:D6:22:72:74
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0188C11476CCF73D3FC81293285113DE480A
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/LSXH5Dmv6PSjllx3GG727NYicnQ.roa
Signing time: Thu 15 Jun 2023 22:02:03 +0000
ROA not before: Thu 15 Jun 2023 22:02:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23352
IP address blocks: 198.38.85.0/24 maxlen: 24
198.38.84.0/24 maxlen: 24
198.38.80.0/20 maxlen: 20
198.38.82.0/24 maxlen: 24
198.38.83.0/24 maxlen: 24
198.38.87.0/24 maxlen: 24
198.38.86.0/24 maxlen: 24
198.38.89.0/24 maxlen: 24
198.38.88.0/24 maxlen: 24
198.38.90.0/24 maxlen: 24
198.38.91.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
198.38.94.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
198.38.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c1:14:76:cc:f7:3d:3f:c8:12:93:28:51:13:de:48:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jun 15 22:02:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d25c7e439afe8f4a3965c77186ef6ecd6227274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ce:d5:7b:43:ce:fb:d0:e8:eb:20:45:96:61:
29:b0:ed:7d:0d:c3:54:e4:32:79:30:e9:c4:f7:c4:
4c:af:86:51:17:26:19:96:f3:78:a8:c5:a1:95:7e:
cc:42:3e:5c:8f:17:2e:4e:30:58:0f:88:27:ca:43:
a0:71:2b:43:a3:f4:81:f6:3d:9c:0c:b1:84:cc:6f:
07:64:67:c3:70:a2:0c:9d:7a:f1:23:fe:56:b7:5d:
8f:29:bd:26:84:3c:6a:fa:84:c6:fa:76:d8:60:2a:
31:65:ad:67:17:ce:8a:ec:8b:29:d7:a2:b8:0a:91:
4f:5a:67:d8:90:e3:06:88:b9:e0:88:bf:d6:da:5b:
f8:8b:32:b5:77:af:6b:4e:61:4f:79:ed:8e:cb:72:
ed:5b:95:c0:bd:7c:6c:c5:38:f9:d6:33:07:72:0c:
ee:ca:e2:ad:94:c4:5a:48:19:2f:79:bf:89:48:ec:
bb:52:c4:ee:66:6b:4a:54:bc:d8:45:c1:12:c0:c8:
e5:61:42:02:33:75:6f:30:58:83:ea:2b:4a:e2:bc:
4b:b5:1d:46:8c:9b:23:bf:b5:4c:1d:6f:e7:e2:00:
59:bf:be:e2:f2:85:6d:67:bd:82:93:80:c8:81:a2:
23:c9:19:d6:0a:32:e1:3c:99:0b:b2:2d:9a:43:24:
e0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:25:C7:E4:39:AF:E8:F4:A3:96:5C:77:18:6E:F6:EC:D6:22:72:74
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/LSXH5Dmv6PSjllx3GG727NYicnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.38.80.0/20
Signature Algorithm: sha256WithRSAEncryption
34:ba:53:aa:3c:c2:84:42:15:e3:04:d5:cb:23:68:fe:ff:75:
a5:78:b3:65:49:2a:bd:c1:91:2e:40:0a:62:74:c1:20:46:f3:
39:9e:84:b1:ff:f8:3e:16:2a:b4:95:7b:1e:0d:3f:66:c9:11:
cf:2d:93:06:b4:ae:c6:b1:69:23:cd:c1:2e:92:09:22:52:85:
ba:bf:2f:79:7f:5a:c5:7b:8e:b0:bf:e3:67:1f:85:c5:37:04:
84:7a:bb:61:fc:51:4a:c2:1a:20:f5:e7:31:84:60:98:3e:1d:
d3:3e:c9:fe:22:ac:de:32:38:fe:92:28:fa:18:84:cb:52:44:
d9:09:09:75:9b:3f:b0:ce:7f:80:05:0b:b8:35:68:93:af:61:
ac:19:5c:b9:fc:fb:03:d1:63:19:b4:99:b2:af:94:9c:03:ed:
dc:ea:eb:62:72:35:82:44:3e:2f:e1:f8:eb:df:2c:fc:6e:f9:
09:c0:71:de:0a:6a:c1:04:31:60:17:d7:f0:a8:02:b7:a8:3f:
b2:64:ac:3b:c4:21:d8:4e:75:18:fb:3e:47:b9:9e:64:6e:9b:
10:b5:2d:b9:01:b5:88:88:1d:17:a4:24:79:55:5a:72:35:19:
cb:b0:b8:42:56:bd:6d:42:43:ea:fc:a9:7d:5e:1b:1e:c8:ad:
c6:69:98:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjBFHbM9z0/yBKTKFET3kgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjMwNjE1MjIwMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDI1YzdlNDM5YWZlOGY0YTM5NjVjNzcxODZlZjZlY2Q2MjI3Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM7Ve0PO+9Do6yBFlmEpsO19DcNU
5DJ5MOnE98RMr4ZRFyYZlvN4qMWhlX7MQj5cjxcuTjBYD4gnykOgcStDo/SB9j2c
DLGEzG8HZGfDcKIMnXrxI/5Wt12PKb0mhDxq+oTG+nbYYCoxZa1nF86K7Isp16K4
CpFPWmfYkOMGiLngiL/W2lv4izK1d69rTmFPee2Oy3LtW5XAvXxsxTj51jMHcgzu
yuKtlMRaSBkveb+JSOy7UsTuZmtKVLzYRcESwMjlYUICM3VvMFiD6itK4rxLtR1G
jJsjv7VMHW/n4gBZv77i8oVtZ72Ck4DIgaIjyRnWCjLhPJkLsi2aQyTgtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0lx+Q5r+j0o5Zcdxhu9uzWInJ0MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvTFNYSDVEbXY2UFNqbGx4M0dHNzI3TllpY25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQExiZQMA0G
CSqGSIb3DQEBCwUAA4IBAQA0ulOqPMKEQhXjBNXLI2j+/3WleLNlSSq9wZEuQApi
dMEgRvM5noSx//g+Fiq0lXseDT9myRHPLZMGtK7GsWkjzcEukgkiUoW6vy95f1rF
e46wv+NnH4XFNwSEerth/FFKwhog9ecxhGCYPh3TPsn+IqzeMjj+kij6GITLUkTZ
CQl1mz+wzn+ABQu4NWiTr2GsGVy5/PsD0WMZtJmyr5ScA+3c6uticjWCRD4v4fjr
3yz8bvkJwHHeCmrBBDFgF9fwqAK3qD+yZKw7xCHYTnUY+z5HuZ5kbpsQtS25AbWI
iB0XpCR5VVpyNRnLsLhCVr1tQkPq/Kl9XhseyK3GaZh9
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:30 2024 by rpki-client on console-fra.rpki-client.org