Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/LZSrJQGnfrClfJsBpOEriR85yAs.roa
File: LZSrJQGnfrClfJsBpOEriR85yAs.roa (raw, json)
Hash identifier: l+K3rLDtU3Qgy0vJAodNAhzfDwf1ho9VNreVy/Uhfmg=
Subject key identifier: 2D:94:AB:25:01:A7:7E:B0:A5:7C:9B:01:A4:E1:2B:89:1F:39:C8:0B
Certificate issuer: /CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Certificate serial: 01861186C2045559F5789B324C7239A9F2FE
Authority key identifier: C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/LZSrJQGnfrClfJsBpOEriR85yAs.roa
Signing time: Thu 02 Feb 2023 09:48:09 +0000
ROA not before: Thu 02 Feb 2023 09:48:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31631
IP address blocks: 45.150.140.0/22 maxlen: 22
80.252.120.0/22 maxlen: 22
193.178.112.0/23 maxlen: 23
185.108.168.0/22 maxlen: 22
193.178.54.0/23 maxlen: 23
185.205.172.0/22 maxlen: 22
2a06:e40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:86:c2:04:55:59:f5:78:9b:32:4c:72:39:a9:f2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Validity
Not Before: Feb 2 09:48:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d94ab2501a77eb0a57c9b01a4e12b891f39c80b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:32:35:c8:17:4e:30:0d:09:3f:78:69:aa:68:
a8:d5:90:53:f1:e5:84:02:a5:e8:4e:49:16:e7:d8:
e3:f0:40:62:7e:11:fe:19:bc:32:79:c4:6c:eb:51:
23:51:86:0c:b7:a0:2e:18:e3:63:b5:9f:70:5c:22:
fd:e5:92:28:7c:d3:73:aa:c1:83:8b:f5:cd:38:45:
f3:2c:17:95:1b:ac:09:1e:c7:1e:3c:cc:a1:3e:b5:
66:c3:90:20:c4:7f:ce:c5:55:9d:88:5d:bb:8b:f4:
70:46:aa:1f:47:18:3f:67:2f:7c:74:21:14:d5:47:
4e:45:7f:87:16:d1:76:7f:a1:1b:ae:14:dc:bc:c2:
d0:20:2f:86:5b:f3:63:70:43:69:7d:72:ba:5e:d7:
5d:cb:f3:25:d0:4a:23:80:6b:40:54:cd:c6:9b:ae:
e6:e4:a2:5c:8b:ff:0f:11:f5:43:b7:69:74:70:3d:
1f:ba:cb:56:7a:84:ba:bb:1b:39:b0:63:7b:7e:18:
ef:46:8d:36:ec:3e:07:21:b4:19:37:da:08:7f:70:
cc:da:a8:e3:17:33:0f:85:83:a6:4e:98:d5:3a:79:
10:7d:b2:7c:0a:be:c3:82:eb:2a:59:6e:14:03:df:
47:1a:52:6a:95:bb:ef:07:8a:98:bc:46:fe:94:ec:
48:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:94:AB:25:01:A7:7E:B0:A5:7C:9B:01:A4:E1:2B:89:1F:39:C8:0B
X509v3 Authority Key Identifier:
keyid:C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/LZSrJQGnfrClfJsBpOEriR85yAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.140.0/22
80.252.120.0/22
185.108.168.0/22
185.205.172.0/22
193.178.54.0/23
193.178.112.0/23
IPv6:
2a06:e40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:ca:dc:6d:94:73:1b:15:25:34:a9:f8:59:22:c8:c8:91:23:
63:04:d5:2a:92:4f:e9:fb:93:9a:c9:9f:28:9d:57:7d:4a:ef:
0b:e6:c7:68:13:de:f0:5f:11:a1:50:e4:8d:c7:69:c7:7a:f3:
d0:d7:7c:af:69:64:08:61:46:36:91:58:03:d2:90:78:d5:e1:
fd:17:df:54:ca:5c:ba:09:7a:6d:57:b0:c0:65:63:e0:16:83:
da:61:41:cb:a9:c2:8d:cc:e4:b8:f2:0e:cd:a1:1a:e3:ec:38:
e2:cb:03:ca:6a:99:d5:56:5e:b4:ac:aa:bc:1d:fb:dc:ba:99:
5a:22:94:06:e4:12:71:52:f7:8a:93:a6:d8:b6:fc:54:67:5a:
6a:71:ef:53:d8:b2:5a:00:92:1e:d7:54:f1:e7:7a:b4:e0:d9:
47:f1:02:ca:d5:c2:95:94:84:e7:4e:99:7a:49:65:44:54:f8:
f2:95:7a:ff:b7:b8:d2:d1:fb:e3:9c:f8:e2:97:5f:a1:84:d3:
e0:54:c3:72:2d:e5:c7:a3:b9:bd:59:91:30:e3:66:7c:72:1e:
a1:f1:4c:db:80:d8:95:05:90:a9:36:6d:4d:a3:a4:c2:a7:06:
be:b8:c4:06:6d:34:e5:6b:61:c4:e9:5e:16:43:bb:ad:42:29:
81:39:45:f3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYYRhsIEVVn1eJsyTHI5qfL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzBmZGJiNjVjYTQ5MWNiODNjYzA4NWE0M2UwMzQwNTk2
YWU4NzMwHhcNMjMwMjAyMDk0ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDk0YWIyNTAxYTc3ZWIwYTU3YzliMDFhNGUxMmI4OTFmMzljODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjI1yBdOMA0JP3hpqmio1ZBT8eWE
AqXoTkkW59jj8EBifhH+GbwyecRs61EjUYYMt6AuGONjtZ9wXCL95ZIofNNzqsGD
i/XNOEXzLBeVG6wJHscePMyhPrVmw5AgxH/OxVWdiF27i/RwRqofRxg/Zy98dCEU
1UdORX+HFtF2f6EbrhTcvMLQIC+GW/NjcENpfXK6Xtddy/Ml0EojgGtAVM3Gm67m
5KJci/8PEfVDt2l0cD0fustWeoS6uxs5sGN7fhjvRo027D4HIbQZN9oIf3DM2qjj
FzMPhYOmTpjVOnkQfbJ8Cr7DgusqWW4UA99HGlJqlbvvB4qYvEb+lOxIPQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC2UqyUBp36wpXybAaThK4kfOcgLMB8GA1UdIwQY
MBaAFMbA/btlykkcuDzAhaQ+A0BZauhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQt
NDlhNjU0NTc4NmU2LzEvTFpTckpRR25mckNsZkpzQnBPRXJpUjg1eUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQtNDlhNjU0NTc4NmU2
LzEveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZaMAwQC
UPx4AwQCuWyoAwQCuc2sAwQBwbI2AwQBwbJwMA0EAgACMAcDBQMqBg5AMA0GCSqG
SIb3DQEBCwUAA4IBAQC2ytxtlHMbFSU0qfhZIsjIkSNjBNUqkk/p+5OayZ8onVd9
Su8L5sdoE97wXxGhUOSNx2nHevPQ13yvaWQIYUY2kVgD0pB41eH9F99Uyly6CXpt
V7DAZWPgFoPaYUHLqcKNzOS48g7NoRrj7DjiywPKapnVVl60rKq8HfvcuplaIpQG
5BJxUveKk6bYtvxUZ1pqce9T2LJaAJIe11Tx53q04NlH8QLK1cKVlITnTpl6SWVE
VPjylXr/t7jS0fvjnPjil1+hhNPgVMNyLeXHo7m9WZEw42Z8ch6h8UzbgNiVBZCp
Nm1No6TCpwa+uMQGbTTla2HE6V4WQ7utQimBOUXz
-----END CERTIFICATE-----
Generated at Thu Sep 7 14:11:07 2023 by rpki-client on console-ams.rpki-client.org