Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/lbcvu0poAAAEVps3yBDTcdgaLss.roa
File: lbcvu0poAAAEVps3yBDTcdgaLss.roa (raw, json)
Hash identifier: ehiOQwftPyw6xFkydXMm+zxHBS91Pkz6s0XHQMjTZ7o=
Subject key identifier: 95:B7:2F:BB:4A:68:00:00:04:56:9B:37:C8:10:D3:71:D8:1A:2E:CB
Certificate issuer: /CN=2d52398255290e328680d6e8c80cd918f8641784
Certificate serial: 01856BD33EE723B4645567EEA501E579AB2A
Authority key identifier: 2D:52:39:82:55:29:0E:32:86:80:D6:E8:C8:0C:D9:18:F8:64:17:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LVI5glUpDjKGgNboyAzZGPhkF4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/lbcvu0poAAAEVps3yBDTcdgaLss.roa
Signing time: Sun 01 Jan 2023 05:34:44 +0000
ROA not before: Sun 01 Jan 2023 05:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56347
IP address blocks: 89.21.74.0/23 maxlen: 23
89.21.72.0/23 maxlen: 23
89.21.72.0/22 maxlen: 22
185.95.64.0/24 maxlen: 24
2a10:b200::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:3e:e7:23:b4:64:55:67:ee:a5:01:e5:79:ab:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d52398255290e328680d6e8c80cd918f8641784
Validity
Not Before: Jan 1 05:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95b72fbb4a68000004569b37c810d371d81a2ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:80:fb:e9:d2:65:54:6e:d0:bd:8c:f9:01:ad:
9f:f2:26:9d:cb:e2:c3:3b:fa:91:dc:68:16:46:eb:
0f:6e:21:f7:5f:b6:f4:8b:98:8b:81:2a:b8:9c:d2:
8a:35:02:1b:6e:52:03:e8:a3:09:e5:d7:75:78:ed:
2a:7c:7f:7b:6e:cf:de:26:af:ed:25:ad:db:8d:3a:
62:96:61:26:9d:18:14:c5:d9:e3:56:f0:1f:9a:9a:
ef:cd:78:f8:45:ef:8b:72:42:69:ff:f3:ca:6c:f5:
ba:1f:d1:af:1d:cb:2a:26:35:8f:1c:79:2f:24:cb:
27:29:cf:d2:42:5e:84:ac:fc:1f:54:e1:d0:30:a0:
49:a6:5b:e6:21:86:06:8d:97:b3:46:d0:0a:70:f1:
2a:8a:75:c6:2a:22:3d:91:07:f6:bd:43:fb:af:3d:
99:17:09:3f:5a:0f:0b:22:8b:2a:5a:c8:38:3d:0e:
e6:9b:77:c3:d3:f6:d1:bc:25:76:fc:71:35:4b:08:
33:58:74:d4:b7:89:31:f9:1d:bf:ea:12:52:b0:48:
17:1a:b3:8c:d3:75:35:bb:2a:69:92:4b:4a:48:4a:
01:8c:f7:9b:6c:4b:d5:0f:8c:e3:bc:f3:39:0a:22:
51:7b:bf:7c:a8:d8:c1:2c:b7:20:ad:29:63:77:98:
86:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B7:2F:BB:4A:68:00:00:04:56:9B:37:C8:10:D3:71:D8:1A:2E:CB
X509v3 Authority Key Identifier:
keyid:2D:52:39:82:55:29:0E:32:86:80:D6:E8:C8:0C:D9:18:F8:64:17:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LVI5glUpDjKGgNboyAzZGPhkF4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/lbcvu0poAAAEVps3yBDTcdgaLss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/LVI5glUpDjKGgNboyAzZGPhkF4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.72.0/22
185.95.64.0/24
IPv6:
2a10:b200::/32
Signature Algorithm: sha256WithRSAEncryption
1c:3a:af:73:49:74:1e:8c:a5:44:c9:a0:35:b1:1f:6e:29:99:
1a:66:e3:99:5c:4e:1b:7d:e5:9d:92:6c:9a:e0:27:df:f3:03:
18:48:bb:2b:eb:43:32:e4:6d:83:bf:30:44:67:b7:92:2e:cf:
5e:2b:5c:d8:dd:a5:69:3f:e8:23:5b:0c:a3:ec:df:98:d2:12:
47:96:f7:e3:02:95:82:a5:68:f2:46:df:36:3a:05:d7:03:54:
ed:16:b5:a2:95:d9:08:b4:97:f6:7a:54:9a:04:1c:2e:0a:e1:
05:d4:f7:5b:c9:65:23:df:83:4a:19:1d:95:06:0a:be:6f:6c:
61:97:04:40:bb:61:06:43:43:b4:ca:ca:23:93:14:b6:cf:d6:
5f:f6:71:30:4c:31:58:72:5f:52:b9:fb:c4:c5:a2:26:c1:9f:
e9:bd:ac:c4:d5:da:ea:2d:71:8f:59:ef:be:cd:7e:8c:81:11:
45:50:61:81:9d:c0:f9:18:93:09:17:a3:9a:91:c1:72:b2:12:
5c:17:29:7e:2a:d5:c3:1d:2c:58:b2:31:5c:bf:d9:18:7c:0e:
21:ef:62:ed:d2:d6:bc:c8:3d:4d:b3:93:6e:4f:42:b8:76:e3:
bb:ac:c3:74:77:39:b0:6d:11:4f:63:8f:22:b4:fe:18:a8:2f:
0d:a7:d0:a6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr0z7nI7RkVWfupQHleasqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNTIzOTgyNTUyOTBlMzI4NjgwZDZlOGM4MGNkOTE4Zjg2
NDE3ODQwHhcNMjMwMTAxMDUzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI3MmZiYjRhNjgwMDAwMDQ1NjliMzdjODEwZDM3MWQ4MWEyZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYD76dJlVG7QvYz5Aa2f8iady+LD
O/qR3GgWRusPbiH3X7b0i5iLgSq4nNKKNQIbblID6KMJ5dd1eO0qfH97bs/eJq/t
Ja3bjTpilmEmnRgUxdnjVvAfmprvzXj4Re+LckJp//PKbPW6H9GvHcsqJjWPHHkv
JMsnKc/SQl6ErPwfVOHQMKBJplvmIYYGjZezRtAKcPEqinXGKiI9kQf2vUP7rz2Z
Fwk/Wg8LIosqWsg4PQ7mm3fD0/bRvCV2/HE1SwgzWHTUt4kx+R2/6hJSsEgXGrOM
03U1uyppkktKSEoBjPebbEvVD4zjvPM5CiJRe798qNjBLLcgrSljd5iGCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJW3L7tKaAAABFabN8gQ03HYGi7LMB8GA1UdIwQY
MBaAFC1SOYJVKQ4yhoDW6MgM2Rj4ZBeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFZJNWdsVXBEaktHZ05ib3lBelpHUGhrRjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mY2QzYzMtZjQ5NS00ZDIxLWE4YjAt
NDkwNjFmZmZkMDJhLzEvbGJjdnUwcG9BQUFFVnBzM3lCRFRjZGdhTHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mY2QzYzMtZjQ5NS00ZDIxLWE4YjAtNDkwNjFmZmZkMDJh
LzEvTFZJNWdsVXBEaktHZ05ib3lBelpHUGhrRjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWRVIAwQA
uV9AMA0EAgACMAcDBQAqELIAMA0GCSqGSIb3DQEBCwUAA4IBAQAcOq9zSXQejKVE
yaA1sR9uKZkaZuOZXE4bfeWdkmya4Cff8wMYSLsr60My5G2DvzBEZ7eSLs9eK1zY
3aVpP+gjWwyj7N+Y0hJHlvfjApWCpWjyRt82OgXXA1TtFrWildkItJf2elSaBBwu
CuEF1PdbyWUj34NKGR2VBgq+b2xhlwRAu2EGQ0O0ysojkxS2z9Zf9nEwTDFYcl9S
ufvExaImwZ/pvazE1drqLXGPWe++zX6MgRFFUGGBncD5GJMJF6OakcFyshJcFyl+
KtXDHSxYsjFcv9kYfA4h72Lt0ta8yD1Ns5NuT0K4duO7rMN0dzmwbRFPY48itP4Y
qC8Np9Cm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:05 2024 by rpki-client on console-ams.rpki-client.org