Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/LSAUKix8HLfXu358v7yIdnsVYSM.roa
File: LSAUKix8HLfXu358v7yIdnsVYSM.roa (raw, json)
Hash identifier: W6yBUo3oZ1Iz2/GG4SxetuKIxfmYiTiDdNTICGewQnM=
Subject key identifier: 2D:20:14:2A:2C:7C:1C:B7:D7:BB:7E:7C:BF:BC:88:76:7B:15:61:23
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 01856FF02F983DFDF4A3F44289C611A12513
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/LSAUKix8HLfXu358v7yIdnsVYSM.roa
Signing time: Mon 02 Jan 2023 00:44:49 +0000
ROA not before: Mon 02 Jan 2023 00:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207645
IP address blocks: 185.86.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:2f:98:3d:fd:f4:a3:f4:42:89:c6:11:a1:25:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: Jan 2 00:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d20142a2c7c1cb7d7bb7e7cbfbc88767b156123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e7:1e:eb:95:28:8a:ab:4c:15:64:40:e9:f9:
7d:bd:d0:92:1a:af:17:d4:7c:d6:e7:31:6a:fd:c2:
81:96:7a:39:8b:5b:2f:ea:f6:c3:bf:a1:42:b7:a4:
f7:1c:77:b1:90:4d:63:66:d9:17:db:36:50:ae:55:
b5:d8:79:f1:98:c4:fe:08:83:d0:54:7d:12:46:b2:
55:cf:ef:8f:ad:a8:2a:e8:93:6a:7c:ec:61:12:2f:
b0:a1:da:54:2a:e1:3a:ae:76:07:49:b3:9a:de:12:
8e:a4:79:8b:7f:b0:95:12:14:ff:20:82:c0:3d:46:
92:62:67:58:71:45:85:b4:c3:e7:7e:67:0e:04:d7:
48:1e:07:69:ea:e1:60:d3:0f:d8:a1:0f:07:2e:2c:
e7:c0:07:ab:57:4c:db:3f:16:c5:5c:ee:ac:df:aa:
71:62:38:72:3b:54:65:84:68:60:49:81:b3:65:43:
10:4c:52:ea:a7:e1:5e:45:46:ce:f6:a6:95:b5:55:
b5:bc:55:e6:42:5d:46:03:a3:72:6f:39:c7:cb:d6:
77:f1:d5:1d:30:2f:9d:5b:33:79:b2:2a:95:f1:49:
52:7a:59:2d:12:54:3d:44:c9:04:7f:37:da:df:34:
52:0d:54:7b:aa:f8:c6:b0:d5:30:b7:d6:03:4a:d7:
64:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:20:14:2A:2C:7C:1C:B7:D7:BB:7E:7C:BF:BC:88:76:7B:15:61:23
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/LSAUKix8HLfXu358v7yIdnsVYSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.10.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ac:ad:7b:9a:06:c0:c4:02:ae:51:17:fb:52:27:dd:58:b9:
94:23:8a:05:11:af:9b:c6:f7:48:b9:a1:49:58:d6:5f:59:42:
f0:dd:63:2f:91:85:c6:75:d6:0c:3b:63:3c:b6:f1:9a:f0:0e:
ff:d0:c8:cb:35:ec:48:0f:4e:f3:10:ad:f6:f6:db:ca:ff:62:
98:9a:67:86:f6:97:6d:81:62:a7:5c:68:b4:06:a3:a1:2a:4c:
c7:53:a1:37:a3:f0:5f:cb:f0:8f:72:2a:9c:85:cd:e2:25:ce:
48:21:dd:26:a1:cc:50:0a:a7:b3:f2:24:9e:f4:fd:55:ff:f7:
14:33:f9:6b:cc:bc:67:b7:ee:7a:cf:c4:c4:94:87:fb:e9:be:
80:d1:4e:43:93:bb:2f:15:19:82:45:9b:34:a3:b6:e8:3b:fd:
86:49:33:f6:d8:ca:ef:46:15:bf:02:ad:b0:35:10:ea:4d:e3:
f5:d5:06:dc:4e:64:c6:e9:65:ea:71:d1:75:21:76:22:d9:cb:
97:6d:67:09:6c:62:b3:97:c3:46:be:88:1a:f9:2b:83:42:ee:
17:82:12:33:4c:df:95:4c:66:73:81:e3:ef:88:4f:3a:63:9f:
d9:3c:3e:2a:ee:a1:e7:ac:05:93:7e:6e:58:3a:9c:77:e4:db:
56:a1:36:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8C+YPf30o/RCicYRoSUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk
ZmUyYTIwHhcNMjMwMTAyMDA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDIwMTQyYTJjN2MxY2I3ZDdiYjdlN2NiZmJjODg3NjdiMTU2MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApece65UoiqtMFWRA6fl9vdCSGq8X
1HzW5zFq/cKBlno5i1sv6vbDv6FCt6T3HHexkE1jZtkX2zZQrlW12HnxmMT+CIPQ
VH0SRrJVz++Pragq6JNqfOxhEi+wodpUKuE6rnYHSbOa3hKOpHmLf7CVEhT/IILA
PUaSYmdYcUWFtMPnfmcOBNdIHgdp6uFg0w/YoQ8HLiznwAerV0zbPxbFXO6s36px
YjhyO1RlhGhgSYGzZUMQTFLqp+FeRUbO9qaVtVW1vFXmQl1GA6NybznHy9Z38dUd
MC+dWzN5siqV8UlSelktElQ9RMkEfzfa3zRSDVR7qvjGsNUwt9YDStdkswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0gFCosfBy317t+fL+8iHZ7FWEjMB8GA1UdIwQY
MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt
ZjQ3NGY3YmQzNTMxLzEvTFNBVUtpeDhITGZYdTM1OHY3eUlkbnNWWVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx
LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVYKMA0G
CSqGSIb3DQEBCwUAA4IBAQCKrK17mgbAxAKuURf7UifdWLmUI4oFEa+bxvdIuaFJ
WNZfWULw3WMvkYXGddYMO2M8tvGa8A7/0MjLNexID07zEK329tvK/2KYmmeG9pdt
gWKnXGi0BqOhKkzHU6E3o/Bfy/CPciqchc3iJc5IId0mocxQCqez8iSe9P1V//cU
M/lrzLxnt+56z8TElIf76b6A0U5Dk7svFRmCRZs0o7boO/2GSTP22MrvRhW/Aq2w
NRDqTeP11QbcTmTG6WXqcdF1IXYi2cuXbWcJbGKzl8NGvoga+SuDQu4XghIzTN+V
TGZzgePviE86Y5/ZPD4q7qHnrAWTfm5YOpx35NtWoTaJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:21 2024 by rpki-client on console-fra.rpki-client.org