Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LNCSiIxEL8SQ5pfT6H_VZHT4Cyo.roa
File: LNCSiIxEL8SQ5pfT6H_VZHT4Cyo.roa (raw, json)
Hash identifier: Eosgk29Fi/dCaToLGXASUIzVLN75tOVGTRe7D52B4XU=
Subject key identifier: 2C:D0:92:88:8C:44:2F:C4:90:E6:97:D3:E8:7F:D5:64:74:F8:0B:2A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D01746272620100DC27DDF617D01242AC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LNCSiIxEL8SQ5pfT6H_VZHT4Cyo.roa
Signing time: Sat 13 Jan 2024 06:13:41 +0000
ROA not before: Sat 13 Jan 2024 06:13:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203394
IP address blocks: 188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 06:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:01:74:62:72:62:01:00:dc:27:dd:f6:17:d0:12:42:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 13 06:13:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cd092888c442fc490e697d3e87fd56474f80b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:87:f1:3b:e8:00:96:07:7d:2a:a3:ae:b9:
68:60:7e:40:c5:ee:62:8d:a6:d7:30:14:69:55:75:
36:3c:af:4e:7c:57:3a:c0:69:4f:bd:1a:fa:fb:d4:
22:25:09:8e:9a:0f:a5:bd:ad:3e:b9:75:cc:02:20:
32:23:d9:60:04:87:bc:4e:72:d4:15:52:5f:4a:cc:
26:6e:9c:30:48:bf:cb:a1:e7:2a:c0:4b:8d:e6:4a:
23:b7:46:d6:2a:08:c0:de:ce:25:68:df:8e:e7:ed:
fb:54:50:29:97:07:13:ce:c7:9d:f2:fa:de:db:23:
4c:19:c5:ce:db:bf:66:2a:55:b9:65:f1:e2:56:d2:
02:6d:30:2c:9e:f0:e3:a8:25:99:a4:6b:1f:f9:2d:
15:6d:7f:b4:f3:50:49:df:7b:55:95:a0:92:ea:fd:
58:6f:3c:91:f0:45:d1:75:47:bf:23:5c:9f:aa:72:
e2:a5:67:da:61:11:31:32:da:29:07:b3:1c:09:08:
0b:2a:71:07:3d:e7:f6:13:4a:47:5c:f6:c3:c0:a7:
00:21:5e:7a:c9:6c:5f:e0:87:4f:c0:02:c9:ae:63:
d3:68:1f:84:dd:01:bb:5a:b0:a9:85:37:a0:4a:00:
a8:88:17:d7:73:57:34:ff:10:6c:fe:f3:f7:1d:c2:
f9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D0:92:88:8C:44:2F:C4:90:E6:97:D3:E8:7F:D5:64:74:F8:0B:2A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LNCSiIxEL8SQ5pfT6H_VZHT4Cyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.240.230.0/24
188.240.232.0/24
Signature Algorithm: sha256WithRSAEncryption
54:44:48:a4:b2:75:db:05:dc:9a:f2:3a:d8:3b:78:18:dd:6c:
52:8f:7e:60:2c:4e:e0:c6:83:58:78:4b:7d:db:34:49:6c:44:
93:f5:a7:6e:8e:f4:9c:95:8c:87:0e:0c:54:a6:cb:ab:d5:33:
73:8c:9b:65:ee:6e:dd:bb:5c:ac:7d:0d:f6:62:3a:8b:3c:fc:
82:50:27:24:00:11:7e:a6:40:a0:87:23:c6:2d:d1:d2:cc:1c:
7b:5b:0c:a2:6e:c2:8a:31:9b:d9:1b:13:03:65:0c:45:5c:c2:
ee:dc:ab:f2:08:56:ca:5d:53:96:7a:7d:cd:fa:f0:96:60:bd:
a8:0c:21:74:c5:97:33:02:c9:5c:01:ec:62:a6:cd:90:b0:44:
19:1b:2f:ec:82:05:ca:ef:91:54:98:49:91:36:b5:16:a2:90:
fc:07:a0:13:3b:87:cf:3c:67:fb:3a:db:db:5d:48:2e:36:e7:
9d:13:48:71:e0:16:05:5c:af:a8:61:4e:fb:d0:e2:8d:32:40:
2d:11:bd:2a:99:e4:17:2d:b3:d7:26:b2:ca:e9:b2:74:dd:9f:
63:e0:f5:05:2d:d3:ae:55:67:5c:66:ce:5b:3a:b7:c8:8a:d2:
7a:be:f9:e4:1a:33:2e:9d:54:c1:70:24:ea:7e:a0:e5:a5:ca:
00:83:00:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0BdGJyYgEA3Cfd9hfQEkKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTEzMDYxMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2QwOTI4ODhjNDQyZmM0OTBlNjk3ZDNlODdmZDU2NDc0ZjgwYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9GH8TvoAJYHfSqjrrloYH5Axe5i
jabXMBRpVXU2PK9OfFc6wGlPvRr6+9QiJQmOmg+lva0+uXXMAiAyI9lgBIe8TnLU
FVJfSswmbpwwSL/LoecqwEuN5kojt0bWKgjA3s4laN+O5+37VFAplwcTzsed8vre
2yNMGcXO279mKlW5ZfHiVtICbTAsnvDjqCWZpGsf+S0VbX+081BJ33tVlaCS6v1Y
bzyR8EXRdUe/I1yfqnLipWfaYRExMtopB7McCQgLKnEHPef2E0pHXPbDwKcAIV56
yWxf4IdPwALJrmPTaB+E3QG7WrCphTegSgCoiBfXc1c0/xBs/vP3HcL5dQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCzQkoiMRC/EkOaX0+h/1WR0+AsqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTE5DU2lJeEVMOFNRNXBmVDZIX1ZaSFQ0Q3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvPDmAwQA
vPDoMA0GCSqGSIb3DQEBCwUAA4IBAQBUREiksnXbBdya8jrYO3gY3WxSj35gLE7g
xoNYeEt92zRJbEST9adujvSclYyHDgxUpsur1TNzjJtl7m7du1ysfQ32YjqLPPyC
UCckABF+pkCghyPGLdHSzBx7WwyibsKKMZvZGxMDZQxFXMLu3KvyCFbKXVOWen3N
+vCWYL2oDCF0xZczAslcAexips2QsEQZGy/sggXK75FUmEmRNrUWopD8B6ATO4fP
PGf7OtvbXUguNuedE0hx4BYFXK+oYU770OKNMkAtEb0qmeQXLbPXJrLK6bJ03Z9j
4PUFLdOuVWdcZs5bOrfIitJ6vvnkGjMunVTBcCTqfqDlpcoAgwA3
-----END CERTIFICATE-----
Generated at Mon Jan 15 11:27:28 2024 by rpki-client on console-fra.rpki-client.org