Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lvzu_1wzSf6TVVaO3_GFObYMMYQ.roa
File: lvzu_1wzSf6TVVaO3_GFObYMMYQ.roa (raw, json)
Hash identifier: iRgKVwo7XKH/ZjlRI+ZczBatsMDP1TQi2bi4OdzTAjg=
Subject key identifier: 96:FC:EE:FF:5C:33:49:FE:93:55:56:8E:DF:F1:85:39:B6:0C:31:84
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C23E0C3199BFCED1070BA0ABCB90E256D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lvzu_1wzSf6TVVaO3_GFObYMMYQ.roa
Signing time: Fri 01 Dec 2023 05:36:21 +0000
ROA not before: Fri 01 Dec 2023 05:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.41.0/24 maxlen: 24
45.123.42.0/23 maxlen: 24
45.141.203.0/24 maxlen: 24
45.141.200.0/23 maxlen: 24
45.141.202.0/24 maxlen: 24
185.35.138.0/24 maxlen: 24
185.35.136.0/23 maxlen: 24
185.35.139.0/24 maxlen: 24
2a0b:64c0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:23:e0:c3:19:9b:fc:ed:10:70:ba:0a:bc:b9:0e:25:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 1 05:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96fceeff5c3349fe9355568edff18539b60c3184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e9:d3:34:14:63:e2:d2:a4:aa:bb:f0:58:50:
ab:4c:f7:92:75:bf:f2:bb:d7:f7:a8:d0:15:df:dc:
71:24:cd:a9:69:69:11:a5:7f:db:7d:73:6a:20:2c:
1e:a8:13:8b:57:fb:ec:de:34:05:9c:4f:5d:a1:16:
9c:2a:43:01:26:8a:a6:dc:02:75:cb:f3:b0:1a:58:
92:4a:eb:5f:1f:68:6a:96:79:62:f0:cf:63:b7:59:
29:f7:c8:82:3d:cb:f6:cd:ad:b3:71:4e:39:61:29:
0d:32:bd:5e:3b:a1:fb:f5:7c:5d:99:5b:08:be:a0:
b2:bd:27:d2:e4:3c:94:65:05:3b:9a:53:65:95:44:
b1:d0:c4:a8:79:24:bb:c3:48:df:f9:9e:da:95:d2:
0d:e9:bf:8b:7b:5f:b2:d2:58:58:5c:54:c6:cf:c8:
70:4b:48:e5:0f:23:60:9d:44:62:04:fb:f1:4c:7e:
76:32:65:47:c3:34:3d:ef:1e:3a:7f:03:86:4b:a4:
cc:0c:03:20:48:47:27:c5:8a:36:75:b8:ef:b3:8b:
4e:19:d7:2d:70:76:97:25:bd:74:9f:ac:df:19:2a:
7a:fd:f5:2d:7a:ef:19:d0:2d:2a:64:00:23:8d:e1:
c4:d9:67:0c:35:f7:ef:21:8b:68:7a:f5:8a:9c:24:
9b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FC:EE:FF:5C:33:49:FE:93:55:56:8E:DF:F1:85:39:B6:0C:31:84
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lvzu_1wzSf6TVVaO3_GFObYMMYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.41.0-45.123.43.255
45.141.200.0/22
185.35.136.0/22
IPv6:
2a0b:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:47:60:bc:b9:60:85:34:f1:6c:a3:1e:64:fa:e8:66:ac:33:
8e:83:37:ad:c0:c8:9d:de:11:1a:30:2d:ed:e8:47:0f:da:c4:
05:46:7d:30:f2:5f:14:c5:0c:89:c9:04:6a:aa:6e:c5:4f:b5:
6a:83:44:f2:05:d7:ff:5f:61:a6:ef:0b:40:80:c8:dd:64:5a:
80:20:e1:b2:e3:84:48:63:3d:6d:5b:a1:94:1b:b0:e5:b3:33:
f8:fa:6b:3b:07:80:a1:7f:43:96:c0:53:b9:7e:50:83:9f:75:
2c:f8:8a:94:d3:91:30:57:b7:6c:6c:c2:81:3b:ef:c8:f1:cb:
42:d3:1f:f7:7d:25:a6:5c:4e:cf:34:94:40:a6:ec:37:63:9c:
82:a2:b0:9b:43:7d:a3:ff:1e:ac:c5:99:af:f1:fe:3e:d3:ef:
63:9c:46:0b:ed:5f:93:c6:62:71:a4:da:dd:2c:2f:40:05:02:
ef:f7:cf:d6:b2:af:87:a7:04:f7:c4:d8:f5:4b:b5:3b:93:b7:
e0:e7:2e:2c:da:7d:88:62:a7:15:3c:37:4a:24:47:ff:1d:22:
e3:13:cf:19:f3:bd:a7:e8:1a:99:89:2e:8a:cf:d7:9e:67:c4:
b0:e5:ac:4c:6f:fe:df:81:71:52:c6:0e:b9:3d:98:98:84:eb:
96:9c:17:2b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYwj4MMZm/ztEHC6Cry5DiVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjAxMDUzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmZjZWVmZjVjMzM0OWZlOTM1NTU2OGVkZmYxODUzOWI2MGMzMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+nTNBRj4tKkqrvwWFCrTPeSdb/y
u9f3qNAV39xxJM2paWkRpX/bfXNqICweqBOLV/vs3jQFnE9doRacKkMBJoqm3AJ1
y/OwGliSSutfH2hqlnli8M9jt1kp98iCPcv2za2zcU45YSkNMr1eO6H79XxdmVsI
vqCyvSfS5DyUZQU7mlNllUSx0MSoeSS7w0jf+Z7aldIN6b+Le1+y0lhYXFTGz8hw
S0jlDyNgnURiBPvxTH52MmVHwzQ97x46fwOGS6TMDAMgSEcnxYo2dbjvs4tOGdct
cHaXJb10n6zfGSp6/fUteu8Z0C0qZAAjjeHE2WcMNffvIYtoevWKnCSbLQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJb87v9cM0n+k1VWjt/xhTm2DDGEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbHZ6dV8xd3pTZjZUVlZhTzNfR0ZPYllNTVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAAteykD
BAIteygDBAItjcgDBAK5I4gwDQQCAAIwBwMFACoLZMAwDQYJKoZIhvcNAQELBQAD
ggEBAC9HYLy5YIU08WyjHmT66GasM46DN63AyJ3eERowLe3oRw/axAVGfTDyXxTF
DInJBGqqbsVPtWqDRPIF1/9fYabvC0CAyN1kWoAg4bLjhEhjPW1boZQbsOWzM/j6
azsHgKF/Q5bAU7l+UIOfdSz4ipTTkTBXt2xswoE778jxy0LTH/d9JaZcTs80lECm
7DdjnIKisJtDfaP/HqzFma/x/j7T72OcRgvtX5PGYnGk2t0sL0AFAu/3z9ayr4en
BPfE2PVLtTuTt+DnLizafYhipxU8N0okR/8dIuMTzxnzvafoGpmJLorP155nxLDl
rExv/t+BcVLGDrk9mJiE65acFys=
-----END CERTIFICATE-----
Generated at Wed Dec 6 14:18:44 2023 by rpki-client on console-ams.rpki-client.org