Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/lLb0y-1y2b9nLVu8iZYvCL635Uc.roa
File: lLb0y-1y2b9nLVu8iZYvCL635Uc.roa (raw, json)
Hash identifier: NP6E4RREpaktZhCVEnOKktfQGp1ULHgLa3qg+uqdrdU=
Subject key identifier: 94:B6:F4:CB:ED:72:D9:BF:67:2D:5B:BC:89:96:2F:08:BE:B7:E5:47
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571155BE5727C50F983BBFC1BA45A6CEF
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/lLb0y-1y2b9nLVu8iZYvCL635Uc.roa
Signing time: Mon 02 Jan 2023 06:05:03 +0000
ROA not before: Mon 02 Jan 2023 06:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203689
IP address blocks: 157.25.130.0/23 maxlen: 23
157.25.174.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:5b:e5:72:7c:50:f9:83:bb:fc:1b:a4:5a:6c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94b6f4cbed72d9bf672d5bbc89962f08beb7e547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:35:82:cf:87:7f:82:54:bf:bf:5d:19:d5:08:
7a:b1:05:31:95:07:86:4d:2e:0a:55:57:45:0c:55:
92:ed:32:b4:df:94:45:3d:76:52:3c:fb:a7:77:9c:
cd:de:67:c5:c1:bd:f4:6d:5d:20:52:e2:bf:93:0a:
88:77:f9:82:75:9f:48:02:47:f0:8a:aa:da:3f:4f:
86:4c:5c:66:84:2e:8c:99:e3:b5:45:28:59:96:78:
9d:3a:a9:64:24:c8:32:0b:90:bb:c8:18:c2:50:40:
31:86:b1:50:7d:3f:45:25:ca:29:b4:b6:87:c2:7b:
dc:0f:fa:e3:2b:6c:3e:ad:ca:1b:e2:b3:85:c7:c8:
4b:10:21:12:f9:f9:b9:21:81:9d:58:f7:95:d4:10:
5c:73:49:77:f1:3b:17:27:c8:ee:01:6d:eb:01:15:
8a:ff:6a:5f:ba:66:67:fc:e0:40:16:f1:9b:5e:4b:
83:9a:e3:58:d6:e2:2f:80:29:d7:0b:59:4e:d5:3e:
e2:82:ec:11:93:76:59:d5:55:89:8e:13:f9:50:28:
19:89:59:ef:5e:d3:71:4f:25:2f:9e:3e:2d:23:ca:
02:6c:6a:9c:dc:61:1c:31:45:63:26:04:f8:39:92:
60:e2:ce:c4:a8:5d:03:0e:16:74:ec:8b:fa:7b:e2:
c1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B6:F4:CB:ED:72:D9:BF:67:2D:5B:BC:89:96:2F:08:BE:B7:E5:47
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/lLb0y-1y2b9nLVu8iZYvCL635Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.130.0/23
157.25.174.0/23
Signature Algorithm: sha256WithRSAEncryption
92:72:34:dc:2a:a2:b0:7b:4b:4e:9a:32:63:43:3a:c2:07:bd:
5b:4c:d0:ee:65:30:ee:4b:bd:bc:95:17:c0:eb:0c:93:f8:52:
0f:65:eb:0d:fb:0c:74:06:de:9e:48:8b:1b:cd:28:c7:b0:6a:
c8:4b:c4:46:91:c7:fe:ad:87:94:1f:77:4a:01:49:06:a9:40:
76:a1:c5:13:1c:74:5d:78:bc:06:7a:55:03:25:c6:ea:e5:db:
61:7b:7e:1d:33:20:15:e9:d9:01:28:ee:d8:bd:29:dd:30:ab:
9d:be:3d:39:eb:d4:30:86:a4:24:fa:12:43:2d:75:09:a4:37:
40:bb:b5:c6:76:28:62:61:c8:f6:e4:fb:05:24:d7:27:46:ba:
f7:57:35:5b:0c:54:a8:9b:71:59:85:29:3a:5e:15:4c:81:13:
ab:a8:c2:3d:f5:da:2d:19:3f:0d:65:55:db:ae:2f:e1:d1:0c:
65:be:18:c8:ee:4f:e2:94:bf:9e:f0:5d:b5:b1:01:d5:a4:1f:
ac:64:89:c0:04:45:46:9d:00:5e:70:5f:78:51:fb:99:bb:10:
32:d8:ae:87:c4:06:04:60:40:e8:8c:b2:5d:16:3f:01:c0:6d:
4a:fb:09:96:49:3f:08:5e:d4:05:e1:57:bc:e7:db:4a:d0:96:
ed:07:37:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxFVvlcnxQ+YO7/BukWmzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGI2ZjRjYmVkNzJkOWJmNjcyZDViYmM4OTk2MmYwOGJlYjdlNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozWCz4d/glS/v10Z1Qh6sQUxlQeG
TS4KVVdFDFWS7TK035RFPXZSPPund5zN3mfFwb30bV0gUuK/kwqId/mCdZ9IAkfw
iqraP0+GTFxmhC6MmeO1RShZlnidOqlkJMgyC5C7yBjCUEAxhrFQfT9FJcoptLaH
wnvcD/rjK2w+rcob4rOFx8hLECES+fm5IYGdWPeV1BBcc0l38TsXJ8juAW3rARWK
/2pfumZn/OBAFvGbXkuDmuNY1uIvgCnXC1lO1T7iguwRk3ZZ1VWJjhP5UCgZiVnv
XtNxTyUvnj4tI8oCbGqc3GEcMUVjJgT4OZJg4s7EqF0DDhZ07Iv6e+LBqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJS29Mvtctm/Zy1bvImWLwi+t+VHMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvbExiMHktMXkyYjluTFZ1OGlaWXZDTDYzNVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnRmCAwQB
nRmuMA0GCSqGSIb3DQEBCwUAA4IBAQCScjTcKqKwe0tOmjJjQzrCB71bTNDuZTDu
S728lRfA6wyT+FIPZesN+wx0Bt6eSIsbzSjHsGrIS8RGkcf+rYeUH3dKAUkGqUB2
ocUTHHRdeLwGelUDJcbq5dthe34dMyAV6dkBKO7YvSndMKudvj0569QwhqQk+hJD
LXUJpDdAu7XGdihiYcj25PsFJNcnRrr3VzVbDFSom3FZhSk6XhVMgROrqMI99dot
GT8NZVXbri/h0QxlvhjI7k/ilL+e8F21sQHVpB+sZInABEVGnQBecF94UfuZuxAy
2K6HxAYEYEDojLJdFj8BwG1K+wmWST8IXtQF4Ve859tK0JbtBzfR
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:22 2024 by rpki-client on console-ams.rpki-client.org