Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/lOZcIA1plfsk1tnA6l4cxW7VLGo.roa
File: lOZcIA1plfsk1tnA6l4cxW7VLGo.roa (raw, json)
Hash identifier: nn3sybqFgrh503fXysZBPSdUq0Lv6AWnywKn76jn61o=
Subject key identifier: 94:E6:5C:20:0D:69:95:FB:24:D6:D9:C0:EA:5E:1C:C5:6E:D5:2C:6A
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 01856C7844C9EBCDF838DA542778075E8CFB
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/lOZcIA1plfsk1tnA6l4cxW7VLGo.roa
Signing time: Sun 01 Jan 2023 08:34:59 +0000
ROA not before: Sun 01 Jan 2023 08:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208149
IP address blocks: 185.83.72.0/22 maxlen: 24
94.154.134.0/23 maxlen: 24
45.153.182.0/23 maxlen: 24
91.220.176.0/24 maxlen: 24
185.117.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:44:c9:eb:cd:f8:38:da:54:27:78:07:5e:8c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94e65c200d6995fb24d6d9c0ea5e1cc56ed52c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f8:f4:5e:8e:f5:4a:73:a5:51:95:35:01:c3:
26:9f:04:e9:e3:19:c6:7e:3b:17:0e:c3:6d:d9:2b:
3f:b1:c1:3b:04:a9:cf:23:fd:6d:10:b9:7b:ca:09:
c9:02:cb:26:31:13:3b:ac:63:83:4d:b2:dd:2c:45:
91:65:54:e6:fb:e9:be:c0:ff:ef:f4:2a:96:bc:18:
17:ec:55:cb:32:9e:7f:f4:e6:2f:45:20:13:5e:38:
3a:fc:bb:f2:eb:35:cb:14:e4:b3:f1:e6:79:6a:e5:
76:72:84:27:e1:86:52:d7:b6:3e:62:bb:5f:43:9f:
e0:5a:9e:0d:39:7d:c5:a9:f0:5a:25:3a:4a:18:bf:
8e:1e:20:c6:ec:e7:d3:d7:57:20:95:b4:11:22:0d:
f6:9c:b1:3c:c8:39:01:26:f9:84:b1:60:ff:9b:ed:
1d:64:4a:4e:4a:72:24:d4:47:8d:ac:d5:42:b7:ef:
18:7e:d5:fe:ba:fa:c6:dc:84:b9:f9:3c:50:6b:d4:
69:2f:ce:dc:ad:fb:aa:c1:05:01:b1:32:5f:31:6c:
6e:7c:51:e0:d3:fd:98:be:85:39:93:12:66:65:5c:
78:96:9b:22:e3:c9:f5:cf:6e:40:56:e7:a7:ff:b2:
ad:01:19:12:8a:a0:bf:f4:42:1b:77:bf:40:87:81:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E6:5C:20:0D:69:95:FB:24:D6:D9:C0:EA:5E:1C:C5:6E:D5:2C:6A
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/lOZcIA1plfsk1tnA6l4cxW7VLGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.182.0/23
91.220.176.0/24
94.154.134.0/23
185.83.72.0/22
185.117.35.0/24
Signature Algorithm: sha256WithRSAEncryption
44:f7:1b:31:22:4d:e3:f0:fa:c4:0d:fe:08:0c:0d:92:aa:e2:
53:d5:dc:14:32:77:31:b8:62:16:d0:df:af:74:c7:43:0a:08:
79:83:d9:80:e0:1e:ee:ae:89:49:0f:3f:82:88:17:e7:6e:e3:
3b:cd:6b:45:b2:fd:b3:0d:21:20:9a:d3:13:be:c3:a6:11:db:
1b:79:9a:9e:79:dd:08:fb:6f:13:e8:6c:8f:dc:56:83:31:ae:
94:2a:97:38:25:f6:10:7e:65:11:4a:4e:83:5a:bf:9c:db:c2:
03:2f:d4:5b:d0:a4:68:3a:dd:29:c5:5e:e2:1c:34:8f:94:c1:
d4:95:9f:df:3e:4a:e1:df:7a:c7:8a:8c:09:99:a1:8a:72:52:
d9:c8:b0:8d:68:d0:3a:d8:d8:7d:05:c5:5b:7c:80:01:70:36:
97:40:23:21:28:16:c3:af:55:ac:d9:d2:67:e1:fa:8c:b7:15:
57:9d:5f:fa:cf:af:f5:3f:be:32:f7:ce:69:c1:69:c6:cf:eb:
bf:ab:eb:4d:79:b0:3b:75:8c:2b:7a:3f:f5:d5:8f:46:9e:fb:
98:cf:d3:c6:73:ea:9f:d5:c3:29:90:ce:b3:68:e4:68:95:8c:
b4:56:68:eb:b4:67:a3:91:25:92:c4:78:d1:cc:56:86:90:a1:
f6:b4:85:07
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVseETJ6834ONpUJ3gHXoz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjMwMTAxMDgzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU2NWMyMDBkNjk5NWZiMjRkNmQ5YzBlYTVlMWNjNTZlZDUyYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfj0Xo71SnOlUZU1AcMmnwTp4xnG
fjsXDsNt2Ss/scE7BKnPI/1tELl7ygnJAssmMRM7rGODTbLdLEWRZVTm++m+wP/v
9CqWvBgX7FXLMp5/9OYvRSATXjg6/Lvy6zXLFOSz8eZ5auV2coQn4YZS17Y+Yrtf
Q5/gWp4NOX3FqfBaJTpKGL+OHiDG7OfT11cglbQRIg32nLE8yDkBJvmEsWD/m+0d
ZEpOSnIk1EeNrNVCt+8YftX+uvrG3IS5+TxQa9RpL87crfuqwQUBsTJfMWxufFHg
0/2YvoU5kxJmZVx4lpsi48n1z25AVuen/7KtARkSiqC/9EIbd79Ah4EY8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJTmXCANaZX7JNbZwOpeHMVu1SxqMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvbE9aY0lBMXBsZnNrMXRuQTZsNGN4VzdWTEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLZm2AwQA
W9ywAwQBXpqGAwQCuVNIAwQAuXUjMA0GCSqGSIb3DQEBCwUAA4IBAQBE9xsxIk3j
8PrEDf4IDA2SquJT1dwUMncxuGIW0N+vdMdDCgh5g9mA4B7urolJDz+CiBfnbuM7
zWtFsv2zDSEgmtMTvsOmEdsbeZqeed0I+28T6GyP3FaDMa6UKpc4JfYQfmURSk6D
Wr+c28IDL9Rb0KRoOt0pxV7iHDSPlMHUlZ/fPkrh33rHiowJmaGKclLZyLCNaNA6
2Nh9BcVbfIABcDaXQCMhKBbDr1Ws2dJn4fqMtxVXnV/6z6/1P74y985pwWnGz+u/
q+tNebA7dYwrej/11Y9GnvuYz9PGc+qf1cMpkM6zaORolYy0VmjrtGejkSWSxHjR
zFaGkKH2tIUH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:16 2024 by rpki-client on console-ams.rpki-client.org