Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/lcu2BOYbduH33DOkTRZOFKubXc8.roa
File: lcu2BOYbduH33DOkTRZOFKubXc8.roa (raw, json)
Hash identifier: b54GyRKZNjIHNHSwSOO9fZWllXqhyvlGLdtGsfxnKmk=
Subject key identifier: 95:CB:B6:04:E6:1B:76:E1:F7:DC:33:A4:4D:16:4E:14:AB:9B:5D:CF
Certificate issuer: /CN=bf533ddba1f8a76de2ef4971fcd52f9441ce0989
Certificate serial: 0185729EE951DE08C658A089800828D2495F
Authority key identifier: BF:53:3D:DB:A1:F8:A7:6D:E2:EF:49:71:FC:D5:2F:94:41:CE:09:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1M926H4p23i70lx_NUvlEHOCYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/lcu2BOYbduH33DOkTRZOFKubXc8.roa
Signing time: Mon 02 Jan 2023 13:14:54 +0000
ROA not before: Mon 02 Jan 2023 13:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47168
IP address blocks: 46.31.67.0/24 maxlen: 24
92.255.75.0/24 maxlen: 24
92.255.74.0/24 maxlen: 24
92.255.74.0/23 maxlen: 23
92.255.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:e9:51:de:08:c6:58:a0:89:80:08:28:d2:49:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf533ddba1f8a76de2ef4971fcd52f9441ce0989
Validity
Not Before: Jan 2 13:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95cbb604e61b76e1f7dc33a44d164e14ab9b5dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:04:20:44:4a:16:ff:24:86:00:31:30:0f:49:
45:55:81:ff:03:a8:49:ae:bd:40:e6:c2:80:55:47:
d9:30:aa:a1:6f:21:7d:bd:ba:d9:67:08:5b:74:d0:
32:52:3e:62:ef:df:bd:72:63:35:cf:69:f1:76:1a:
76:76:bb:6a:71:3f:dd:bd:73:1a:89:02:0e:ae:26:
cb:04:18:2d:8a:1f:27:87:cf:a4:d1:21:d2:82:ae:
84:2a:07:7d:ef:a8:8b:80:82:12:9b:43:62:3c:2f:
25:9c:f8:b5:23:81:c2:6e:90:a1:c1:e9:7b:21:23:
7d:96:f1:6c:73:f1:f2:c3:9e:ad:ba:11:44:df:cd:
1e:42:56:5b:e6:04:48:20:30:50:f2:ef:e5:16:bf:
e9:01:39:34:b5:0e:15:6c:3c:74:d3:d9:8a:7e:ff:
76:0d:48:eb:55:73:95:d4:07:9f:ef:69:c6:c3:8a:
c2:43:f8:eb:bc:e7:81:88:be:3a:88:1c:6d:a4:72:
3d:5d:18:36:48:ad:d4:ec:25:30:d8:a3:56:04:28:
66:6d:af:41:57:e8:be:f8:8f:b7:a3:96:fa:f9:ac:
9e:fe:70:c1:34:af:35:0b:16:e0:a2:71:6b:42:bb:
81:1e:b6:60:9c:33:41:a4:4d:8a:ad:cc:49:4e:a9:
ec:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CB:B6:04:E6:1B:76:E1:F7:DC:33:A4:4D:16:4E:14:AB:9B:5D:CF
X509v3 Authority Key Identifier:
keyid:BF:53:3D:DB:A1:F8:A7:6D:E2:EF:49:71:FC:D5:2F:94:41:CE:09:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1M926H4p23i70lx_NUvlEHOCYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/lcu2BOYbduH33DOkTRZOFKubXc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/73d9a5-1c4f-44e0-a958-167191a117ee/1/v1M926H4p23i70lx_NUvlEHOCYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.67.0/24
92.255.73.0-92.255.75.255
Signature Algorithm: sha256WithRSAEncryption
62:0d:a1:25:8b:58:35:02:6e:1a:b1:37:f6:11:b6:d5:6a:45:
d9:3d:89:a4:98:fc:c8:c4:62:2c:fd:a5:15:1a:2d:28:17:67:
fe:44:bb:cc:13:5c:c7:57:bc:b3:14:02:11:3b:28:86:3a:da:
e3:15:1c:c2:56:59:82:ad:00:83:73:c3:b7:17:5f:47:7f:12:
3b:8f:9d:5b:48:70:8b:3f:6f:fb:3f:dc:28:ea:8b:1d:ca:a9:
5a:df:87:71:52:37:17:2c:98:4b:c9:d7:a3:36:a7:1e:ee:72:
e6:69:c6:10:82:a5:55:4e:ea:c7:8d:7d:bd:e0:e9:eb:68:46:
5c:71:77:eb:02:21:5a:02:50:ec:a3:21:2d:9e:9d:1e:c2:04:
f6:5a:e2:f9:10:8f:78:2f:53:09:16:64:85:dc:10:f0:9d:06:
27:eb:d7:e1:26:f6:3f:18:d6:ba:92:c8:66:f9:d9:53:8c:08:
6d:d0:dc:3e:d1:4f:66:7a:da:d1:fe:c0:62:62:48:91:fb:84:
b7:84:09:21:b8:b9:60:61:fe:c5:d3:d5:8e:b5:d0:74:48:c6:
22:4c:8d:66:33:16:28:8b:f3:6e:65:4c:9b:52:1e:40:a2:e2:
09:c9:6e:67:9c:4e:23:f5:d8:62:91:dc:45:d0:56:46:00:5d:
c0:cd:e7:40
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVynulR3gjGWKCJgAgo0klfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTMzZGRiYTFmOGE3NmRlMmVmNDk3MWZjZDUyZjk0NDFj
ZTA5ODkwHhcNMjMwMTAyMTMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNiYjYwNGU2MWI3NmUxZjdkYzMzYTQ0ZDE2NGUxNGFiOWI1ZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwQgREoW/ySGADEwD0lFVYH/A6hJ
rr1A5sKAVUfZMKqhbyF9vbrZZwhbdNAyUj5i79+9cmM1z2nxdhp2drtqcT/dvXMa
iQIOribLBBgtih8nh8+k0SHSgq6EKgd976iLgIISm0NiPC8lnPi1I4HCbpChwel7
ISN9lvFsc/Hyw56tuhFE380eQlZb5gRIIDBQ8u/lFr/pATk0tQ4VbDx009mKfv92
DUjrVXOV1Aef72nGw4rCQ/jrvOeBiL46iBxtpHI9XRg2SK3U7CUw2KNWBChmba9B
V+i++I+3o5b6+aye/nDBNK81CxbgonFrQruBHrZgnDNBpE2KrcxJTqnsxwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJXLtgTmG3bh99wzpE0WThSrm13PMB8GA1UdIwQY
MBaAFL9TPduh+Kdt4u9JcfzVL5RBzgmJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFNOTI2SDRwMjNpNzBseF9OVXZsRUhPQ1lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83M2Q5YTUtMWM0Zi00NGUwLWE5NTgt
MTY3MTkxYTExN2VlLzEvbGN1MkJPWWJkdUgzM0RPa1RSWk9GS3ViWGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83M2Q5YTUtMWM0Zi00NGUwLWE5NTgtMTY3MTkxYTExN2Vl
LzEvdjFNOTI2SDRwMjNpNzBseF9OVXZsRUhPQ1lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALh9DMAwD
BABc/0kDBAJc/0gwDQYJKoZIhvcNAQELBQADggEBAGINoSWLWDUCbhqxN/YRttVq
Rdk9iaSY/MjEYiz9pRUaLSgXZ/5Eu8wTXMdXvLMUAhE7KIY62uMVHMJWWYKtAINz
w7cXX0d/EjuPnVtIcIs/b/s/3Cjqix3KqVrfh3FSNxcsmEvJ16M2px7ucuZpxhCC
pVVO6seNfb3g6etoRlxxd+sCIVoCUOyjIS2enR7CBPZa4vkQj3gvUwkWZIXcEPCd
Bifr1+Em9j8Y1rqSyGb52VOMCG3Q3D7RT2Z62tH+wGJiSJH7hLeECSG4uWBh/sXT
1Y610HRIxiJMjWYzFiiL825lTJtSHkCi4gnJbmecTiP12GKR3EXQVkYAXcDN50A=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:17 2024 by rpki-client on console-fra.rpki-client.org