Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/LzBk8RWgmbE413vKLj14942qOyg.roa
File: LzBk8RWgmbE413vKLj14942qOyg.roa (raw, json)
Hash identifier: 7N/CmhH2988ngTXkKmlnllPByeJ6bFnFtoMKnknJGuA=
Subject key identifier: 2F:30:64:F1:15:A0:99:B1:38:D7:7B:CA:2E:3D:78:F7:8D:AA:3B:28
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AC881C0D6F424DFD6A7CE829C931B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/LzBk8RWgmbE413vKLj14942qOyg.roa
Signing time: Mon 02 Jan 2023 17:15:04 +0000
ROA not before: Mon 02 Jan 2023 17:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62332
IP address blocks: 185.120.84.0/22 maxlen: 24
185.42.240.0/22 maxlen: 24
185.86.212.0/22 maxlen: 24
185.39.68.0/22 maxlen: 24
2a04:7cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:c8:81:c0:d6:f4:24:df:d6:a7:ce:82:9c:93:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f3064f115a099b138d77bca2e3d78f78daa3b28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:15:86:f1:e7:c8:47:c1:1a:da:01:86:ad:ac:
9e:28:f9:11:e7:e4:06:7e:ff:28:9d:8d:2c:4d:f7:
82:29:24:c8:01:fd:c6:2d:bf:d2:a7:e2:53:11:9f:
88:ff:c8:21:2b:8d:d6:83:c9:20:f9:ba:e3:9f:f5:
7a:3c:92:3b:fe:d8:29:26:19:f9:52:69:37:6b:12:
0c:ad:57:cb:0d:7a:40:dc:d0:5e:76:dc:65:e5:07:
c2:0f:0b:7b:6a:fd:b6:36:43:49:13:a2:78:5a:f7:
88:4a:44:17:2f:38:1f:0d:7d:30:d5:c7:fe:1d:77:
ed:95:86:59:fe:42:c9:4b:35:b3:3e:da:e7:11:66:
e3:11:d7:5d:83:ab:23:a3:f8:d3:20:2d:7b:21:20:
cb:09:0e:29:e5:fc:d4:18:c8:b0:40:03:bd:5c:8a:
78:d1:8d:de:57:26:d4:6d:37:15:e7:ad:ea:d7:b1:
b0:12:97:42:13:f6:2a:13:cc:fd:94:a9:a3:cd:99:
dd:bb:85:10:7b:05:d2:4c:b2:09:77:f9:ca:e4:84:
a4:87:65:cc:03:02:08:bc:8f:3a:9d:46:ad:44:36:
ff:7e:87:ab:e5:5b:a8:db:c8:55:fd:91:c4:2a:a7:
cb:e2:f8:1b:d8:df:2f:8b:38:90:34:c5:2d:ed:68:
25:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:30:64:F1:15:A0:99:B1:38:D7:7B:CA:2E:3D:78:F7:8D:AA:3B:28
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/LzBk8RWgmbE413vKLj14942qOyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.68.0/22
185.42.240.0/22
185.86.212.0/22
185.120.84.0/22
IPv6:
2a04:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:16:4b:c8:29:f9:64:32:6d:79:d3:1f:4a:d2:9b:db:33:51:
f6:58:af:1a:19:00:0c:c3:93:13:75:8a:d4:f8:40:ce:9b:e2:
5d:d7:54:1a:da:a7:8f:55:e9:29:c3:c5:3d:6b:75:cb:fa:32:
3a:38:95:f2:81:1f:0d:d7:55:8b:51:45:64:67:a5:ac:15:bb:
73:7b:14:b8:c7:71:27:ac:e9:68:6a:0f:92:98:42:23:55:cf:
20:fa:39:b3:0b:c7:43:d6:85:e8:94:28:ff:1a:98:d2:6b:2a:
1e:a0:b4:48:78:84:7f:23:b1:92:51:28:e7:c9:5f:e5:99:8c:
8e:bb:8f:71:60:26:1b:81:03:0e:0b:61:49:88:f7:c2:c0:b5:
3c:54:dd:48:56:4c:fe:ea:05:c1:90:00:4c:20:e2:3d:db:e7:
a2:10:e4:5c:94:18:ef:07:ef:a7:9c:d7:34:81:b2:00:d4:03:
8f:a2:cb:f8:db:cb:ed:ff:b9:e3:a3:5a:a3:5e:7d:5f:40:14:
2d:7c:f1:e2:e7:f1:3d:77:b7:e0:7d:ef:35:e3:80:75:f2:41:
e6:27:7b:b3:bd:aa:d1:9f:f7:81:60:30:1f:87:5a:2a:12:2b:
34:b4:10:95:92:64:3a:af:d2:f5:f3:6c:1a:96:d9:0d:03:d7:
e5:35:a8:e1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzesiBwNb0JN/Wp86CnJMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMwNjRmMTE1YTA5OWIxMzhkNzdiY2EyZTNkNzhmNzhkYWEzYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRWG8efIR8Ea2gGGrayeKPkR5+QG
fv8onY0sTfeCKSTIAf3GLb/Sp+JTEZ+I/8ghK43Wg8kg+brjn/V6PJI7/tgpJhn5
Umk3axIMrVfLDXpA3NBedtxl5QfCDwt7av22NkNJE6J4WveISkQXLzgfDX0w1cf+
HXftlYZZ/kLJSzWzPtrnEWbjEdddg6sjo/jTIC17ISDLCQ4p5fzUGMiwQAO9XIp4
0Y3eVybUbTcV563q17GwEpdCE/YqE8z9lKmjzZndu4UQewXSTLIJd/nK5ISkh2XM
AwIIvI86nUatRDb/foer5Vuo28hV/ZHEKqfL4vgb2N8viziQNMUt7Wgl+wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC8wZPEVoJmxONd7yi49ePeNqjsoMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvTHpCazhSV2dtYkU0MTN2S0xqMTQ5NDJxT3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSdEAwQC
uSrwAwQCuVbUAwQCuXhUMA0EAgACMAcDBQMqBHzAMA0GCSqGSIb3DQEBCwUAA4IB
AQCkFkvIKflkMm150x9K0pvbM1H2WK8aGQAMw5MTdYrU+EDOm+Jd11Qa2qePVekp
w8U9a3XL+jI6OJXygR8N11WLUUVkZ6WsFbtzexS4x3EnrOloag+SmEIjVc8g+jmz
C8dD1oXolCj/GpjSayoeoLRIeIR/I7GSUSjnyV/lmYyOu49xYCYbgQMOC2FJiPfC
wLU8VN1IVkz+6gXBkABMIOI92+eiEORclBjvB++nnNc0gbIA1AOPosv428vt/7nj
o1qjXn1fQBQtfPHi5/E9d7fgfe8144B18kHmJ3uzvarRn/eBYDAfh1oqEis0tBCV
kmQ6r9L182waltkNA9flNajh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org