Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/lMnCUAX-e95PK4WqfVa2H1Pe-zc.roa
File: lMnCUAX-e95PK4WqfVa2H1Pe-zc.roa (raw, json)
Hash identifier: MyDGdBTtVoK0CV9fJd1tOtTXYqPvziwJPiSlLxEF2x4=
Subject key identifier: 94:C9:C2:50:05:FE:7B:DE:4F:2B:85:AA:7D:56:B6:1F:53:DE:FB:37
Certificate issuer: /CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
Certificate serial: 01857102D52E98A111F51EB318579E38A7A3
Authority key identifier: 2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/lMnCUAX-e95PK4WqfVa2H1Pe-zc.roa
Signing time: Mon 02 Jan 2023 05:44:48 +0000
ROA not before: Mon 02 Jan 2023 05:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201565
IP address blocks: 185.62.249.0/24 maxlen: 24
185.62.248.0/24 maxlen: 24
185.62.251.0/24 maxlen: 24
185.62.250.0/24 maxlen: 24
2a03:820:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:d5:2e:98:a1:11:f5:1e:b3:18:57:9e:38:a7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
Validity
Not Before: Jan 2 05:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94c9c25005fe7bde4f2b85aa7d56b61f53defb37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:87:a6:80:46:16:31:bc:d0:0c:a2:2f:5f:af:
bd:0c:23:c3:86:fa:90:74:b8:58:f1:76:66:fb:24:
b5:e6:d9:1e:e3:b6:64:91:c3:d7:a2:e3:9b:ed:aa:
45:dd:04:cf:f6:e1:09:c4:32:71:d7:a8:93:ae:23:
0c:8e:f7:eb:7c:d6:66:dd:e4:8d:d2:90:ed:8e:76:
c0:b4:48:9a:f2:5b:fd:35:e7:38:c0:82:dc:87:e7:
a3:ce:8c:9e:00:3c:27:af:b8:b3:85:8f:ce:fe:81:
19:bd:52:ee:75:db:90:68:7f:83:69:37:7f:70:1d:
8f:ae:a5:cc:35:2a:86:eb:dd:bf:41:da:fb:54:15:
8f:9f:8f:ab:2d:19:82:b7:e6:9d:8f:a2:8e:1e:62:
9c:4f:b5:66:f4:90:e9:bb:a3:14:1c:dd:1e:cc:14:
8b:41:8d:f5:4a:3c:23:90:af:e2:42:83:2d:8a:70:
50:e2:eb:34:ae:89:75:04:3b:38:99:9b:68:05:6d:
b1:f6:10:39:1a:91:f5:c2:6d:67:00:eb:78:71:9f:
69:7b:02:11:dc:b5:7b:8e:72:2f:68:39:e8:ee:8f:
18:ee:a8:38:29:5f:26:59:27:20:77:59:73:92:23:
0d:cd:5d:86:52:55:c4:e2:7e:b4:1b:4f:4e:a8:12:
c3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C9:C2:50:05:FE:7B:DE:4F:2B:85:AA:7D:56:B6:1F:53:DE:FB:37
X509v3 Authority Key Identifier:
keyid:2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/lMnCUAX-e95PK4WqfVa2H1Pe-zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/LzZ8eUn6D2zwWiECfnW4RhLcE7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.248.0/22
IPv6:
2a03:820:4000::/36
Signature Algorithm: sha256WithRSAEncryption
5c:94:e5:69:da:1e:a6:4f:15:66:cc:51:72:c3:46:1d:7c:73:
32:a4:25:48:c0:ec:da:5c:d2:79:c7:05:98:15:16:ac:61:aa:
0d:41:4f:ca:be:ae:b5:09:f6:36:6d:73:ac:40:8b:ed:42:80:
1f:27:71:65:b2:46:90:fa:5e:68:cd:eb:94:1d:3d:ff:1a:bf:
6a:e9:50:b0:0c:1d:9e:62:32:0e:15:67:04:72:0f:65:82:c1:
d8:66:92:64:62:3b:2a:0d:b9:10:63:2e:e9:7d:9b:83:73:41:
f6:3a:c8:e8:c0:b4:10:06:c5:58:f1:43:49:3e:bf:ff:82:49:
8c:3b:4c:13:61:5b:e8:38:ab:45:06:d8:3e:3a:3c:ba:d2:71:
dd:3b:1d:ae:1e:93:0f:45:27:a1:d6:44:2b:18:87:78:5e:03:
f9:8c:f5:c1:63:a0:e6:56:ab:57:58:e5:ef:79:f9:4a:a7:5d:
aa:04:45:39:91:ed:1f:cf:7c:0d:01:5c:fd:23:4d:a1:67:96:
14:d5:79:4a:6b:0a:ca:1d:79:2a:f9:8f:a0:89:4d:75:18:a2:
0d:7e:d4:ee:04:f8:74:0e:95:fd:e1:3b:d4:b1:cf:c2:32:6f:
e4:e3:72:c0:90:2a:14:ae:1f:2a:6c:0b:0d:18:4a:bb:14:5a:
79:cb:a3:c6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxAtUumKER9R6zGFeeOKejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzY3Yzc5NDlmYTBmNmNmMDVhMjEwMjdlNzViODQ2MTJk
YzEzYjAwHhcNMjMwMTAyMDU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGM5YzI1MDA1ZmU3YmRlNGYyYjg1YWE3ZDU2YjYxZjUzZGVmYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYemgEYWMbzQDKIvX6+9DCPDhvqQ
dLhY8XZm+yS15tke47ZkkcPXouOb7apF3QTP9uEJxDJx16iTriMMjvfrfNZm3eSN
0pDtjnbAtEia8lv9Nec4wILch+ejzoyeADwnr7izhY/O/oEZvVLudduQaH+DaTd/
cB2PrqXMNSqG692/Qdr7VBWPn4+rLRmCt+adj6KOHmKcT7Vm9JDpu6MUHN0ezBSL
QY31SjwjkK/iQoMtinBQ4us0rol1BDs4mZtoBW2x9hA5GpH1wm1nAOt4cZ9pewIR
3LV7jnIvaDno7o8Y7qg4KV8mWScgd1lzkiMNzV2GUlXE4n60G09OqBLD8QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJTJwlAF/nveTyuFqn1Wth9T3vs3MB8GA1UdIwQY
MBaAFC82fHlJ+g9s8FohAn51uEYS3BOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpaOGVVbjZEMnp3V2lFQ2ZuVzRSaExjRTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wOGUxODMtNjRlYi00OTk5LTlmNzgt
N2NlNzMyMjY3MWViLzEvbE1uQ1VBWC1lOTVQSzRXcWZWYTJIMVBlLXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wOGUxODMtNjRlYi00OTk5LTlmNzgtN2NlNzMyMjY3MWVi
LzEvTHpaOGVVbjZEMnp3V2lFQ2ZuVzRSaExjRTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuT74MA4E
AgACMAgDBgQqAwggQDANBgkqhkiG9w0BAQsFAAOCAQEAXJTladoepk8VZsxRcsNG
HXxzMqQlSMDs2lzSeccFmBUWrGGqDUFPyr6utQn2Nm1zrECL7UKAHydxZbJGkPpe
aM3rlB09/xq/aulQsAwdnmIyDhVnBHIPZYLB2GaSZGI7Kg25EGMu6X2bg3NB9jrI
6MC0EAbFWPFDST6//4JJjDtME2Fb6DirRQbYPjo8utJx3Tsdrh6TD0UnodZEKxiH
eF4D+Yz1wWOg5larV1jl73n5SqddqgRFOZHtH898DQFc/SNNoWeWFNV5SmsKyh15
KvmPoIlNdRiiDX7U7gT4dA6V/eE71LHPwjJv5ONywJAqFK4fKmwLDRhKuxRaecuj
xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:38 2024 by rpki-client on console-fra.rpki-client.org