Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/LNjDwatX0Gppfy1j3QSxrxXiG6s.roa
File: LNjDwatX0Gppfy1j3QSxrxXiG6s.roa (raw, json)
Hash identifier: TQlzgoNkatGvMOYoKPpe6mR5A2RezWvnDZ8ABe7J748=
Subject key identifier: 2C:D8:C3:C1:AB:57:D0:6A:69:7F:2D:63:DD:04:B1:AF:15:E2:1B:AB
Certificate issuer: /CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Certificate serial: 01856ED4D4F5A80E60B13B4024014F54C3D7
Authority key identifier: 7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/LNjDwatX0Gppfy1j3QSxrxXiG6s.roa
Signing time: Sun 01 Jan 2023 19:35:19 +0000
ROA not before: Sun 01 Jan 2023 19:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50819
IP address blocks: 185.18.226.0/23 maxlen: 23
185.102.88.0/22 maxlen: 22
2a0c:eec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d4:f5:a8:0e:60:b1:3b:40:24:01:4f:54:c3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Validity
Not Before: Jan 1 19:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cd8c3c1ab57d06a697f2d63dd04b1af15e21bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:5d:9d:86:ec:d8:49:67:20:ea:90:fd:4a:
38:5c:fb:be:14:c7:7a:38:9b:02:f4:3a:fd:8e:4b:
36:93:3b:10:80:c1:95:32:b8:e1:90:7c:16:20:70:
08:16:55:13:0e:28:fa:f0:f3:ff:1f:be:f8:b3:69:
86:5d:6f:83:dc:e6:75:c6:c8:bc:de:f4:67:18:b5:
01:ae:45:0b:b6:d1:be:bd:cc:b0:cf:9b:e1:43:86:
ab:b6:b6:a8:7a:ab:17:6e:ba:2f:a4:be:14:10:94:
95:1c:9f:36:7f:81:9f:12:93:df:6a:9e:30:c0:a3:
02:2a:89:aa:58:43:f3:c1:07:5d:62:af:5d:29:1f:
07:ca:cf:61:71:0c:a8:67:3f:71:0b:54:a7:98:b1:
78:6e:a5:8b:d7:f3:79:d3:a8:8e:ca:20:74:ab:a2:
6d:f9:f2:dd:d4:43:09:20:04:75:bf:64:07:6c:05:
f3:be:f2:1f:ba:3e:9a:16:5b:83:4b:d8:6f:3a:75:
92:50:da:ba:e9:d5:4e:11:02:92:54:a6:24:c8:72:
09:b6:8f:1f:e1:24:3f:de:a7:66:36:5d:fe:c8:ac:
ab:19:b5:1e:aa:9e:41:50:3f:70:7f:6f:2a:e7:70:
1e:b8:0e:4d:78:d4:30:9f:62:3d:be:06:87:28:6e:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D8:C3:C1:AB:57:D0:6A:69:7F:2D:63:DD:04:B1:AF:15:E2:1B:AB
X509v3 Authority Key Identifier:
keyid:7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/LNjDwatX0Gppfy1j3QSxrxXiG6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.226.0/23
185.102.88.0/22
IPv6:
2a0c:eec0::/29
Signature Algorithm: sha256WithRSAEncryption
43:06:50:3d:f1:b4:67:e4:4b:0c:7e:06:0a:5e:db:c7:54:64:
64:24:8b:8f:89:4a:74:83:aa:46:64:e9:a0:bb:5c:41:62:ee:
1c:96:33:be:18:a0:07:bf:6b:35:58:5c:d9:8a:38:b2:62:d9:
53:57:d6:59:9d:d5:c5:fd:f8:ea:5a:cc:92:9e:8f:96:2f:1f:
64:23:49:cb:16:07:a6:b7:db:7d:ae:f0:fa:6c:41:cd:3e:ed:
d4:b1:ea:4c:15:8f:92:96:cc:77:81:5b:75:18:18:32:15:02:
92:4f:68:55:45:19:90:06:be:89:77:6c:1d:9b:a4:08:59:38:
bb:f9:d8:54:18:44:c0:c7:d6:27:fc:fd:58:6a:73:7f:47:de:
12:97:67:f6:2e:b3:20:03:45:c7:57:ca:0d:91:24:3d:94:73:
32:c4:72:df:a0:61:3c:ee:e1:57:ca:da:ab:d3:40:6c:9d:f6:
2d:f5:31:fd:ee:9f:76:3b:f9:e2:2d:16:f6:87:51:bc:bc:e4:
2b:a1:96:79:95:50:62:b4:81:a8:bb:84:a9:c0:e2:be:71:42:
23:9d:5b:e5:1f:4c:2a:29:d4:e4:b7:2f:17:a8:59:b1:a9:34:
9c:90:b3:c5:b1:f9:cf:5d:a9:a5:c3:4f:80:06:75:9a:3e:48:
68:3a:24:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVu1NT1qA5gsTtAJAFPVMPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZWM3MjgzN2VmYmJjNGVhNmRkZDRiZTk0MzYxOTE2YjRj
MzYyZGEwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q4YzNjMWFiNTdkMDZhNjk3ZjJkNjNkZDA0YjFhZjE1ZTIxYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO9dnYbs2ElnIOqQ/Uo4XPu+FMd6
OJsC9Dr9jks2kzsQgMGVMrjhkHwWIHAIFlUTDij68PP/H774s2mGXW+D3OZ1xsi8
3vRnGLUBrkULttG+vcywz5vhQ4artraoeqsXbrovpL4UEJSVHJ82f4GfEpPfap4w
wKMCKomqWEPzwQddYq9dKR8Hys9hcQyoZz9xC1SnmLF4bqWL1/N506iOyiB0q6Jt
+fLd1EMJIAR1v2QHbAXzvvIfuj6aFluDS9hvOnWSUNq66dVOEQKSVKYkyHIJto8f
4SQ/3qdmNl3+yKyrGbUeqp5BUD9wf28q53AeuA5NeNQwn2I9vgaHKG5E9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCzYw8GrV9BqaX8tY90Esa8V4hurMB8GA1UdIwQY
MBaAFH3scoN++7xOpt3UvpQ2GRa0w2LaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUt
Mzg2NjE3YTY2NGZlLzEvTE5qRHdhdFgwR3BwZnkxajNRU3hyeFhpRzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUtMzg2NjE3YTY2NGZl
LzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuRLiAwQC
uWZYMA0EAgACMAcDBQMqDO7AMA0GCSqGSIb3DQEBCwUAA4IBAQBDBlA98bRn5EsM
fgYKXtvHVGRkJIuPiUp0g6pGZOmgu1xBYu4cljO+GKAHv2s1WFzZijiyYtlTV9ZZ
ndXF/fjqWsySno+WLx9kI0nLFgemt9t9rvD6bEHNPu3UsepMFY+Slsx3gVt1GBgy
FQKST2hVRRmQBr6Jd2wdm6QIWTi7+dhUGETAx9Yn/P1YanN/R94Sl2f2LrMgA0XH
V8oNkSQ9lHMyxHLfoGE87uFXytqr00BsnfYt9TH97p92O/niLRb2h1G8vOQroZZ5
lVBitIGou4SpwOK+cUIjnVvlH0wqKdTkty8XqFmxqTSckLPFsfnPXamlw0+ABnWa
PkhoOiSQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:04 2024 by rpki-client on console-ams.rpki-client.org