Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/LyRcuJZKPMAWoX81Z9nJlreUYvY.roa
File: LyRcuJZKPMAWoX81Z9nJlreUYvY.roa (raw, json)
Hash identifier: 8MVaOBbutsvkY+DQO0DMfh4h0kcJ5rM4z76opkBAfeU=
Subject key identifier: 2F:24:5C:B8:96:4A:3C:C0:16:A1:7F:35:67:D9:C9:96:B7:94:62:F6
Certificate issuer: /CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Certificate serial: 01856FD5339FEA334A2283E04E55C4792B0C
Authority key identifier: 9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/LyRcuJZKPMAWoX81Z9nJlreUYvY.roa
Signing time: Mon 02 Jan 2023 00:15:21 +0000
ROA not before: Mon 02 Jan 2023 00:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35266
IP address blocks: 185.81.188.0/22 maxlen: 24
46.30.8.0/21 maxlen: 24
2a01:b000::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:33:9f:ea:33:4a:22:83:e0:4e:55:c4:79:2b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Validity
Not Before: Jan 2 00:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f245cb8964a3cc016a17f3567d9c996b79462f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:09:18:27:e0:c6:0e:6d:d2:ea:53:76:b8:
2a:dc:4b:6d:e9:4f:3b:02:56:ac:03:b9:cf:53:3e:
0a:8b:1c:b6:d6:fb:a6:62:bd:07:01:d5:90:9b:06:
08:4d:8d:ad:a9:a8:78:bf:6b:cd:a6:68:eb:cd:cd:
0f:ea:1d:d7:bc:73:41:f2:a8:42:f4:7e:42:41:14:
ae:e8:47:3d:bc:42:f6:af:3a:4e:de:4a:35:87:8c:
c7:5a:c3:94:0f:a0:48:c6:29:a5:5b:65:bc:bd:70:
cb:7c:d0:af:4d:3a:cb:b2:9d:3e:52:6f:63:54:6a:
70:51:a2:55:11:21:e8:f9:1c:e9:5f:35:36:8f:23:
f1:95:74:7a:87:42:28:42:3a:74:ad:b6:68:b0:d3:
0e:a4:67:15:09:41:b9:75:c2:0d:4d:54:60:6f:d4:
c6:58:70:06:79:8d:14:de:7d:43:ab:94:ed:33:a8:
45:a4:0c:3d:68:9b:58:07:b2:0e:8b:bc:36:25:73:
28:90:83:40:2e:bd:77:f9:a0:a5:ed:f1:17:98:99:
79:cf:d0:4d:fe:44:e9:b3:c5:6d:ed:1b:c2:d2:1d:
29:b8:5d:0d:78:15:9d:b2:bc:ef:80:78:01:7c:38:
06:a4:98:62:a9:96:19:bd:89:3a:1e:4c:4d:95:04:
7f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:24:5C:B8:96:4A:3C:C0:16:A1:7F:35:67:D9:C9:96:B7:94:62:F6
X509v3 Authority Key Identifier:
keyid:9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/LyRcuJZKPMAWoX81Z9nJlreUYvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/nQp0muJcHLtlhx1BanmrSohKxGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.8.0/21
185.81.188.0/22
IPv6:
2a01:b000::/32
Signature Algorithm: sha256WithRSAEncryption
92:09:d0:f6:3a:f1:c5:b4:d4:4a:7a:ef:74:20:fb:08:3e:54:
4a:84:36:8f:1c:16:ff:1e:64:f0:53:27:1c:20:20:cb:f7:28:
0e:84:4e:75:e4:ab:d2:6b:60:3f:2a:e6:9e:15:d6:3e:c5:65:
ba:85:13:0b:23:5b:f4:2f:fe:2f:60:0d:ef:43:32:b9:77:e8:
30:30:be:6d:f9:5d:cd:66:11:39:54:f3:22:c7:54:d1:13:21:
03:6a:b6:66:56:33:39:f0:6d:81:3d:2d:84:bf:b3:3e:50:7a:
ac:dd:36:ed:00:b8:48:2b:01:ce:d1:94:0d:e4:d8:14:11:a3:
30:3c:b7:6e:bf:02:db:d9:78:c7:f8:da:67:a9:70:c8:3f:70:
9d:e9:94:9a:75:9e:72:38:99:ca:ef:07:7d:bb:68:2c:90:eb:
8d:a8:9a:34:b2:ad:53:c6:d9:55:c4:af:1e:e0:1e:d5:ee:09:
ab:c5:d5:22:4d:79:ed:22:66:ff:72:ec:13:88:cc:6d:49:d3:
c9:60:55:f5:e3:1c:c7:11:a2:a6:bb:35:73:ed:67:9c:ff:b9:
ac:f3:73:b9:6a:0d:2b:34:ad:bc:62:5a:bf:49:9e:f1:ba:05:
f3:fc:38:fd:a7:a7:ac:f5:fe:d6:4c:eb:59:46:1b:da:27:a9:
3d:4b:80:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv1TOf6jNKIoPgTlXEeSsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMGE3NDlhZTI1YzFjYmI2NTg3MWQ0MTZhNzlhYjRhODg0
YWM0NjgwHhcNMjMwMTAyMDAxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjI0NWNiODk2NGEzY2MwMTZhMTdmMzU2N2Q5Yzk5NmI3OTQ2MmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsgJGCfgxg5t0upTdrgq3Ett6U87
AlasA7nPUz4Kixy21vumYr0HAdWQmwYITY2tqah4v2vNpmjrzc0P6h3XvHNB8qhC
9H5CQRSu6Ec9vEL2rzpO3ko1h4zHWsOUD6BIximlW2W8vXDLfNCvTTrLsp0+Um9j
VGpwUaJVESHo+RzpXzU2jyPxlXR6h0IoQjp0rbZosNMOpGcVCUG5dcINTVRgb9TG
WHAGeY0U3n1Dq5TtM6hFpAw9aJtYB7IOi7w2JXMokINALr13+aCl7fEXmJl5z9BN
/kTps8Vt7RvC0h0puF0NeBWdsrzvgHgBfDgGpJhiqZYZvYk6HkxNlQR/JQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC8kXLiWSjzAFqF/NWfZyZa3lGL2MB8GA1UdIwQY
MBaAFJ0KdJriXBy7ZYcdQWp5q0qISsRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYt
MWE2ZDNjOTlkYzQ4LzEvTHlSY3VKWktQTUFXb1g4MVo5bkpscmVVWXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYtMWE2ZDNjOTlkYzQ4
LzEvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLh4IAwQC
uVG8MA0EAgACMAcDBQAqAbAAMA0GCSqGSIb3DQEBCwUAA4IBAQCSCdD2OvHFtNRK
eu90IPsIPlRKhDaPHBb/HmTwUyccICDL9ygOhE515KvSa2A/KuaeFdY+xWW6hRML
I1v0L/4vYA3vQzK5d+gwML5t+V3NZhE5VPMix1TREyEDarZmVjM58G2BPS2Ev7M+
UHqs3TbtALhIKwHO0ZQN5NgUEaMwPLduvwLb2XjH+NpnqXDIP3Cd6ZSadZ5yOJnK
7wd9u2gskOuNqJo0sq1TxtlVxK8e4B7V7gmrxdUiTXntImb/cuwTiMxtSdPJYFX1
4xzHEaKmuzVz7Wec/7ms83O5ag0rNK28Ylq/SZ7xugXz/Dj9p6es9f7WTOtZRhva
J6k9S4BV
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:26 2024 by rpki-client on console-ams.rpki-client.org