Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/lz-CrTVxM1MuI54X3rp4n4bIG1A.roa
File: lz-CrTVxM1MuI54X3rp4n4bIG1A.roa (raw, json)
Hash identifier: rqLAu2vepFBsQ4Tlc6+f++8R+tRVtVbbmG5a1tpmEFg=
Subject key identifier: 97:3F:82:AD:35:71:33:53:2E:23:9E:17:DE:BA:78:9F:86:C8:1B:50
Certificate issuer: /CN=a51d833d347e6c6ca69ea0a8ab2a83f49267ade4
Certificate serial: 018CC94DB812DA97CA6A48D233537587F239
Authority key identifier: A5:1D:83:3D:34:7E:6C:6C:A6:9E:A0:A8:AB:2A:83:F4:92:67:AD:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pR2DPTR-bGymnqCoqyqD9JJnreQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/lz-CrTVxM1MuI54X3rp4n4bIG1A.roa
Signing time: Tue 02 Jan 2024 08:32:42 +0000
ROA not before: Tue 02 Jan 2024 08:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206187
IP address blocks: 185.194.41.0/24 maxlen: 24
185.194.42.0/24 maxlen: 24
185.194.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b8:12:da:97:ca:6a:48:d2:33:53:75:87:f2:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a51d833d347e6c6ca69ea0a8ab2a83f49267ade4
Validity
Not Before: Jan 2 08:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=973f82ad357133532e239e17deba789f86c81b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6a:89:71:1d:59:b7:a5:d0:4e:96:f9:30:5a:
72:b3:2d:0d:c8:19:d5:a6:75:96:94:63:3f:68:d6:
19:c1:84:76:a1:1d:b6:61:13:e3:50:69:35:da:bb:
95:37:fa:ba:1f:f1:10:f9:2a:dd:f1:b7:b3:66:3a:
96:3b:5c:89:4e:4e:33:51:77:cc:83:b6:7d:8c:3a:
dc:20:7a:aa:60:82:8f:ba:ab:a0:39:d7:f7:73:74:
7d:92:98:8f:3b:f3:95:72:bc:63:a4:a5:f9:7b:77:
f7:3a:84:47:5e:05:36:d2:f4:c7:5a:81:ad:be:54:
11:27:a3:be:4e:6c:c1:7c:d9:19:e2:01:0b:42:ba:
4a:fc:6c:21:c3:1f:e6:be:16:84:14:52:0c:e4:9a:
fd:78:10:87:d5:dc:06:22:ad:0c:0f:ba:bd:d1:15:
2b:d7:6c:4b:ac:ad:88:e8:51:c3:31:74:fd:08:45:
83:5b:14:22:52:4a:37:40:3a:1d:55:83:be:85:53:
91:f9:6d:cc:f5:62:12:fa:d4:48:b2:ad:72:08:12:
86:fd:c8:3b:e1:37:9b:a1:10:3a:9d:13:e6:51:23:
8b:c4:f4:71:5f:fd:ab:c0:13:d8:f8:bb:08:1c:e6:
ac:d0:38:a6:48:00:af:78:8e:af:b9:ad:5e:e9:54:
da:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3F:82:AD:35:71:33:53:2E:23:9E:17:DE:BA:78:9F:86:C8:1B:50
X509v3 Authority Key Identifier:
keyid:A5:1D:83:3D:34:7E:6C:6C:A6:9E:A0:A8:AB:2A:83:F4:92:67:AD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pR2DPTR-bGymnqCoqyqD9JJnreQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/lz-CrTVxM1MuI54X3rp4n4bIG1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/pR2DPTR-bGymnqCoqyqD9JJnreQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.40.0-185.194.42.255
Signature Algorithm: sha256WithRSAEncryption
9b:10:f4:d7:d2:d5:34:6b:64:89:b8:fa:57:e3:8d:ba:a8:50:
61:f0:82:6a:58:33:c3:e7:03:90:b3:6f:0c:4d:37:98:e8:7b:
a3:68:9c:b6:ce:bf:94:a2:21:6e:cf:30:2e:a9:fd:bd:d7:31:
55:64:62:99:21:24:16:f8:a5:e0:43:5c:ab:f4:ff:ec:fc:56:
4e:1b:b5:6a:e4:03:53:47:90:49:a4:b6:5e:49:8f:e9:b9:56:
2d:eb:c0:56:39:79:9c:7c:8b:ed:eb:cd:b2:76:a6:ac:dd:a7:
07:93:6f:a3:64:a8:9d:21:b4:14:cb:8e:38:0c:11:a1:76:f6:
4b:a9:37:bd:8d:3b:a1:d2:6b:11:25:c0:02:f2:f7:2a:38:d8:
ab:6b:24:7c:27:2a:61:4f:b1:88:b3:06:67:5e:ed:3a:ae:1c:
a9:88:b5:ed:cd:b4:97:73:d9:f0:ad:cc:11:39:4f:0d:6b:8c:
20:a5:78:3a:af:e6:90:a6:e7:2e:cf:45:a9:80:e7:32:8c:cf:
e8:e9:19:84:42:7c:7b:dc:91:b1:1b:2f:a1:97:6d:7a:83:b8:
91:5e:2e:e0:0a:01:c7:cf:ea:4b:51:3e:8e:bd:15:0f:b0:c1:
d3:5b:53:3b:fb:c0:60:b0:d4:55:d0:23:cb:d5:de:2b:7a:1b:
c9:29:91:ff
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJTbgS2pfKakjSM1N1h/I5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MWQ4MzNkMzQ3ZTZjNmNhNjllYTBhOGFiMmE4M2Y0OTI2
N2FkZTQwHhcNMjQwMTAyMDgzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNmODJhZDM1NzEzMzUzMmUyMzllMTdkZWJhNzg5Zjg2YzgxYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWqJcR1Zt6XQTpb5MFpysy0NyBnV
pnWWlGM/aNYZwYR2oR22YRPjUGk12ruVN/q6H/EQ+Srd8bezZjqWO1yJTk4zUXfM
g7Z9jDrcIHqqYIKPuqugOdf3c3R9kpiPO/OVcrxjpKX5e3f3OoRHXgU20vTHWoGt
vlQRJ6O+TmzBfNkZ4gELQrpK/Gwhwx/mvhaEFFIM5Jr9eBCH1dwGIq0MD7q90RUr
12xLrK2I6FHDMXT9CEWDWxQiUko3QDodVYO+hVOR+W3M9WIS+tRIsq1yCBKG/cg7
4TeboRA6nRPmUSOLxPRxX/2rwBPY+LsIHOas0DimSACveI6vua1e6VTa2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJc/gq01cTNTLiOeF966eJ+GyBtQMB8GA1UdIwQY
MBaAFKUdgz00fmxspp6gqKsqg/SSZ63kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFIyRFBUUi1iR3ltbnFDb3F5cUQ5SkpucmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mZGEyMTYtZWNiYS00MmVlLWFhYjUt
NDc4MmI3YThlYTI5LzEvbHotQ3JUVnhNMU11STU0WDNycDRuNGJJRzFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mZGEyMTYtZWNiYS00MmVlLWFhYjUtNDc4MmI3YThlYTI5
LzEvcFIyRFBUUi1iR3ltbnFDb3F5cUQ5SkpucmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5wigD
BAC5wiowDQYJKoZIhvcNAQELBQADggEBAJsQ9NfS1TRrZIm4+lfjjbqoUGHwgmpY
M8PnA5CzbwxNN5joe6NonLbOv5SiIW7PMC6p/b3XMVVkYpkhJBb4peBDXKv0/+z8
Vk4btWrkA1NHkEmktl5Jj+m5Vi3rwFY5eZx8i+3rzbJ2pqzdpweTb6NkqJ0htBTL
jjgMEaF29kupN72NO6HSaxElwALy9yo42KtrJHwnKmFPsYizBmde7TquHKmIte3N
tJdz2fCtzBE5Tw1rjCCleDqv5pCm5y7PRamA5zKMz+jpGYRCfHvckbEbL6GXbXqD
uJFeLuAKAcfP6ktRPo69FQ+wwdNbUzv7wGCw1FXQI8vV3it6G8kpkf8=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:06:38 2025 by rpki-client