Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/LAS-89i0IrZqV2FQW2ouUfJJsTs.roa
File: LAS-89i0IrZqV2FQW2ouUfJJsTs.roa (raw, json)
Hash identifier: tKt31gtkUMKEGXklqcMdOQwujxl8WFuF2SdlsDfMs5c=
Subject key identifier: 2C:04:BE:F3:D8:B4:22:B6:6A:57:61:50:5B:6A:2E:51:F2:49:B1:3B
Certificate issuer: /CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Certificate serial: 018E020D94F112256E46CBC7B61015B1C014
Authority key identifier: 23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/LAS-89i0IrZqV2FQW2ouUfJJsTs.roa
Signing time: Sun 03 Mar 2024 02:03:48 +0000
ROA not before: Sun 03 Mar 2024 02:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 185.203.232.0/24 maxlen: 24
185.203.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:02:0d:94:f1:12:25:6e:46:cb:c7:b6:10:15:b1:c0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Validity
Not Before: Mar 3 02:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c04bef3d8b422b66a5761505b6a2e51f249b13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b8:be:62:c6:6e:b6:5c:ad:e5:ad:5b:cd:a4:
45:03:95:db:c0:4f:63:d0:dc:84:82:e7:64:36:b0:
27:ae:21:7b:6e:e6:e4:0e:7e:38:15:fc:22:7f:a9:
ea:71:bc:1c:68:e4:39:57:e6:c6:f4:0d:55:c4:2f:
74:c2:96:7e:88:5a:f4:8a:42:35:17:bc:1e:bb:70:
b8:4c:9b:ef:87:9a:48:42:8b:1a:cd:f0:50:41:c9:
ca:e0:a1:42:77:50:39:b7:c2:b2:9e:15:78:0d:c1:
37:c4:be:c7:03:57:7d:f6:f1:93:7a:fa:0b:d4:72:
94:b5:91:f0:30:bf:63:ad:31:26:c8:14:39:b3:81:
37:a7:9e:fe:d6:dd:41:fa:9f:48:b5:c5:f0:f8:59:
87:59:68:5f:83:7a:23:7a:47:a2:ed:fe:62:d4:96:
ac:9c:0e:55:d0:61:f6:61:c7:41:1a:4a:28:d3:24:
d3:67:54:0d:71:dd:47:32:b1:cf:03:34:9d:d5:2c:
a6:dc:33:dc:a8:55:d7:a8:1b:cd:c5:46:e8:1d:13:
f7:62:34:b2:08:44:08:34:9c:66:59:bc:97:cd:eb:
ac:e9:1d:cb:55:d9:9b:42:1a:26:84:c8:41:d5:26:
47:b0:e3:3f:70:ba:a3:c1:62:e4:ce:69:75:e7:4f:
c2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:04:BE:F3:D8:B4:22:B6:6A:57:61:50:5B:6A:2E:51:F2:49:B1:3B
X509v3 Authority Key Identifier:
keyid:23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/LAS-89i0IrZqV2FQW2ouUfJJsTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.232.0/24
185.203.235.0/24
Signature Algorithm: sha256WithRSAEncryption
39:b0:55:b3:0c:f0:7a:22:93:97:00:3b:95:7f:9e:a9:1c:93:
2a:cc:e5:14:a4:8b:3c:ca:b2:74:c8:aa:e0:14:ff:b7:67:2f:
6d:b9:60:d3:26:65:02:29:67:bb:bb:73:20:57:47:75:6a:df:
e7:78:41:7a:1b:bd:e4:88:41:94:33:87:58:45:ed:4a:61:80:
4c:0a:74:6f:73:0a:c4:0b:98:1a:cf:63:71:bd:2b:c2:51:04:
0f:40:de:b4:f3:f7:ea:b2:1a:58:11:ff:d6:cc:88:86:f4:6a:
07:36:62:fb:d7:da:54:0a:85:0d:47:41:bf:7a:e5:26:1f:ef:
83:90:49:27:e4:63:e4:4b:81:47:a1:d2:40:8b:8c:48:36:c4:
75:38:1f:69:d4:8e:60:07:e3:0f:9f:64:b4:f2:e3:5e:a6:e2:
c2:61:7d:47:e0:e9:02:56:fa:a9:84:b5:11:50:59:b0:2d:91:
6e:73:23:e7:a9:92:91:40:8d:bb:4c:fa:49:4b:f4:65:cc:82:
7f:2b:19:85:60:ad:9e:4f:a1:5b:fe:2a:c4:7a:2d:95:68:55:
2e:b1:c1:38:87:58:02:6c:67:1c:01:1b:67:83:2d:b8:bf:88:
61:29:b0:da:62:fe:ad:1e:64:a7:98:99:71:ee:27:51:cb:72:
96:29:70:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4CDZTxEiVuRsvHthAVscAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzBlMjYwNjA5MTNjNzU4MTM3NDg4YmZkN2FiMWJmZTll
MTBhZTIwHhcNMjQwMzAzMDIwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA0YmVmM2Q4YjQyMmI2NmE1NzYxNTA1YjZhMmU1MWYyNDliMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7i+YsZutlyt5a1bzaRFA5XbwE9j
0NyEgudkNrAnriF7bubkDn44Ffwif6nqcbwcaOQ5V+bG9A1VxC90wpZ+iFr0ikI1
F7weu3C4TJvvh5pIQosazfBQQcnK4KFCd1A5t8KynhV4DcE3xL7HA1d99vGTevoL
1HKUtZHwML9jrTEmyBQ5s4E3p57+1t1B+p9ItcXw+FmHWWhfg3ojekei7f5i1Jas
nA5V0GH2YcdBGkoo0yTTZ1QNcd1HMrHPAzSd1Sym3DPcqFXXqBvNxUboHRP3YjSy
CEQINJxmWbyXzeus6R3LVdmbQhomhMhB1SZHsOM/cLqjwWLkzml150/CSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCwEvvPYtCK2aldhUFtqLlHySbE7MB8GA1UdIwQY
MBaAFCMw4mBgkTx1gTdIi/16sb/p4QriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0Yjkt
NzA2NzgyY2ZhMDNiLzEvTEFTLTg5aTBJclpxVjJGUVcyb3VVZkpKc1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0YjktNzA2NzgyY2ZhMDNi
LzEvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucvoAwQA
ucvrMA0GCSqGSIb3DQEBCwUAA4IBAQA5sFWzDPB6IpOXADuVf56pHJMqzOUUpIs8
yrJ0yKrgFP+3Zy9tuWDTJmUCKWe7u3MgV0d1at/neEF6G73kiEGUM4dYRe1KYYBM
CnRvcwrEC5gaz2NxvSvCUQQPQN608/fqshpYEf/WzIiG9GoHNmL719pUCoUNR0G/
euUmH++DkEkn5GPkS4FHodJAi4xINsR1OB9p1I5gB+MPn2S08uNepuLCYX1H4OkC
VvqphLURUFmwLZFucyPnqZKRQI27TPpJS/RlzIJ/KxmFYK2eT6Fb/irEei2VaFUu
scE4h1gCbGccARtngy24v4hhKbDaYv6tHmSnmJlx7idRy3KWKXBe
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:59:35 2025 by rpki-client