Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/_LukwYnhxeoYixMaB0H171ZzPX4.roa
File: _LukwYnhxeoYixMaB0H171ZzPX4.roa (raw, json)
Hash identifier: rgkQq0ZiW489KbOfqILNmMIaG800z/JtfuoLmyUhMQU=
Subject key identifier: FC:BB:A4:C1:89:E1:C5:EA:18:8B:13:1A:07:41:F5:EF:56:73:3D:7E
Certificate issuer: /CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Certificate serial: 018572B44048577F640CBC4EFF0BB20679D5
Authority key identifier: D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/_LukwYnhxeoYixMaB0H171ZzPX4.roa
Signing time: Mon 02 Jan 2023 13:38:13 +0000
ROA not before: Mon 02 Jan 2023 13:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.225.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:40:48:57:7f:64:0c:bc:4e:ff:0b:b2:06:79:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Validity
Not Before: Jan 2 13:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcbba4c189e1c5ea188b131a0741f5ef56733d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:97:e1:24:a0:dd:5c:64:e4:f3:84:58:e5:
61:6e:c0:02:21:35:aa:17:68:6b:55:60:8e:a6:1a:
c0:c9:55:48:06:68:79:ed:22:92:35:44:e5:62:b3:
6e:52:99:23:54:d3:39:ec:61:64:80:a7:b7:3a:d6:
44:0f:78:77:81:da:7c:67:61:5a:6b:7b:49:68:e1:
07:9f:09:12:63:f1:71:49:9a:ba:93:70:da:62:66:
21:f5:b5:8b:e9:aa:ce:de:c8:e4:a9:ec:49:ba:1e:
35:9d:9a:dd:5e:38:b0:9f:d1:cc:c5:65:b0:5e:58:
52:9d:1e:ed:52:e8:e6:c0:5b:70:ea:ae:6f:e6:e8:
d5:66:f3:ed:e6:e9:4e:af:46:15:44:21:2f:35:77:
ba:21:f0:d3:3a:22:95:82:7d:20:91:9b:b7:3f:c9:
e2:5f:f3:37:eb:20:32:fe:e6:b7:45:ea:93:f4:b2:
3b:b8:62:8d:20:81:77:ff:4a:12:08:dc:3b:5f:20:
85:d8:cd:eb:9c:91:c7:00:c9:e2:f3:59:ee:83:ad:
f7:2d:01:c1:77:e3:db:bd:d0:73:4b:34:87:c6:20:
65:da:0d:79:8c:6a:5a:97:ff:d0:e7:3f:9a:a7:60:
fc:94:9f:69:96:32:c5:d2:ad:4a:0b:b8:46:74:c5:
e5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BB:A4:C1:89:E1:C5:EA:18:8B:13:1A:07:41:F5:EF:56:73:3D:7E
X509v3 Authority Key Identifier:
keyid:D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/_LukwYnhxeoYixMaB0H171ZzPX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/1qqJ97ciJ5wDKULc8khl9tctZQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.252.0/22
Signature Algorithm: sha256WithRSAEncryption
25:ba:e4:e4:e6:fc:d2:d8:b9:38:85:f0:01:b9:2c:12:01:44:
e5:b0:97:4a:04:e5:70:46:4b:79:43:2f:7e:c8:96:1d:c5:e2:
88:42:cc:4a:4f:07:4a:aa:bf:bd:8a:ca:dd:d3:b8:17:4d:d9:
ab:39:62:0c:6f:91:a7:04:32:f0:ad:50:f5:a3:11:cc:fc:99:
75:77:4d:60:f5:dc:0d:fb:d7:c9:0b:e5:db:d7:63:f3:d9:8f:
7d:f9:96:5d:45:f9:6c:3a:68:3d:f5:c2:33:cc:bd:04:6d:e3:
f4:20:f1:4d:f7:0b:e0:a4:1a:12:0d:fa:f9:c3:50:51:77:b8:
6c:0c:3d:f1:5b:de:82:b6:d4:7d:6e:ba:df:00:49:16:0b:31:
6a:e2:ec:1b:8c:7a:62:fe:10:25:ff:1d:42:5c:9c:6d:02:60:
12:64:5a:47:57:7e:e5:1d:18:15:83:cc:e6:0a:f7:68:fa:1d:
cc:63:3d:82:92:2c:8a:49:83:26:90:74:d3:ed:1f:88:82:5f:
12:f9:b5:39:63:b1:9b:be:26:ab:95:16:4d:c1:a8:2e:c8:ec:
0b:5d:c0:19:4a:37:e8:fe:5b:bd:b8:17:1c:e9:c2:df:12:25:
70:59:98:14:01:8f:27:f3:d9:1d:1b:7e:74:f2:46:25:3a:59:
7c:2b:6d:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytEBIV39kDLxO/wuyBnnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWE4OWY3YjcyMjI3OWMwMzI5NDJkY2YyNDg2NWY2ZDcy
ZDY1MDEwHhcNMjMwMTAyMTMzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2JiYTRjMTg5ZTFjNWVhMTg4YjEzMWEwNzQxZjVlZjU2NzMzZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrKX4SSg3Vxk5POEWOVhbsACITWq
F2hrVWCOphrAyVVIBmh57SKSNUTlYrNuUpkjVNM57GFkgKe3OtZED3h3gdp8Z2Fa
a3tJaOEHnwkSY/FxSZq6k3DaYmYh9bWL6arO3sjkqexJuh41nZrdXjiwn9HMxWWw
XlhSnR7tUujmwFtw6q5v5ujVZvPt5ulOr0YVRCEvNXe6IfDTOiKVgn0gkZu3P8ni
X/M36yAy/ua3ReqT9LI7uGKNIIF3/0oSCNw7XyCF2M3rnJHHAMni81nug633LQHB
d+PbvdBzSzSHxiBl2g15jGpal//Q5z+ap2D8lJ9pljLF0q1KC7hGdMXl7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPy7pMGJ4cXqGIsTGgdB9e9Wcz1+MB8GA1UdIwQY
MBaAFNaqife3IiecAylC3PJIZfbXLWUBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYt
OGJhNjg4ODY2OWNmLzEvX0x1a3dZbmh4ZW9ZaXhNYUIwSDE3MVp6UFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYtOGJhNjg4ODY2OWNm
LzEvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueH8MA0G
CSqGSIb3DQEBCwUAA4IBAQAluuTk5vzS2Lk4hfABuSwSAUTlsJdKBOVwRkt5Qy9+
yJYdxeKIQsxKTwdKqr+9isrd07gXTdmrOWIMb5GnBDLwrVD1oxHM/Jl1d01g9dwN
+9fJC+Xb12Pz2Y99+ZZdRflsOmg99cIzzL0EbeP0IPFN9wvgpBoSDfr5w1BRd7hs
DD3xW96CttR9brrfAEkWCzFq4uwbjHpi/hAl/x1CXJxtAmASZFpHV37lHRgVg8zm
Cvdo+h3MYz2CkiyKSYMmkHTT7R+Igl8S+bU5Y7GbviarlRZNwaguyOwLXcAZSjfo
/lu9uBcc6cLfEiVwWZgUAY8n89kdG3508kYlOll8K22Q
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:30 2024 by rpki-client on console-fra.rpki-client.org