Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/lc-kq2Rj04EjoY1jyw6qlss4JAo.roa
File: lc-kq2Rj04EjoY1jyw6qlss4JAo.roa (raw, json)
Hash identifier: 4sVyKx/Itz+tJKKA7pk4aFnOupZibcULo5sP6mGiRv4=
Subject key identifier: 95:CF:A4:AB:64:63:D3:81:23:A1:8D:63:CB:0E:AA:96:CB:38:24:0A
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 01856F9DC6D4200C3529B303604926EF7026
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/lc-kq2Rj04EjoY1jyw6qlss4JAo.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205766
IP address blocks: 185.26.156.0/24 maxlen: 24
2a00:d0c0:200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c6:d4:20:0c:35:29:b3:03:60:49:26:ef:70:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95cfa4ab6463d38123a18d63cb0eaa96cb38240a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:db:37:f1:1f:e6:38:f5:2f:d8:39:53:e4:26:
9b:ff:89:0f:76:6e:4b:8b:d5:9a:ae:9b:ff:de:fd:
f5:f4:32:93:55:37:a3:09:a2:e6:e0:81:a1:ae:a1:
8e:46:8f:3a:f6:28:38:ab:f3:e4:9d:fe:71:3b:4f:
d8:f0:a7:94:fb:a3:82:4a:49:99:0a:e1:02:10:43:
c8:1d:d6:7a:9b:97:0e:48:14:0a:c6:2e:54:41:f9:
c8:64:df:35:45:64:d7:30:87:c8:58:3e:71:35:92:
c0:3c:7e:68:fb:f5:32:f4:c7:38:97:94:93:15:26:
17:8f:c0:92:86:ff:1a:38:45:65:4a:4d:79:f3:29:
d7:5f:a7:f5:8a:3a:b8:64:6a:1a:75:25:c5:bd:60:
56:8d:43:70:1e:ea:c4:21:ee:21:d4:37:fa:9a:6f:
27:26:66:30:d6:6c:24:d0:35:cc:5c:a1:0f:ea:43:
1b:64:62:54:22:63:e0:3b:57:7d:50:d2:49:af:8c:
7f:0d:95:83:bf:ae:ca:91:ae:fa:9c:e2:43:15:16:
7a:b8:40:91:2e:3d:4d:3e:59:b1:b6:75:fc:eb:98:
19:5b:0d:5f:f7:58:b0:a6:a8:7a:fc:90:1b:cf:19:
16:1c:8c:13:fe:63:8c:b4:34:6b:08:7d:70:68:be:
a1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CF:A4:AB:64:63:D3:81:23:A1:8D:63:CB:0E:AA:96:CB:38:24:0A
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/lc-kq2Rj04EjoY1jyw6qlss4JAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.156.0/24
IPv6:
2a00:d0c0:200::/48
Signature Algorithm: sha256WithRSAEncryption
5d:98:2c:6f:6a:a2:8e:96:25:2e:54:14:f9:05:a4:47:d8:1e:
9d:36:fa:65:ab:51:4b:f3:87:8c:40:d1:07:8e:ed:b8:ae:7b:
8a:79:26:60:85:80:a5:b8:cd:3a:bf:c9:a1:f7:a9:ce:d1:86:
42:93:4f:6f:d7:d6:27:3e:43:a3:48:e5:ac:1e:1a:d8:a7:82:
ee:32:c4:3c:7f:dc:18:5e:b0:31:d0:b8:06:4f:f4:82:56:68:
b4:0e:97:2d:23:6b:66:ed:72:9e:02:76:ec:e2:c8:c9:9b:c9:
de:b1:c7:c3:14:61:8e:8f:8f:9c:66:ca:e0:e2:9d:3f:16:08:
45:71:b6:1d:df:ba:04:fd:15:b0:78:16:c3:41:f5:3c:dd:58:
cb:d2:63:a7:17:98:2b:82:a6:62:28:7e:cb:a8:1b:37:dd:76:
fe:13:4b:e4:cb:8e:f7:eb:cd:0f:07:1c:c7:fc:9a:f0:58:f2:
ec:e4:a4:68:6c:5c:cb:86:fe:dc:03:61:ec:61:f5:ab:f4:f6:
01:51:1d:22:88:33:b6:4c:aa:4d:60:5e:48:b8:e7:46:16:da:
e1:72:cc:fe:82:d0:08:eb:ae:41:4b:50:ab:4c:ff:21:e9:6a:
fb:f5:3a:18:07:25:9a:1e:38:e3:2a:34:40:63:f2:b6:5a:de:
95:55:fb:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvncbUIAw1KbMDYEkm73AmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNmYTRhYjY0NjNkMzgxMjNhMThkNjNjYjBlYWE5NmNiMzgyNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmts38R/mOPUv2DlT5Cab/4kPdm5L
i9Warpv/3v319DKTVTejCaLm4IGhrqGORo869ig4q/Pknf5xO0/Y8KeU+6OCSkmZ
CuECEEPIHdZ6m5cOSBQKxi5UQfnIZN81RWTXMIfIWD5xNZLAPH5o+/Uy9Mc4l5ST
FSYXj8CShv8aOEVlSk158ynXX6f1ijq4ZGoadSXFvWBWjUNwHurEIe4h1Df6mm8n
JmYw1mwk0DXMXKEP6kMbZGJUImPgO1d9UNJJr4x/DZWDv67Kka76nOJDFRZ6uECR
Lj1NPlmxtnX865gZWw1f91iwpqh6/JAbzxkWHIwT/mOMtDRrCH1waL6hvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJXPpKtkY9OBI6GNY8sOqpbLOCQKMB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvbGMta3EyUmowNEVqb1kxanl3NnFsc3M0SkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRqcMA8E
AgACMAkDBwAqANDAAgAwDQYJKoZIhvcNAQELBQADggEBAF2YLG9qoo6WJS5UFPkF
pEfYHp02+mWrUUvzh4xA0QeO7biue4p5JmCFgKW4zTq/yaH3qc7RhkKTT2/X1ic+
Q6NI5aweGtingu4yxDx/3BhesDHQuAZP9IJWaLQOly0ja2btcp4CduziyMmbyd6x
x8MUYY6Pj5xmyuDinT8WCEVxth3fugT9FbB4FsNB9TzdWMvSY6cXmCuCpmIofsuo
Gzfddv4TS+TLjvfrzQ8HHMf8mvBY8uzkpGhsXMuG/twDYexh9av09gFRHSKIM7ZM
qk1gXki450YW2uFyzP6C0AjrrkFLUKtM/yHpavv1OhgHJZoeOOMqNEBj8rZa3pVV
+0k=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:54 2024 by rpki-client on console-fra.rpki-client.org