Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/LsKSe4lPEaOKjx-wCXrrFBf4LpI.roa
File: LsKSe4lPEaOKjx-wCXrrFBf4LpI.roa (raw, json)
Hash identifier: abS7Q59yTtGL/djcoKU3ZQQKfc5eUw87yvj5mxRMoiM=
Subject key identifier: 2E:C2:92:7B:89:4F:11:A3:8A:8F:1F:B0:09:7A:EB:14:17:F8:2E:92
Certificate issuer: /CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Certificate serial: 0185737A9F7CCB4103C5B03D3EA4E01F00E3
Authority key identifier: 1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/LsKSe4lPEaOKjx-wCXrrFBf4LpI.roa
Signing time: Mon 02 Jan 2023 17:14:54 +0000
ROA not before: Mon 02 Jan 2023 17:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204512
IP address blocks: 185.118.108.0/24 maxlen: 24
2a0e:9000::/32 maxlen: 32
2a0e:9000:1::/48 maxlen: 48
2a0e:9000:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:9f:7c:cb:41:03:c5:b0:3d:3e:a4:e0:1f:00:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Validity
Not Before: Jan 2 17:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ec2927b894f11a38a8f1fb0097aeb1417f82e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c9:f6:46:07:8f:b0:75:e3:ee:f4:4a:0d:ea:
56:50:18:2d:27:af:52:97:a1:4b:60:91:31:46:e6:
0a:6b:3f:66:42:0e:a1:ea:e4:f1:78:3c:e7:0a:df:
ca:40:f3:83:6f:3e:ea:0f:3d:66:0f:f0:fb:32:6d:
25:9c:50:36:b1:50:ac:7f:cc:65:59:ea:e5:ce:d1:
4e:1e:7a:33:38:0a:f7:3c:2e:39:82:47:15:c0:9e:
05:a8:0e:9a:7a:2f:bf:ee:57:e0:54:08:76:41:32:
e2:4e:68:c2:eb:5f:8e:36:70:6e:94:ad:8d:1f:e4:
aa:e2:54:d3:35:c8:42:94:a8:d5:c7:15:90:aa:54:
3f:c7:12:76:12:b8:50:a3:56:34:a5:6a:3a:73:e1:
ed:be:0a:1c:b2:cb:62:02:ea:32:38:84:95:0d:8b:
b1:a5:23:0b:22:53:43:db:16:33:9c:23:31:2c:89:
a2:33:d0:81:16:34:bd:d2:7c:4e:0c:8d:cc:d5:4c:
7c:57:12:1c:05:11:73:0e:29:c2:e8:3b:fa:9b:3c:
93:0e:a0:d8:d6:90:e2:97:2d:ce:3c:0c:eb:72:3f:
c9:ab:5e:d7:d5:fa:65:ab:de:df:6b:54:50:43:29:
ca:eb:8c:45:c1:74:d7:f6:f7:8d:79:cb:bf:a4:ec:
5e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C2:92:7B:89:4F:11:A3:8A:8F:1F:B0:09:7A:EB:14:17:F8:2E:92
X509v3 Authority Key Identifier:
keyid:1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/LsKSe4lPEaOKjx-wCXrrFBf4LpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.108.0/24
IPv6:
2a0e:9000::/32
Signature Algorithm: sha256WithRSAEncryption
b4:37:1b:9b:65:59:b7:0a:09:89:00:d6:c3:f1:ac:b9:e7:01:
18:87:11:a6:78:d0:ff:15:b2:38:90:cb:92:bc:7d:16:a1:68:
fe:d1:a2:57:c4:0d:4c:57:3a:e1:d5:e7:05:40:44:50:84:c2:
9b:bd:ab:67:ed:7f:86:17:93:eb:4a:98:d4:ad:d2:a3:4a:25:
c5:8f:b6:ae:39:07:11:5f:4e:7d:f6:e5:20:4f:b9:ce:02:28:
5a:ed:8a:5b:eb:38:37:6c:2c:46:b3:28:8d:cd:e6:5c:c6:bc:
87:b6:79:e7:c6:a5:d5:ec:64:98:ac:3f:76:d2:9e:6e:00:09:
51:04:42:f0:a4:d4:66:25:5a:4a:34:8d:71:a8:2b:70:9f:29:
f4:bf:38:b0:f3:5a:bb:5f:ac:c8:21:9e:bb:56:44:a2:37:34:
57:17:a6:f3:a4:43:a0:9c:3b:05:06:48:90:73:68:c8:70:82:
71:d6:9d:6c:34:fa:ea:75:ee:14:3f:ea:0f:b0:8c:56:65:b1:
92:e8:e2:af:c0:1c:4d:e6:cd:2d:c7:de:71:e2:50:d2:84:9b:
55:1b:bf:5e:1f:08:fe:23:58:b9:af:f0:16:16:62:8b:68:12:
d6:15:0f:9f:f6:ee:9e:07:1a:43:5e:67:58:6b:98:d9:0d:5f:
ca:67:fd:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzep98y0EDxbA9PqTgHwDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDg3MWZjMmU5OTg5MmVhMTExNWEzMDIxMzhlMWQzMmE2
MjE4MmMwHhcNMjMwMTAyMTcxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWMyOTI3Yjg5NGYxMWEzOGE4ZjFmYjAwOTdhZWIxNDE3ZjgyZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcn2RgePsHXj7vRKDepWUBgtJ69S
l6FLYJExRuYKaz9mQg6h6uTxeDznCt/KQPODbz7qDz1mD/D7Mm0lnFA2sVCsf8xl
WerlztFOHnozOAr3PC45gkcVwJ4FqA6aei+/7lfgVAh2QTLiTmjC61+ONnBulK2N
H+Sq4lTTNchClKjVxxWQqlQ/xxJ2ErhQo1Y0pWo6c+HtvgocsstiAuoyOISVDYux
pSMLIlND2xYznCMxLImiM9CBFjS90nxODI3M1Ux8VxIcBRFzDinC6Dv6mzyTDqDY
1pDily3OPAzrcj/Jq17X1fplq97fa1RQQynK64xFwXTX9veNecu/pOxeZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC7CknuJTxGjio8fsAl66xQX+C6SMB8GA1UdIwQY
MBaAFB0IcfwumYkuoRFaMCE44dMqYhgsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAt
NGYzZTViMmUwYzU2LzEvTHNLU2U0bFBFYU9Langtd0NYcnJGQmY0THBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAtNGYzZTViMmUwYzU2
LzEvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXZsMA0E
AgACMAcDBQAqDpAAMA0GCSqGSIb3DQEBCwUAA4IBAQC0NxubZVm3CgmJANbD8ay5
5wEYhxGmeND/FbI4kMuSvH0WoWj+0aJXxA1MVzrh1ecFQERQhMKbvatn7X+GF5Pr
SpjUrdKjSiXFj7auOQcRX0599uUgT7nOAiha7Ypb6zg3bCxGsyiNzeZcxryHtnnn
xqXV7GSYrD920p5uAAlRBELwpNRmJVpKNI1xqCtwnyn0vziw81q7X6zIIZ67VkSi
NzRXF6bzpEOgnDsFBkiQc2jIcIJx1p1sNPrqde4UP+oPsIxWZbGS6OKvwBxN5s0t
x95x4lDShJtVG79eHwj+I1i5r/AWFmKLaBLWFQ+f9u6eBxpDXmdYa5jZDV/KZ/3X
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:27 2024 by rpki-client on console-ams.rpki-client.org