Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b19369-58c4-4f93-911e-a84adf49e787/1/LZMCVE1-UJe1wCm3lEn4hfGeAT0.roa
File: LZMCVE1-UJe1wCm3lEn4hfGeAT0.roa (raw, json)
Hash identifier: Hy1zB2hmeUaFb1LutnXuzm4VWdDKmPk6XMe0tBmfRwg=
Subject key identifier: 2D:93:02:54:4D:7E:50:97:B5:C0:29:B7:94:49:F8:85:F1:9E:01:3D
Certificate issuer: /CN=73b760b99de4b40d0e7b4bd6582aa04ca780a6b2
Certificate serial: 018F956300CD8A3542A191E7BCCDFAE96980
Authority key identifier: 73:B7:60:B9:9D:E4:B4:0D:0E:7B:4B:D6:58:2A:A0:4C:A7:80:A6:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c7dguZ3ktA0Oe0vWWCqgTKeAprI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b19369-58c4-4f93-911e-a84adf49e787/1/LZMCVE1-UJe1wCm3lEn4hfGeAT0.roa
Signing time: Mon 20 May 2024 09:44:04 +0000
ROA not before: Mon 20 May 2024 09:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49824
IP address blocks: 45.87.89.0/24 maxlen: 24
45.87.90.0/24 maxlen: 24
45.87.91.0/24 maxlen: 24
2a10:2f40::/29 maxlen: 29
2a10:2f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Jun 2024 10:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:63:00:cd:8a:35:42:a1:91:e7:bc:cd:fa:e9:69:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73b760b99de4b40d0e7b4bd6582aa04ca780a6b2
Validity
Not Before: May 20 09:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d9302544d7e5097b5c029b79449f885f19e013d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:99:c0:ef:93:c9:e8:0c:65:2d:74:8b:98:67:
f9:4d:69:f7:00:28:bd:b8:c7:6f:c6:2e:61:06:df:
36:a9:e9:24:d5:c5:78:d7:a9:2a:b2:8b:17:f8:ef:
7d:11:50:30:3e:75:4f:42:e0:cc:97:0b:cf:48:b0:
65:23:4c:bb:50:39:32:97:6c:c0:88:70:0c:fd:d3:
78:77:89:71:7a:08:79:4e:91:47:ea:a3:c4:dc:20:
26:a7:bf:b5:05:bf:cb:30:90:0c:d0:2b:9a:32:ba:
05:70:61:81:69:27:5b:e4:1d:0a:a7:a2:7d:92:3d:
a9:90:ea:51:e0:5b:87:c6:9c:f3:f2:dd:18:a9:47:
fb:fe:a6:28:01:39:a1:fb:14:c4:f6:27:ae:10:47:
8d:17:a9:b8:fd:b6:5b:27:5a:58:7e:9d:c0:3c:02:
2d:69:a8:2d:90:83:f9:12:c9:3c:2d:5c:c6:d4:7f:
59:01:45:ab:10:d1:6f:88:15:8a:01:fd:cd:c1:6f:
cd:6c:4e:ec:1e:bc:8e:dc:ff:4e:2e:8e:0c:6d:6a:
07:36:44:42:a4:97:c0:b6:2a:51:c8:96:bc:44:ce:
01:5a:ce:e2:14:55:67:d7:bc:b3:44:23:b8:a9:f0:
8f:9e:0f:be:4e:3a:e7:39:eb:11:52:7d:6f:99:55:
83:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:93:02:54:4D:7E:50:97:B5:C0:29:B7:94:49:F8:85:F1:9E:01:3D
X509v3 Authority Key Identifier:
keyid:73:B7:60:B9:9D:E4:B4:0D:0E:7B:4B:D6:58:2A:A0:4C:A7:80:A6:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7dguZ3ktA0Oe0vWWCqgTKeAprI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b19369-58c4-4f93-911e-a84adf49e787/1/LZMCVE1-UJe1wCm3lEn4hfGeAT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b19369-58c4-4f93-911e-a84adf49e787/1/c7dguZ3ktA0Oe0vWWCqgTKeAprI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.89.0-45.87.91.255
IPv6:
2a10:2f40::/29
Signature Algorithm: sha256WithRSAEncryption
49:11:58:27:19:cf:3e:14:e2:89:d1:a2:1e:ff:19:31:51:20:
29:bb:27:bf:fd:76:1b:75:08:cb:d9:34:1a:67:32:6b:2f:50:
9b:33:bd:ef:4d:45:7c:d5:52:4b:37:6f:0c:0f:94:e2:d0:71:
c2:ff:c4:33:27:87:7a:57:e2:98:5b:dc:a2:37:f0:14:d0:ec:
bd:93:88:f4:df:e1:b0:17:46:02:02:f2:2e:1a:76:27:65:81:
d5:61:d7:6f:87:2f:ab:b5:f0:e0:97:dd:cd:c8:47:c1:10:25:
35:56:82:d7:f7:3d:6e:3d:fd:41:70:d5:36:51:24:8f:97:64:
69:1c:09:cb:a3:4a:61:f0:e2:68:58:eb:de:58:a6:b5:8a:08:
f7:a6:cc:d8:ca:66:c4:9c:c4:c2:62:7c:f1:4d:91:f4:36:f2:
41:4e:37:49:9c:9f:10:c9:48:79:8f:27:d4:8c:ac:4a:e6:7e:
1d:9b:9d:f4:61:ee:60:50:8f:07:bd:ba:c3:7a:bc:9e:81:ed:
b0:82:df:22:8a:3c:ef:0c:6c:0c:36:63:61:11:5f:3b:6f:3c:
90:41:fb:3c:2b:7b:38:8e:be:9d:ee:a1:1b:a5:02:93:03:69:
d7:02:58:4d:1b:6a:7f:e1:7b:75:7d:dd:5c:3f:ef:16:d5:c1:
15:64:01:32
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY+VYwDNijVCoZHnvM366WmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYjc2MGI5OWRlNGI0MGQwZTdiNGJkNjU4MmFhMDRjYTc4
MGE2YjIwHhcNMjQwNTIwMDk0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDkzMDI1NDRkN2U1MDk3YjVjMDI5Yjc5NDQ5Zjg4NWYxOWUwMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZnA75PJ6AxlLXSLmGf5TWn3ACi9
uMdvxi5hBt82qekk1cV416kqsosX+O99EVAwPnVPQuDMlwvPSLBlI0y7UDkyl2zA
iHAM/dN4d4lxegh5TpFH6qPE3CAmp7+1Bb/LMJAM0CuaMroFcGGBaSdb5B0Kp6J9
kj2pkOpR4FuHxpzz8t0YqUf7/qYoATmh+xTE9ieuEEeNF6m4/bZbJ1pYfp3APAIt
aagtkIP5Esk8LVzG1H9ZAUWrENFviBWKAf3NwW/NbE7sHryO3P9OLo4MbWoHNkRC
pJfAtipRyJa8RM4BWs7iFFVn17yzRCO4qfCPng++TjrnOesRUn1vmVWDlwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC2TAlRNflCXtcApt5RJ+IXxngE9MB8GA1UdIwQY
MBaAFHO3YLmd5LQNDntL1lgqoEyngKayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzdkZ3VaM2t0QTBPZTB2V1dDcWdUS2VBcHJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iMTkzNjktNThjNC00ZjkzLTkxMWUt
YTg0YWRmNDllNzg3LzEvTFpNQ1ZFMS1VSmUxd0NtM2xFbjRoZkdlQVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iMTkzNjktNThjNC00ZjkzLTkxMWUtYTg0YWRmNDllNzg3
LzEvYzdkZ3VaM2t0QTBPZTB2V1dDcWdUS2VBcHJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAtV1kD
BAItV1gwDQQCAAIwBwMFAyoQL0AwDQYJKoZIhvcNAQELBQADggEBAEkRWCcZzz4U
4onRoh7/GTFRICm7J7/9dht1CMvZNBpnMmsvUJszve9NRXzVUks3bwwPlOLQccL/
xDMnh3pX4phb3KI38BTQ7L2TiPTf4bAXRgIC8i4adidlgdVh12+HL6u18OCX3c3I
R8EQJTVWgtf3PW49/UFw1TZRJI+XZGkcCcujSmHw4mhY695YprWKCPemzNjKZsSc
xMJifPFNkfQ28kFON0mcnxDJSHmPJ9SMrErmfh2bnfRh7mBQjwe9usN6vJ6B7bCC
3yKKPO8MbAw2Y2ERXztvPJBB+zwreziOvp3uoRulApMDadcCWE0ban/he3V93Vw/
7xbVwRVkATI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:52 2024 by rpki-client on console-ams.rpki-client.org