Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/LxCW9cdrmJAeCurgD9Asokf0cMY.roa
File: LxCW9cdrmJAeCurgD9Asokf0cMY.roa (raw, json)
Hash identifier: yZqIn2b7gefybH7Bd7/0a9QHyidZ+V6BacwO+TPtL3E=
Subject key identifier: 2F:10:96:F5:C7:6B:98:90:1E:0A:EA:E0:0F:D0:2C:A2:47:F4:70:C6
Certificate issuer: /CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Certificate serial: 0185701EE807D1B0FAA0F1AE3B13C6D9E4F8
Authority key identifier: EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/LxCW9cdrmJAeCurgD9Asokf0cMY.roa
Signing time: Mon 02 Jan 2023 01:35:51 +0000
ROA not before: Mon 02 Jan 2023 01:35:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2635
IP address blocks: 185.138.28.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e8:07:d1:b0:fa:a0:f1:ae:3b:13:c6:d9:e4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Validity
Not Before: Jan 2 01:35:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f1096f5c76b98901e0aeae00fd02ca247f470c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:08:02:60:ea:ba:d5:56:ae:09:6f:e6:4c:9d:
28:f4:ab:d8:bc:20:e9:02:92:7c:5d:ed:6a:e4:6b:
1c:0b:46:ed:ee:bc:71:77:cb:ce:83:46:53:42:0a:
9e:f1:fc:b3:8b:36:06:e0:e1:04:62:e7:3d:9f:89:
15:ef:6b:cd:c2:ce:da:3c:21:13:41:a7:8f:dc:64:
64:ca:2a:0d:f2:3d:9c:ab:10:47:81:25:4d:e5:9a:
bb:79:23:29:a2:2c:7f:79:02:0e:ae:f8:42:9c:68:
47:aa:49:35:ce:8f:62:d2:c5:e6:04:ae:f0:71:c7:
68:df:fe:0b:31:1d:87:25:b2:ac:b1:88:fb:81:d4:
1b:4a:83:9d:d5:e1:0f:ee:f7:30:9a:03:cb:dc:8e:
d3:44:17:64:1d:25:31:8a:fa:86:f6:c9:4b:75:7b:
65:53:55:0d:02:b6:c8:96:05:b0:f3:95:ec:21:6b:
2f:f7:83:38:a6:87:18:c5:0a:63:00:d8:d8:9c:6b:
c5:aa:ae:d4:58:a7:d9:67:9b:a2:d2:08:71:d3:d2:
52:1d:63:ef:5b:87:7c:09:2a:7c:b3:4e:3d:2b:46:
59:8b:fc:df:40:d8:f8:bf:9f:fe:7a:49:da:27:ef:
3d:85:74:d9:1d:66:fc:ba:dc:34:1f:e3:93:db:72:
1f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:10:96:F5:C7:6B:98:90:1E:0A:EA:E0:0F:D0:2C:A2:47:F4:70:C6
X509v3 Authority Key Identifier:
keyid:EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/LxCW9cdrmJAeCurgD9Asokf0cMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/7E0DlAhPfkBiYJco9NTVewZFWlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.28.0/22
Signature Algorithm: sha256WithRSAEncryption
63:73:11:d5:5d:bf:74:51:de:7f:14:da:4b:bd:c2:0d:8d:9e:
c4:56:94:99:ab:4a:bd:9a:e1:47:b4:df:93:7f:58:4f:df:39:
33:9c:38:48:08:60:73:f5:38:63:5b:a7:8b:fb:9d:26:15:75:
de:12:ae:e9:3b:e3:8f:49:57:70:50:3d:81:40:52:e1:60:bf:
f1:30:e9:2b:be:d2:a4:f6:5c:f3:06:ac:2f:f4:bb:a8:f3:5b:
64:69:66:55:04:37:ac:11:d3:5b:c3:c1:a8:b2:f2:f9:50:63:
fb:03:2c:de:38:fa:34:cf:7e:0b:3d:ea:d1:d5:cb:dc:1a:4c:
e9:70:ed:1e:2c:9e:08:21:ba:4c:0b:74:d9:4c:e8:11:25:25:
f9:3c:98:8c:28:c6:6e:5e:3c:ed:74:7c:0a:34:8b:99:8d:2e:
c4:1d:3c:34:71:13:bb:bb:4d:be:06:6d:7d:07:d1:74:e3:91:
f7:ae:45:93:97:db:35:bb:0d:98:f1:cb:5e:9b:4d:1e:4a:f3:
91:68:87:51:b2:39:82:a1:e6:7b:71:ac:9d:4f:51:98:85:72:
e4:fc:25:05:ef:57:cb:0f:35:c1:b6:e0:a3:a4:62:f8:20:01:
c7:14:53:a7:0e:cd:d4:c8:ff:69:e8:b7:61:14:6c:c7:13:d3:
d9:b4:64:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHugH0bD6oPGuOxPG2eT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGQwMzk0MDg0ZjdlNDA2MjYwOTcyOGY0ZDRkNTdiMDY0
NTVhNTYwHhcNMjMwMTAyMDEzNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjEwOTZmNWM3NmI5ODkwMWUwYWVhZTAwZmQwMmNhMjQ3ZjQ3MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAgCYOq61VauCW/mTJ0o9KvYvCDp
ApJ8Xe1q5GscC0bt7rxxd8vOg0ZTQgqe8fyzizYG4OEEYuc9n4kV72vNws7aPCET
QaeP3GRkyioN8j2cqxBHgSVN5Zq7eSMpoix/eQIOrvhCnGhHqkk1zo9i0sXmBK7w
ccdo3/4LMR2HJbKssYj7gdQbSoOd1eEP7vcwmgPL3I7TRBdkHSUxivqG9slLdXtl
U1UNArbIlgWw85XsIWsv94M4pocYxQpjANjYnGvFqq7UWKfZZ5ui0ghx09JSHWPv
W4d8CSp8s049K0ZZi/zfQNj4v5/+eknaJ+89hXTZHWb8utw0H+OT23IfHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8QlvXHa5iQHgrq4A/QLKJH9HDGMB8GA1UdIwQY
MBaAFOxNA5QIT35AYmCXKPTU1XsGRVpWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0UwRGxBaFBma0JpWUpjbzlOVFZld1pGV2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8yMzY2MTAtMjQ0OC00MjNiLTliY2Et
MjY4Y2VkODQzNWI1LzEvTHhDVzljZHJtSkFlQ3VyZ0Q5QXNva2YwY01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8yMzY2MTAtMjQ0OC00MjNiLTliY2EtMjY4Y2VkODQzNWI1
LzEvN0UwRGxBaFBma0JpWUpjbzlOVFZld1pGV2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYocMA0G
CSqGSIb3DQEBCwUAA4IBAQBjcxHVXb90Ud5/FNpLvcINjZ7EVpSZq0q9muFHtN+T
f1hP3zkznDhICGBz9ThjW6eL+50mFXXeEq7pO+OPSVdwUD2BQFLhYL/xMOkrvtKk
9lzzBqwv9Luo81tkaWZVBDesEdNbw8GosvL5UGP7AyzeOPo0z34LPerR1cvcGkzp
cO0eLJ4IIbpMC3TZTOgRJSX5PJiMKMZuXjztdHwKNIuZjS7EHTw0cRO7u02+Bm19
B9F045H3rkWTl9s1uw2Y8ctem00eSvORaIdRsjmCoeZ7caydT1GYhXLk/CUF71fL
DzXBtuCjpGL4IAHHFFOnDs3UyP9p6LdhFGzHE9PZtGTp
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:43 2024 by rpki-client on console-fra.rpki-client.org