Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/LQ0NBdFVhmtIWbs8CDEeKhVQgqs.roa
File: LQ0NBdFVhmtIWbs8CDEeKhVQgqs.roa (raw, json)
Hash identifier: d6vgtvYnvbSmaxetHa65XWyEjObIAvxZgk5O146iTwc=
Subject key identifier: 2D:0D:0D:05:D1:55:86:6B:48:59:BB:3C:08:31:1E:2A:15:50:82:AB
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 018CF8D24C70363F15DBB7AF445F70C37350
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/LQ0NBdFVhmtIWbs8CDEeKhVQgqs.roa
Signing time: Thu 11 Jan 2024 13:59:40 +0000
ROA not before: Thu 11 Jan 2024 13:59:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 144.86.231.0/24 maxlen: 24
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/24 maxlen: 24
185.254.12.0/24 maxlen: 24
185.254.13.0/24 maxlen: 24
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
185.138.120.0/24 maxlen: 24
185.138.120.0/23 maxlen: 23
185.138.121.0/24 maxlen: 24
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
185.20.196.0/24 maxlen: 24
185.20.198.0/23 maxlen: 23
185.20.197.0/24 maxlen: 24
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
2a0b:1880::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 Jan 2024 14:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:d2:4c:70:36:3f:15:db:b7:af:44:5f:70:c3:73:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jan 11 13:59:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d0d0d05d155866b4859bb3c08311e2a155082ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:e4:c2:89:6a:99:50:18:45:a2:73:26:3d:
b4:d6:7b:44:25:ac:b1:70:0d:51:7e:ca:42:3b:21:
21:18:d9:bf:93:7b:15:2e:a5:98:a4:2f:66:35:be:
fd:fc:f6:61:97:59:f7:91:c6:fd:5e:fe:ef:4c:ee:
de:e4:04:8e:3a:d0:c8:3b:ee:83:e9:a7:f7:cb:92:
f9:77:d9:85:6b:ad:ee:e9:b1:6d:11:68:45:ee:bf:
fe:d2:c8:fd:e3:7b:2a:e0:a4:fc:0b:e8:d1:fe:e8:
f9:5c:a4:d7:f5:e0:9a:e6:9e:42:76:d0:ab:68:c2:
5e:c9:16:0b:c5:6a:8d:26:e9:2f:02:cc:cd:a1:85:
e7:b2:81:b6:83:0b:c0:90:71:19:c8:7d:00:8d:22:
1c:41:75:2f:d8:d5:51:58:2c:21:f1:67:a1:3a:fb:
75:b3:fe:f8:f2:12:ce:fd:16:ca:2b:ad:d8:11:90:
2d:f7:6e:7a:40:68:09:1d:cc:39:cc:6b:cc:d3:a8:
73:be:e7:2d:f5:1e:a9:29:89:e1:af:a4:15:a3:b8:
c2:a2:bc:f9:97:7e:19:5d:c5:45:dc:97:2e:93:c4:
db:2c:21:27:a5:08:5b:bd:d7:c0:e8:50:ff:98:4b:
81:b9:d9:d7:67:5d:2d:5d:ab:24:d0:8f:98:c3:7e:
a3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:0D:0D:05:D1:55:86:6B:48:59:BB:3C:08:31:1E:2A:15:50:82:AB
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/LQ0NBdFVhmtIWbs8CDEeKhVQgqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/29
Signature Algorithm: sha256WithRSAEncryption
0e:30:63:4d:b0:e4:c2:c3:65:bc:77:bd:c7:b2:17:27:13:93:
e5:04:b2:6e:44:a9:9e:4f:da:2d:ab:96:cb:50:77:7a:14:ce:
06:ff:31:26:81:38:23:dc:bd:b0:09:ce:93:bf:af:64:06:be:
e3:25:31:93:9b:7f:df:d9:9c:4d:5d:f0:52:5d:5b:b8:23:b4:
41:14:0d:df:26:01:24:22:4e:9c:2c:b1:d8:f8:ef:e6:b2:39:
99:b9:49:04:99:8d:80:a9:a2:e3:f4:c1:d0:fe:5c:ed:c0:a9:
31:78:08:a4:50:2f:05:b2:61:bc:56:ad:c9:3a:a1:d4:39:40:
6f:c3:bc:58:2c:08:43:bd:01:35:9b:07:7b:05:c5:4d:96:67:
40:11:21:86:1d:a5:ce:93:90:cc:a3:8f:27:be:a8:67:2a:bc:
2f:ae:1c:e8:71:eb:f2:80:6d:b9:ea:7c:a3:22:a3:e6:64:4d:
7d:4d:4f:54:3e:71:ce:cd:84:f2:0e:0f:b9:b8:ba:b6:f4:18:
8e:6c:1c:ad:61:c8:a5:a9:b9:af:0d:e5:e3:4e:61:4a:9b:f7:
98:a2:f2:f7:dc:de:4c:e6:3a:07:a7:2a:07:48:35:77:69:b9:
41:0d:65:fe:b7:8a:4a:4e:74:aa:30:7e:3d:bf:cb:97:22:02:
89:dc:75:8d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYz40kxwNj8V27evRF9ww3NQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjQwMTExMTM1OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDBkMGQwNWQxNTU4NjZiNDg1OWJiM2MwODMxMWUyYTE1NTA4MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqXkwolqmVAYRaJzJj201ntEJayx
cA1RfspCOyEhGNm/k3sVLqWYpC9mNb79/PZhl1n3kcb9Xv7vTO7e5ASOOtDIO+6D
6af3y5L5d9mFa63u6bFtEWhF7r/+0sj943sq4KT8C+jR/uj5XKTX9eCa5p5CdtCr
aMJeyRYLxWqNJukvAszNoYXnsoG2gwvAkHEZyH0AjSIcQXUv2NVRWCwh8WehOvt1
s/748hLO/RbKK63YEZAt9256QGgJHcw5zGvM06hzvuct9R6pKYnhr6QVo7jCorz5
l34ZXcVF3Jcuk8TbLCEnpQhbvdfA6FD/mEuBudnXZ10tXask0I+Yw36jFwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFC0NDQXRVYZrSFm7PAgxHioVUIKrMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvTFEwTkJkRlZobXRJV2JzOENERWVLaFZRZ3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDXbTYAwQC
kFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQCx0q8MA0EAgACMAcDBQMqCxiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOMGNNsOTCw2W8d73HshcnE5PlBLJuRKmeT9ot
q5bLUHd6FM4G/zEmgTgj3L2wCc6Tv69kBr7jJTGTm3/f2ZxNXfBSXVu4I7RBFA3f
JgEkIk6cLLHY+O/msjmZuUkEmY2AqaLj9MHQ/lztwKkxeAikUC8FsmG8Vq3JOqHU
OUBvw7xYLAhDvQE1mwd7BcVNlmdAESGGHaXOk5DMo48nvqhnKrwvrhzocevygG25
6nyjIqPmZE19TU9UPnHOzYTyDg+5uLq29BiObBytYcilqbmvDeXjTmFKm/eYovL3
3N5M5joHpyoHSDV3ablBDWX+t4pKTnSqMH49v8uXIgKJ3HWN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:27 2024 by rpki-client on console-ams.rpki-client.org