Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/lQIrZljbayr1l2On1pj6OzLGcnY.roa
File: lQIrZljbayr1l2On1pj6OzLGcnY.roa (raw, json)
Hash identifier: gxpNXXNEJ7Upm47U+VtPY/a31JK5YFg++YE8VsekWFQ=
Subject key identifier: 95:02:2B:66:58:DB:6B:2A:F5:97:63:A7:D6:98:FA:3B:32:C6:72:76
Certificate issuer: /CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Certificate serial: 0185708CB9807FDCFD3EA44ACE001190134E
Authority key identifier: 8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/lQIrZljbayr1l2On1pj6OzLGcnY.roa
Signing time: Mon 02 Jan 2023 03:35:48 +0000
ROA not before: Mon 02 Jan 2023 03:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30742
IP address blocks: 185.115.80.0/22 maxlen: 22
176.118.180.0/22 maxlen: 24
82.198.192.0/19 maxlen: 24
80.245.132.0/22 maxlen: 22
185.48.224.0/22 maxlen: 22
80.245.136.0/21 maxlen: 21
185.43.24.0/22 maxlen: 22
2a01:9b60::/32 maxlen: 32
2a03:9980::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Feb 2023 13:08:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b9:80:7f:dc:fd:3e:a4:4a:ce:00:11:90:13:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Validity
Not Before: Jan 2 03:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95022b6658db6b2af59763a7d698fa3b32c67276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3d:4f:b2:28:45:2c:9f:93:b1:8f:8a:f5:ff:
6e:34:48:ac:e2:88:50:3c:54:7c:bb:10:37:68:77:
51:aa:2f:e8:24:0e:6a:80:15:48:c3:06:c1:a0:a2:
8c:0c:94:c0:34:1e:37:f6:e3:e6:93:5b:6c:9e:75:
e5:09:15:8f:9a:76:1c:2a:9d:ef:d4:07:fc:c4:f9:
4b:36:fc:ae:3d:24:82:ac:3e:91:ba:69:0d:6c:87:
83:f0:be:c3:c7:34:26:b6:42:1f:7d:f3:5a:ed:02:
a6:7a:1e:53:96:c1:a4:34:70:c0:ce:7c:82:54:24:
90:34:68:25:9f:27:b9:0d:c2:2a:7d:21:11:1c:32:
46:da:02:98:80:9b:c8:02:69:37:f7:55:aa:5c:a3:
77:e3:0b:cb:ab:50:dd:72:c5:74:65:50:90:2c:f1:
c1:cc:b2:22:95:3c:53:de:81:69:c7:e1:75:23:9e:
93:5f:54:ec:bc:56:00:9f:f2:b0:0d:6b:2f:ea:53:
42:8b:0f:51:fb:0f:37:0d:d4:0f:b6:03:93:9b:ce:
c9:fb:10:97:31:47:3a:3c:e9:f3:12:5a:5d:b7:90:
1c:47:48:2c:af:ca:a3:24:12:33:55:fd:e3:01:2a:
1f:24:2a:73:65:51:77:40:c2:c9:fc:7f:d1:a3:87:
08:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:02:2B:66:58:DB:6B:2A:F5:97:63:A7:D6:98:FA:3B:32:C6:72:76
X509v3 Authority Key Identifier:
keyid:8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/lQIrZljbayr1l2On1pj6OzLGcnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.132.0-80.245.143.255
82.198.192.0/19
176.118.180.0/22
185.43.24.0/22
185.48.224.0/22
185.115.80.0/22
IPv6:
2a01:9b60::/32
2a03:9980::/32
Signature Algorithm: sha256WithRSAEncryption
86:8d:7c:b2:2f:56:53:07:37:b3:ee:68:b6:90:bf:95:a7:a2:
a4:a5:4c:1b:2e:f3:e8:63:a3:b5:d5:c9:7b:5b:c0:fb:04:5e:
97:e5:63:31:1b:f1:32:8c:76:51:eb:02:ac:c4:e5:f6:e7:22:
81:e2:5c:65:24:6a:2f:61:e9:c4:1b:47:9d:68:66:0d:85:1e:
5a:a8:d6:0f:d6:82:e2:a1:92:6a:1e:c6:1b:9d:96:bb:9a:06:
ab:c3:5d:b5:19:32:ee:b2:80:1c:ae:bb:ed:fa:a0:73:c3:19:
59:d6:ff:81:85:46:aa:4a:aa:91:be:e4:9f:b3:2b:6e:eb:dc:
73:9f:c1:14:48:02:21:cd:f0:f8:7e:1e:01:34:de:ea:a2:59:
db:c7:ec:bf:d7:06:46:78:f5:24:5b:51:14:49:8d:49:a0:78:
8b:c1:fb:f8:a3:bd:98:b6:2f:62:25:b7:a2:74:74:44:4f:8d:
2b:21:95:6e:c3:fd:54:38:be:7d:3a:35:95:ec:fc:ca:db:dd:
fb:7b:f9:9f:b6:9d:5b:41:16:2e:80:d7:9d:c6:1f:8f:6b:63:
96:b8:64:c7:16:42:70:c1:73:7d:36:98:a0:e7:52:8e:5f:6e:
fc:84:c3:8e:35:ae:35:c0:96:db:73:59:33:b6:bc:d4:42:c9:
be:fa:de:80
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVwjLmAf9z9PqRKzgARkBNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzRhNjdkYmVkNzQ0NGRkZDI3ZTgwMGZiNmMyMTAxM2E1
YjExYzYwHhcNMjMwMTAyMDMzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTAyMmI2NjU4ZGI2YjJhZjU5NzYzYTdkNjk4ZmEzYjMyYzY3Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj1PsihFLJ+TsY+K9f9uNEis4ohQ
PFR8uxA3aHdRqi/oJA5qgBVIwwbBoKKMDJTANB439uPmk1tsnnXlCRWPmnYcKp3v
1Af8xPlLNvyuPSSCrD6RumkNbIeD8L7DxzQmtkIfffNa7QKmeh5TlsGkNHDAznyC
VCSQNGglnye5DcIqfSERHDJG2gKYgJvIAmk391WqXKN34wvLq1DdcsV0ZVCQLPHB
zLIilTxT3oFpx+F1I56TX1TsvFYAn/KwDWsv6lNCiw9R+w83DdQPtgOTm87J+xCX
MUc6POnzElpdt5AcR0gsr8qjJBIzVf3jASofJCpzZVF3QMLJ/H/Ro4cIQQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJUCK2ZY22sq9Zdjp9aY+jsyxnJ2MB8GA1UdIwQY
MBaAFI7Epn2+10RN3SfoAPtsIQE6WxHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMt
MGNlZjUxMmY1MDA5LzEvbFFJclpsamJheXIxbDJPbjFwajZPekxHY25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMtMGNlZjUxMmY1MDA5
LzEvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsMAwDBAJQ9YQD
BARQ9YADBAVSxsADBAKwdrQDBAK5KxgDBAK5MOADBAK5c1AwFAQCAAIwDgMFACoB
m2ADBQAqA5mAMA0GCSqGSIb3DQEBCwUAA4IBAQCGjXyyL1ZTBzez7mi2kL+Vp6Kk
pUwbLvPoY6O11cl7W8D7BF6X5WMxG/EyjHZR6wKsxOX25yKB4lxlJGovYenEG0ed
aGYNhR5aqNYP1oLioZJqHsYbnZa7mgarw121GTLusoAcrrvt+qBzwxlZ1v+BhUaq
SqqRvuSfsytu69xzn8EUSAIhzfD4fh4BNN7qolnbx+y/1wZGePUkW1EUSY1JoHiL
wfv4o72Yti9iJbeidHRET40rIZVuw/1UOL59OjWV7PzK2937e/mftp1bQRYugNed
xh+Pa2OWuGTHFkJwwXN9Npig51KOX278hMOONa41wJbbc1kztrzUQsm++t6A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org