Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/L5IuvdewHaRu8nI5kDSP6dDQv00.roa
File: L5IuvdewHaRu8nI5kDSP6dDQv00.roa (raw, json)
Hash identifier: Jpi+h3705KN3lctmYyJIBmeDVmecCLJnVX/pqDeVW2U=
Subject key identifier: 2F:92:2E:BD:D7:B0:1D:A4:6E:F2:72:39:90:34:8F:E9:D0:D0:BF:4D
Certificate issuer: /CN=5336107179715609dca422bc07a098468c529452
Certificate serial: 018C593A5D1E9CA6B97FAA0E3AFA7D730DF7
Authority key identifier: 53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/L5IuvdewHaRu8nI5kDSP6dDQv00.roa
Signing time: Mon 11 Dec 2023 14:14:06 +0000
ROA not before: Mon 11 Dec 2023 14:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43927
IP address blocks: 77.81.240.0/21 maxlen: 24
185.250.105.0/24 maxlen: 24
185.250.104.0/24 maxlen: 24
185.250.107.0/24 maxlen: 24
185.250.106.0/24 maxlen: 24
93.113.174.0/24 maxlen: 24
185.199.172.0/24 maxlen: 24
185.199.174.0/24 maxlen: 24
185.199.173.0/24 maxlen: 24
185.199.175.0/24 maxlen: 24
188.240.47.0/24 maxlen: 24
92.114.98.0/24 maxlen: 24
46.102.240.0/21 maxlen: 24
91.188.224.0/24 maxlen: 24
91.188.226.0/24 maxlen: 24
91.188.225.0/24 maxlen: 24
91.188.227.0/24 maxlen: 24
89.33.197.0/24 maxlen: 24
185.105.32.0/22 maxlen: 24
185.125.109.0/24 maxlen: 24
185.125.108.0/24 maxlen: 24
185.125.110.0/23 maxlen: 24
89.45.248.0/21 maxlen: 24
89.32.144.0/21 maxlen: 24
188.241.112.0/21 maxlen: 24
2a06:cd40:3::/48 maxlen: 48
2a06:cd40:cafe::/48 maxlen: 48
2a06:cd40:2::/48 maxlen: 48
2a06:cd40:300::/48 maxlen: 64
2a06:cd40:200::/48 maxlen: 48
2a06:cd40:100::/48 maxlen: 48
2a06:cd40:400::/48 maxlen: 48
2a06:cd40:4::/48 maxlen: 48
2a06:cd40:caff::/48 maxlen: 48
2a06:cd40:1::/48 maxlen: 48
2a06:cd40:301::/48 maxlen: 64
2a06:cd40:101::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:3a:5d:1e:9c:a6:b9:7f:aa:0e:3a:fa:7d:73:0d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336107179715609dca422bc07a098468c529452
Validity
Not Before: Dec 11 14:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f922ebdd7b01da46ef2723990348fe9d0d0bf4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:42:52:e9:19:6f:2d:3e:89:ac:27:40:22:1c:
6e:42:63:14:b5:79:21:98:dc:0e:dd:14:c6:02:25:
3c:32:b0:bc:49:e6:10:e2:d1:6a:e6:f3:32:a2:7e:
16:c4:66:bc:59:72:fe:39:71:ba:b7:49:c9:4d:d1:
a7:bd:88:b9:28:ae:47:11:0e:6b:6e:f4:5c:f9:0c:
f4:e8:57:0b:3c:34:4a:59:f0:22:26:72:25:fd:6e:
dc:6a:09:22:ac:79:8d:a8:02:45:ec:d6:26:36:10:
33:2b:13:1b:66:77:db:0c:81:83:5a:b9:22:95:13:
5b:b5:c6:7a:98:23:cd:b3:fe:19:1e:21:2b:17:c0:
bc:40:00:60:6e:d3:b3:96:d7:c3:7c:9f:67:42:c3:
9a:05:3c:49:51:40:37:5d:1b:0a:3e:10:2d:6d:93:
98:95:31:42:95:07:c7:d4:1b:b9:12:e2:4a:99:aa:
10:03:9a:57:2e:21:02:f2:37:5a:02:d6:57:9f:57:
91:2f:a2:c5:0e:57:06:40:a0:07:0b:58:eb:d5:69:
97:db:95:d8:9c:e6:9c:a9:0c:6e:08:e9:58:c7:e7:
7a:10:99:51:ff:39:6a:6d:3a:1f:b4:4b:56:3d:5f:
b0:5a:e2:12:8b:a5:3c:e4:0a:96:b6:ce:a0:c6:43:
c6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:92:2E:BD:D7:B0:1D:A4:6E:F2:72:39:90:34:8F:E9:D0:D0:BF:4D
X509v3 Authority Key Identifier:
keyid:53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/L5IuvdewHaRu8nI5kDSP6dDQv00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/UzYQcXlxVgncpCK8B6CYRoxSlFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.240.0/21
77.81.240.0/21
89.32.144.0/21
89.33.197.0/24
89.45.248.0/21
91.188.224.0/22
92.114.98.0/24
93.113.174.0/24
185.105.32.0/22
185.125.108.0/22
185.199.172.0/22
185.250.104.0/22
188.240.47.0/24
188.241.112.0/21
IPv6:
2a06:cd40:1::-2a06:cd40:4:ffff:ffff:ffff:ffff:ffff
2a06:cd40:100::/47
2a06:cd40:200::/48
2a06:cd40:300::/47
2a06:cd40:400::/48
2a06:cd40:cafe::/47
Signature Algorithm: sha256WithRSAEncryption
28:b5:4d:ac:c3:1c:23:4a:65:b4:d3:94:b0:61:5a:de:b8:aa:
31:be:d3:7b:00:7d:2d:04:3e:8a:43:85:cf:7b:b1:7a:19:ca:
93:e8:1a:43:4c:f8:e7:1f:04:f2:21:f5:6a:e4:ce:28:b7:6e:
4a:66:01:3e:90:4c:b8:d4:94:85:21:20:a7:c5:0d:41:c9:57:
a3:b8:c2:08:5b:b7:94:8c:95:80:7b:47:8c:b6:e7:fc:ea:9e:
e2:55:7f:59:83:5a:27:d2:a4:30:7f:a6:19:91:f1:ad:28:23:
8d:b1:a1:37:56:75:5f:79:ed:89:40:a6:de:29:7d:9d:91:3c:
ef:14:b4:59:0a:e3:29:48:62:42:1a:62:00:49:a2:39:65:fe:
98:94:e0:6c:34:e3:81:38:e7:d1:bf:a3:ed:a5:e4:a9:51:ea:
a0:73:ba:6e:9f:5a:c2:34:5f:8e:31:7a:d0:af:d5:db:c3:4e:
47:29:5d:eb:c2:3c:4b:77:09:fc:82:98:f5:a7:29:ee:0b:f0:
d0:07:b0:48:b8:5b:f6:14:a8:86:4d:10:9d:b2:96:63:a6:0c:
f5:82:3a:6a:dd:4a:b4:e4:8c:aa:b7:16:87:08:99:59:44:6d:
b7:f4:f5:04:c5:51:41:75:b4:51:af:9a:fd:d4:62:22:cf:05:
87:5f:9c:99
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYxZOl0enKa5f6oOOvp9cw33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzYxMDcxNzk3MTU2MDlkY2E0MjJiYzA3YTA5ODQ2OGM1
Mjk0NTIwHhcNMjMxMjExMTQxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjkyMmViZGQ3YjAxZGE0NmVmMjcyMzk5MDM0OGZlOWQwZDBiZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEJS6RlvLT6JrCdAIhxuQmMUtXkh
mNwO3RTGAiU8MrC8SeYQ4tFq5vMyon4WxGa8WXL+OXG6t0nJTdGnvYi5KK5HEQ5r
bvRc+Qz06FcLPDRKWfAiJnIl/W7cagkirHmNqAJF7NYmNhAzKxMbZnfbDIGDWrki
lRNbtcZ6mCPNs/4ZHiErF8C8QABgbtOzltfDfJ9nQsOaBTxJUUA3XRsKPhAtbZOY
lTFClQfH1Bu5EuJKmaoQA5pXLiEC8jdaAtZXn1eRL6LFDlcGQKAHC1jr1WmX25XY
nOacqQxuCOlYx+d6EJlR/zlqbToftEtWPV+wWuISi6U85AqWts6gxkPGXwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFC+SLr3XsB2kbvJyOZA0j+nQ0L9NMB8GA1UdIwQY
MBaAFFM2EHF5cVYJ3KQivAegmEaMUpRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUt
ZDE4NjEwMDc1ZWZjLzEvTDVJdXZkZXdIYVJ1OG5JNWtEU1A2ZERRdjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUtZDE4NjEwMDc1ZWZj
LzEvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTBaBAIAATBUAwQDLmbw
AwQDTVHwAwQDWSCQAwQAWSHFAwQDWS34AwQCW7zgAwQAXHJiAwQAXXGuAwQCuWkg
AwQCuX1sAwQCucesAwQCufpoAwQAvPAvAwQDvPFwMEcEAgACMEEwEgMHACoGzUAA
AQMHACoGzUAABAMHASoGzUABAAMHACoGzUACAAMHASoGzUADAAMHACoGzUAEAAMH
ASoGzUDK/jANBgkqhkiG9w0BAQsFAAOCAQEAKLVNrMMcI0pltNOUsGFa3riqMb7T
ewB9LQQ+ikOFz3uxehnKk+gaQ0z45x8E8iH1auTOKLduSmYBPpBMuNSUhSEgp8UN
QclXo7jCCFu3lIyVgHtHjLbn/Oqe4lV/WYNaJ9KkMH+mGZHxrSgjjbGhN1Z1X3nt
iUCm3il9nZE87xS0WQrjKUhiQhpiAEmiOWX+mJTgbDTjgTjn0b+j7aXkqVHqoHO6
bp9awjRfjjF60K/V28NORyld68I8S3cJ/IKY9acp7gvw0AewSLhb9hSohk0QnbKW
Y6YM9YI6at1KtOSMqrcWhwiZWURtt/T1BMVRQXW0Ua+a/dRiIs8Fh1+cmQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:50 2024 by rpki-client on console-fra.rpki-client.org