Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/LmOTkPWdQ5hUOfX_xiBalLQaZPQ.roa
File: LmOTkPWdQ5hUOfX_xiBalLQaZPQ.roa (raw, json)
Hash identifier: CxGCEQFaZi3G3wJz+AaedK6XtbOxF17/e2lZI5eP7Ik=
Subject key identifier: 2E:63:93:90:F5:9D:43:98:54:39:F5:FF:C6:20:5A:94:B4:1A:64:F4
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0191DDCDAA2DFAED1CD533EBCEF89DD1680E
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/LmOTkPWdQ5hUOfX_xiBalLQaZPQ.roa
Signing time: Tue 10 Sep 2024 21:18:48 +0000
ROA not before: Tue 10 Sep 2024 21:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5503
IP address blocks: 62.171.192.0/19 maxlen: 24
62.171.224.0/22 maxlen: 24
62.171.252.0/22 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.177.64.0/19 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/21 maxlen: 24
217.180.8.0/22 maxlen: 24
217.180.24.0/21 maxlen: 24
217.180.32.0/22 maxlen: 24
217.180.48.0/22 maxlen: 24
217.181.0.0/18 maxlen: 24
217.181.64.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Sep 2024 21:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:cd:aa:2d:fa:ed:1c:d5:33:eb:ce:f8:9d:d1:68:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Sep 10 21:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e639390f59d43985439f5ffc6205a94b41a64f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:d2:3e:66:b9:09:43:de:0d:bd:4d:33:ed:
35:ab:80:f1:57:87:84:d7:b2:da:27:89:0c:32:a2:
f9:b0:32:55:1c:60:e5:60:9c:93:6a:30:86:ad:7e:
28:98:e3:04:01:e5:f4:95:89:df:97:d4:0a:4b:02:
3d:d6:a8:2f:d3:00:e5:95:f4:9f:26:9f:7d:12:11:
72:30:da:59:12:77:af:ea:99:d8:02:fa:57:c9:9f:
d1:66:1b:bb:08:fc:ab:91:5a:b0:f2:85:11:f2:24:
0c:f2:94:ea:6c:cd:50:62:6c:76:19:b5:d6:23:b3:
13:3d:6a:23:a5:2e:27:84:07:fb:c9:2d:01:8b:57:
71:bc:90:36:f2:7e:77:04:c6:69:cb:8b:a3:0a:df:
2e:3c:e4:ef:2e:21:70:13:ac:d9:e5:b7:b7:ce:bd:
37:78:df:58:1d:98:c1:e0:5b:a6:e8:7b:20:ae:0d:
dd:c9:93:6f:28:e0:34:a8:47:b8:f2:96:b9:d5:76:
2e:a6:f1:3b:a2:89:03:74:e7:00:10:ed:48:3c:c0:
a0:99:30:d5:fd:44:49:29:cf:a8:f1:96:bf:0e:ff:
9c:cb:1f:1b:ac:f0:79:74:be:44:60:cb:c2:cc:ae:
1f:67:24:f2:f3:88:cd:4f:f8:e9:25:8e:bf:e2:5a:
e8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:63:93:90:F5:9D:43:98:54:39:F5:FF:C6:20:5A:94:B4:1A:64:F4
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/LmOTkPWdQ5hUOfX_xiBalLQaZPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0-62.171.227.255
62.171.252.0/22
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.179.0.0/17
217.179.192.0-217.180.11.255
217.180.24.0-217.180.35.255
217.180.48.0/22
217.181.0.0-217.181.95.255
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
86:6a:32:da:ae:5b:2d:95:3f:5c:ee:e5:dc:fb:54:d3:99:ba:
9e:0c:93:0c:8b:85:ed:9f:76:c1:bd:fe:fd:2a:e0:55:9d:a1:
dd:23:11:aa:ee:69:de:2c:43:75:36:b8:04:a0:35:8a:3e:9a:
6f:46:0d:7b:2f:9a:53:f1:1b:ad:99:43:a3:d5:78:86:9d:75:
4d:9e:02:10:68:51:c1:cf:83:9e:70:ca:db:ca:a6:6e:aa:23:
d7:f4:ab:69:7b:1f:37:0a:02:37:73:e6:a9:1d:7e:96:5d:c9:
fe:12:fc:33:36:57:66:53:03:00:ad:8a:87:7d:92:5a:09:6c:
41:42:f4:93:df:25:5a:fd:64:0d:53:57:2b:d7:51:47:f3:1d:
16:bd:1f:ed:27:00:ea:7b:71:c2:46:84:cb:01:f4:7e:5a:85:
41:ff:14:be:67:37:e4:76:19:f8:05:2b:de:1d:44:8b:69:f5:
6c:0b:a9:9c:9c:52:57:a0:8a:5f:64:ae:83:e0:91:c0:de:0e:
72:22:16:a1:ae:05:cf:cb:4b:c8:3c:60:23:93:48:21:91:a4:
5b:49:8d:e7:53:91:d1:f4:31:c7:d2:61:55:f4:1d:93:b4:75:
00:2c:4f:2a:cd:16:8c:11:0c:63:29:36:35:a2:45:f7:14:9c:
b7:9a:7f:cb
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZHdzaot+u0c1TPrzvid0WgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwOTEwMjExODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYzOTM5MGY1OWQ0Mzk4NTQzOWY1ZmZjNjIwNWE5NGI0MWE2NGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8XSPma5CUPeDb1NM+01q4DxV4eE
17LaJ4kMMqL5sDJVHGDlYJyTajCGrX4omOMEAeX0lYnfl9QKSwI91qgv0wDllfSf
Jp99EhFyMNpZEnev6pnYAvpXyZ/RZhu7CPyrkVqw8oUR8iQM8pTqbM1QYmx2GbXW
I7MTPWojpS4nhAf7yS0Bi1dxvJA28n53BMZpy4ujCt8uPOTvLiFwE6zZ5be3zr03
eN9YHZjB4Fum6Hsgrg3dyZNvKOA0qEe48pa51XYupvE7ookDdOcAEO1IPMCgmTDV
/URJKc+o8Za/Dv+cyx8brPB5dL5EYMvCzK4fZyTy84jNT/jpJY6/4lroywIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFC5jk5D1nUOYVDn1/8YgWpS0GmT0MB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvTG1PVGtQV2RRNWhVT2ZYX3hpQmFsTFFhWlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2MAwDBAY+
q8ADBAI+q+ADBAI+q/wDBAK5wOQDBAXCmgAwDAMEBcLuIAMEBcLuQAMEBtUSwDAL
AwMA2bEDBAXZsUADBAfZswAwDAMEBtmzwAMEAtm0CDAMAwQD2bQYAwQC2bQgAwQC
2bQwMAsDAwDZtQMEBdm1QDANBAIAAjAHAwUAKgIPsDANBgkqhkiG9w0BAQsFAAOC
AQEAhmoy2q5bLZU/XO7l3PtU05m6ngyTDIuF7Z92wb3+/SrgVZ2h3SMRqu5p3ixD
dTa4BKA1ij6ab0YNey+aU/EbrZlDo9V4hp11TZ4CEGhRwc+DnnDK28qmbqoj1/Sr
aXsfNwoCN3PmqR1+ll3J/hL8MzZXZlMDAK2Kh32SWglsQUL0k98lWv1kDVNXK9dR
R/MdFr0f7ScA6ntxwkaEywH0flqFQf8Uvmc35HYZ+AUr3h1Ei2n1bAupnJxSV6CK
X2Sug+CRwN4OciIWoa4Fz8tLyDxgI5NIIZGkW0mN51OR0fQxx9JhVfQdk7R1ACxP
Ks0WjBEMYyk2NaJF9xSct5p/yw==
-----END CERTIFICATE-----
Generated at Thu Sep 19 23:14:32 2024 by rpki-client on console-fra.rpki-client.org