Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/LfNlN-OIkSFE8Iu2pUqKEqtDXdY.roa
File: LfNlN-OIkSFE8Iu2pUqKEqtDXdY.roa (raw, json)
Hash identifier: pe8jqNmHTjAxn5G7RlSGHUhhi22JaYkcC1htMm7Bp1A=
Subject key identifier: 2D:F3:65:37:E3:88:91:21:44:F0:8B:B6:A5:4A:8A:12:AB:43:5D:D6
Certificate issuer: /CN=6de2aab077c9eef103f97984f309d891e5a19983
Certificate serial: 01856EAFBC1E2DE799295D3C412CE1F81932
Authority key identifier: 6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/LfNlN-OIkSFE8Iu2pUqKEqtDXdY.roa
Signing time: Sun 01 Jan 2023 18:54:48 +0000
ROA not before: Sun 01 Jan 2023 18:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205516
IP address blocks: 89.223.4.0/24 maxlen: 24
89.223.11.0/24 maxlen: 24
45.86.80.0/22 maxlen: 24
185.215.160.0/22 maxlen: 24
2a0b:abc0::/29 maxlen: 48
2a0e:db80::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Sep 2023 09:59:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:bc:1e:2d:e7:99:29:5d:3c:41:2c:e1:f8:19:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6de2aab077c9eef103f97984f309d891e5a19983
Validity
Not Before: Jan 1 18:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2df36537e388912144f08bb6a54a8a12ab435dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7f:d9:59:21:46:ad:20:4d:a8:2b:ff:fe:96:
ae:c3:bc:87:17:30:f8:59:ec:81:e1:24:10:e3:7c:
d4:e4:2a:28:dd:0e:a8:35:53:ef:0e:9a:f0:b8:af:
60:3c:0c:c8:fa:f8:c4:1e:ca:04:a1:8f:ad:d5:67:
b8:bf:ad:fc:a7:32:6f:cb:03:3d:16:92:df:db:18:
fc:f6:13:0d:d0:31:7d:b9:e8:84:cd:86:ee:be:da:
9e:c1:3a:af:43:03:87:78:25:60:ca:4a:5c:f2:99:
24:3e:ee:2f:f6:a6:f8:af:a8:b4:92:cc:0d:26:2b:
62:70:99:d2:a4:fb:64:09:6c:cc:f0:7b:e1:42:f4:
53:d2:7b:31:b0:2d:7e:41:a7:34:e9:30:b4:56:f8:
50:17:e1:9d:56:99:e2:65:18:ad:0a:95:89:b0:7e:
69:a7:44:70:fa:88:cb:93:e6:2e:3c:41:03:02:20:
60:79:e8:b4:23:b3:f9:1d:11:1e:97:99:4f:32:4d:
34:23:4c:ef:f5:ed:01:bd:53:31:3d:33:1d:59:80:
90:59:42:bc:69:01:f4:f1:04:f4:c4:52:6b:fe:08:
83:83:c1:f5:e3:ee:b9:47:68:10:1a:e2:36:f8:62:
e6:4c:8b:ec:27:9a:3b:8d:9e:19:0b:9b:29:16:22:
3b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F3:65:37:E3:88:91:21:44:F0:8B:B6:A5:4A:8A:12:AB:43:5D:D6
X509v3 Authority Key Identifier:
keyid:6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/LfNlN-OIkSFE8Iu2pUqKEqtDXdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.80.0/22
89.223.4.0/24
89.223.11.0/24
185.215.160.0/22
IPv6:
2a0b:abc0::/29
2a0e:db80::/29
Signature Algorithm: sha256WithRSAEncryption
3f:b7:5f:52:3c:d5:28:8f:9a:38:1b:57:95:6f:f3:11:ee:2a:
24:f2:82:90:15:a4:ae:d9:2e:55:4a:6f:30:95:4a:5a:5d:12:
14:81:97:78:72:89:a1:f6:13:f7:f3:7b:a9:2e:47:15:c4:85:
5b:27:79:cb:16:22:f1:b0:9e:ba:e8:63:1d:39:16:3c:43:2e:
7e:70:ab:c0:cc:35:99:39:a9:20:2d:a0:39:1e:7b:82:64:d6:
30:95:14:80:17:e5:ed:30:3b:ec:c9:8c:18:5b:7b:50:1c:79:
a5:12:3d:42:5f:42:aa:61:5f:ae:bd:50:90:23:b0:ac:1f:26:
50:37:a0:35:e8:73:6f:11:0c:19:a3:26:fe:a4:c5:8c:85:b5:
d6:3e:54:be:30:47:21:e3:76:e8:1f:a1:cf:ae:14:78:79:e4:
47:22:2d:f5:20:9b:9c:aa:8d:4c:b4:5b:df:eb:35:4c:59:22:
69:69:f7:1e:d1:42:ad:c2:20:5b:07:d1:4d:c1:15:5a:fb:c1:
07:cd:fa:b2:b0:15:41:12:b7:b0:4d:8d:ec:8f:da:16:c7:2c:
bd:f0:ec:e6:74:39:9f:8f:6b:04:8e:c3:f1:05:ab:45:74:e5:
35:4f:85:b1:c3:60:e7:9c:85:c7:82:2a:0c:eb:91:e0:fa:89:
d8:8f:42:35
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVur7weLeeZKV08QSzh+BkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZTJhYWIwNzdjOWVlZjEwM2Y5Nzk4NGYzMDlkODkxZTVh
MTk5ODMwHhcNMjMwMTAxMTg1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGYzNjUzN2UzODg5MTIxNDRmMDhiYjZhNTRhOGExMmFiNDM1ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX/ZWSFGrSBNqCv//pauw7yHFzD4
WeyB4SQQ43zU5Coo3Q6oNVPvDprwuK9gPAzI+vjEHsoEoY+t1We4v638pzJvywM9
FpLf2xj89hMN0DF9ueiEzYbuvtqewTqvQwOHeCVgykpc8pkkPu4v9qb4r6i0kswN
JiticJnSpPtkCWzM8HvhQvRT0nsxsC1+Qac06TC0VvhQF+GdVpniZRitCpWJsH5p
p0Rw+ojLk+YuPEEDAiBgeei0I7P5HREel5lPMk00I0zv9e0BvVMxPTMdWYCQWUK8
aQH08QT0xFJr/giDg8H14+65R2gQGuI2+GLmTIvsJ5o7jZ4ZC5spFiI71QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFC3zZTfjiJEhRPCLtqVKihKrQ13WMB8GA1UdIwQY
MBaAFG3iqrB3ye7xA/l5hPMJ2JHloZmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQt
YjlhZTU3Mzk0MTg5LzEvTGZObE4tT0lrU0ZFOEl1MnBVcUtFcXREWGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQtYjlhZTU3Mzk0MTg5
LzEvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLVZQAwQA
Wd8EAwQAWd8LAwQCudegMBQEAgACMA4DBQMqC6vAAwUDKg7bgDANBgkqhkiG9w0B
AQsFAAOCAQEAP7dfUjzVKI+aOBtXlW/zEe4qJPKCkBWkrtkuVUpvMJVKWl0SFIGX
eHKJofYT9/N7qS5HFcSFWyd5yxYi8bCeuuhjHTkWPEMufnCrwMw1mTmpIC2gOR57
gmTWMJUUgBfl7TA77MmMGFt7UBx5pRI9Ql9CqmFfrr1QkCOwrB8mUDegNehzbxEM
GaMm/qTFjIW11j5UvjBHIeN26B+hz64UeHnkRyIt9SCbnKqNTLRb3+s1TFkiaWn3
HtFCrcIgWwfRTcEVWvvBB836srAVQRK3sE2N7I/aFscsvfDs5nQ5n49rBI7D8QWr
RXTlNU+FscNg55yFx4IqDOuR4PqJ2I9CNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:10 2024 by rpki-client on console-fra.rpki-client.org