Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/lm2np267XP2cqqz2BMQiS-FleE0.roa
File: lm2np267XP2cqqz2BMQiS-FleE0.roa (raw, json)
Hash identifier: U/NFwj/EgZVMQHy8aZSYrczsYqE56Dlbyx/c/Z8C3No=
Subject key identifier: 96:6D:A7:A7:6E:BB:5C:FD:9C:AA:AC:F6:04:C4:22:4B:E1:65:78:4D
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 018CEF04D5B9D79BA2022E31454374D9066F
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/lm2np267XP2cqqz2BMQiS-FleE0.roa
Signing time: Tue 09 Jan 2024 16:18:40 +0000
ROA not before: Tue 09 Jan 2024 16:18:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209369
IP address blocks: 185.22.96.0/22 maxlen: 22
213.134.21.0/24 maxlen: 24
2a13:5280::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 May 2024 09:23:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:04:d5:b9:d7:9b:a2:02:2e:31:45:43:74:d9:06:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Jan 9 16:18:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=966da7a76ebb5cfd9caaacf604c4224be165784d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4c:5e:87:16:f1:db:79:28:cd:f0:9e:cc:46:
12:eb:74:21:e2:0b:fe:f2:c6:af:f6:18:b8:e1:48:
4a:13:19:65:84:0b:db:6f:c8:9b:ad:5c:c6:ab:c8:
21:49:64:0f:ae:82:48:4e:85:c6:b2:46:aa:b8:ff:
bd:91:96:d7:e0:45:e3:5c:5f:f4:60:4f:16:93:b7:
e9:de:68:46:00:97:ac:ac:fd:56:17:4c:3f:5b:51:
09:d4:1b:87:b5:c6:11:ab:b9:d9:3a:51:ca:de:50:
97:50:01:12:9a:7e:4f:f8:2f:42:fe:67:82:68:ef:
96:9d:3c:eb:b1:60:0d:78:9a:53:d2:e8:61:4a:dd:
84:8a:e6:9f:96:3c:78:21:b2:5b:fb:1c:77:16:02:
67:38:6d:88:52:a6:8c:60:00:a3:91:73:b0:a0:33:
6c:fd:29:05:4c:18:4f:e9:b8:34:96:41:0f:bf:89:
ef:41:22:71:e1:14:f3:b3:c5:1c:d0:f7:f5:d6:ff:
67:2f:07:82:96:1a:f1:e1:7d:b2:c3:ba:8c:62:e6:
ad:52:1d:1e:10:a7:4b:ec:c3:78:25:b5:e8:c3:31:
08:9b:91:3e:d1:e0:36:37:6f:ab:dd:be:b3:0f:d2:
85:87:b4:d7:75:68:f7:38:92:ef:a2:34:e8:6e:99:
33:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6D:A7:A7:6E:BB:5C:FD:9C:AA:AC:F6:04:C4:22:4B:E1:65:78:4D
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/lm2np267XP2cqqz2BMQiS-FleE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.96.0/22
213.134.21.0/24
IPv6:
2a13:5280::/29
Signature Algorithm: sha256WithRSAEncryption
d5:55:21:d0:3f:67:50:b4:d9:a9:fb:d3:b5:8b:fb:3f:70:74:
0e:29:4d:ee:9a:1b:29:43:91:62:42:64:d6:58:a9:16:8c:19:
af:ba:73:8a:5d:f4:6b:b6:48:b4:47:e4:70:28:3c:db:f4:76:
b8:61:fc:5f:ef:d7:33:0b:18:be:1d:60:6b:42:37:e5:f6:f6:
c6:e1:2c:13:9a:49:5b:95:ef:3e:cf:4b:66:ab:57:33:17:dd:
d0:56:80:60:63:3f:0c:10:81:9b:f8:84:48:2a:b1:85:74:d1:
2d:3c:ab:27:09:b5:f3:00:d8:31:2c:25:1c:c3:09:6e:5d:c8:
74:fe:5c:f9:62:d9:6b:08:d0:fc:96:e6:70:4d:a8:69:13:b0:
86:f0:d8:44:ba:5e:67:1a:c0:ea:3d:23:82:6c:36:72:d9:d6:
29:84:0e:13:0b:2b:73:53:b1:2c:c2:46:0d:d3:96:02:ac:4f:
12:a3:c7:86:be:6c:81:54:10:d8:03:57:66:c9:1f:42:44:e2:
dd:dd:ae:20:9f:cd:a1:33:9e:2f:d6:db:92:ce:51:bb:7b:b1:
23:39:26:59:4f:b9:52:6f:5d:08:72:6b:e6:76:19:bd:ce:8d:
0b:f0:36:ee:d7:4a:12:a4:b7:4f:10:0f:c9:57:7b:7e:93:40:
67:71:24:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzvBNW515uiAi4xRUN02QZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjQwMTA5MTYxODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjZkYTdhNzZlYmI1Y2ZkOWNhYWFjZjYwNGM0MjI0YmUxNjU3ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Uxehxbx23kozfCezEYS63Qh4gv+
8sav9hi44UhKExllhAvbb8ibrVzGq8ghSWQProJIToXGskaquP+9kZbX4EXjXF/0
YE8Wk7fp3mhGAJesrP1WF0w/W1EJ1BuHtcYRq7nZOlHK3lCXUAESmn5P+C9C/meC
aO+WnTzrsWANeJpT0uhhSt2Eiuafljx4IbJb+xx3FgJnOG2IUqaMYACjkXOwoDNs
/SkFTBhP6bg0lkEPv4nvQSJx4RTzs8Uc0Pf11v9nLweClhrx4X2yw7qMYuatUh0e
EKdL7MN4JbXowzEIm5E+0eA2N2+r3b6zD9KFh7TXdWj3OJLvojTobpkzcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJZtp6duu1z9nKqs9gTEIkvhZXhNMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvbG0ybnAyNjdYUDJjcXF6MkJNUWlTLUZsZUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRZgAwQA
1YYVMA0EAgACMAcDBQMqE1KAMA0GCSqGSIb3DQEBCwUAA4IBAQDVVSHQP2dQtNmp
+9O1i/s/cHQOKU3umhspQ5FiQmTWWKkWjBmvunOKXfRrtki0R+RwKDzb9Ha4Yfxf
79czCxi+HWBrQjfl9vbG4SwTmklble8+z0tmq1czF93QVoBgYz8MEIGb+IRIKrGF
dNEtPKsnCbXzANgxLCUcwwluXch0/lz5YtlrCND8luZwTahpE7CG8NhEul5nGsDq
PSOCbDZy2dYphA4TCytzU7EswkYN05YCrE8So8eGvmyBVBDYA1dmyR9CROLd3a4g
n82hM54v1tuSzlG7e7EjOSZZT7lSb10Icmvmdhm9zo0L8Dbu10oSpLdPEA/JV3t+
k0BncSSP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:11 2024 by rpki-client on console-fra.rpki-client.org