Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LFDYo9kTKEiqLax3hK4zIqg2c5U.roa
File: LFDYo9kTKEiqLax3hK4zIqg2c5U.roa (raw, json)
Hash identifier: Yfu6RszzM6mNnD6mV9Ni73uZm4Oc98cYxUECtd9YiHU=
Subject key identifier: 2C:50:D8:A3:D9:13:28:48:AA:2D:AC:77:84:AE:33:22:A8:36:73:95
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185867351F0370B25096671008494D8234B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LFDYo9kTKEiqLax3hK4zIqg2c5U.roa
Signing time: Fri 06 Jan 2023 09:39:42 +0000
ROA not before: Fri 06 Jan 2023 09:39:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 194.87.3.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 09:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:73:51:f0:37:0b:25:09:66:71:00:84:94:d8:23:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 6 09:39:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c50d8a3d9132848aa2dac7784ae3322a8367395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:db:3d:d3:91:c7:b1:25:b2:90:70:66:5c:97:
74:ae:a9:c2:d1:a2:11:d1:56:75:53:ee:17:f2:ea:
97:10:e6:62:58:ef:0f:d5:47:fc:fa:65:7a:e9:9c:
5e:bd:9d:53:af:40:a6:65:a8:6f:ac:da:27:21:25:
3e:08:73:48:fe:bc:32:b9:b4:09:bc:21:53:d4:2c:
78:55:99:2b:dc:48:5a:39:04:5f:ba:73:73:95:56:
72:9d:dc:0b:e3:b2:73:af:99:b2:b9:ce:00:c1:45:
c9:26:cb:83:3c:32:31:e1:6d:c0:4c:eb:a7:60:f3:
c7:a5:6b:a6:8c:62:83:79:bb:06:30:e0:dd:b2:36:
78:89:ed:57:58:c7:f1:41:f7:4e:84:8f:32:d4:ae:
7a:54:ba:59:d3:1e:ac:77:ec:ef:67:9e:af:46:63:
7c:1d:99:ce:0b:87:94:3a:48:27:61:aa:03:07:8f:
a6:ad:76:f4:3e:cf:f0:24:f6:c2:de:28:0e:1f:b8:
76:9c:a1:63:07:64:41:9e:8e:3e:97:ef:cf:41:be:
43:04:ae:84:b3:6c:8a:d0:fe:47:71:f8:58:da:a2:
fb:af:84:9b:40:3e:fe:01:2c:a2:e5:dd:ce:1a:52:
56:e4:eb:b9:4b:67:05:fa:7f:fa:3b:af:e3:91:5d:
5f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:50:D8:A3:D9:13:28:48:AA:2D:AC:77:84:AE:33:22:A8:36:73:95
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LFDYo9kTKEiqLax3hK4zIqg2c5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
193.124.16.0/24
193.124.93.0/24
193.124.202.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.37.0/24
194.87.83.0/24
194.87.177.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
12:7f:47:ff:ac:58:0c:ab:a9:65:4e:c8:61:f9:01:44:6b:28:
01:bb:cc:6c:eb:36:ae:69:96:54:e2:5d:10:e7:0a:2c:7b:cd:
19:af:e0:44:34:55:fd:8b:23:b8:91:c8:e3:f4:44:2b:a7:a7:
a8:94:b4:72:dd:1d:a5:34:aa:82:2e:57:6d:bc:25:00:ca:ac:
b8:c6:3d:bb:b4:bc:ea:5d:2d:9b:41:46:91:e4:3d:cd:c7:7d:
4a:0f:34:ff:70:8d:f6:af:70:3e:6f:87:35:9a:58:08:ea:a5:
c4:00:c2:b0:43:ed:1e:ed:a5:46:f2:d8:67:5c:ea:bc:67:e8:
3b:31:3b:f8:6e:f6:8a:ea:f0:f0:3d:9d:cf:75:63:95:ce:56:
d8:7b:1e:63:88:24:f8:92:4f:ed:e8:a3:66:a7:51:db:35:37:
92:c7:44:38:5b:fd:18:5f:92:db:cd:fe:c6:53:62:7a:8d:91:
27:83:ab:2b:9c:1a:e3:63:15:32:2d:65:cc:12:1c:1b:61:af:
ed:65:a1:e7:b6:b9:66:65:0c:8b:51:f6:97:a5:21:46:d1:b8:
ee:56:ab:a2:90:8c:7e:18:fa:a3:9b:c7:3c:ac:89:b9:c4:36:
d5:2f:5c:e9:1d:c7:87:83:ef:a4:d2:8b:92:b4:d2:e1:ec:a1:
6a:3f:f6:0f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYWGc1HwNwslCWZxAISU2CNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA2MDkzOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzUwZDhhM2Q5MTMyODQ4YWEyZGFjNzc4NGFlMzMyMmE4MzY3Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9s905HHsSWykHBmXJd0rqnC0aIR
0VZ1U+4X8uqXEOZiWO8P1Uf8+mV66ZxevZ1Tr0CmZahvrNonISU+CHNI/rwyubQJ
vCFT1Cx4VZkr3EhaOQRfunNzlVZyndwL47Jzr5myuc4AwUXJJsuDPDIx4W3ATOun
YPPHpWumjGKDebsGMODdsjZ4ie1XWMfxQfdOhI8y1K56VLpZ0x6sd+zvZ56vRmN8
HZnOC4eUOkgnYaoDB4+mrXb0Ps/wJPbC3igOH7h2nKFjB2RBno4+l+/PQb5DBK6E
s2yK0P5HcfhY2qL7r4SbQD7+ASyi5d3OGlJW5Ou5S2cF+n/6O6/jkV1f0QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCxQ2KPZEyhIqi2sd4SuMyKoNnOVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTEZEWW85a1RLRWlxTGF4M2hLNHpJcWcyYzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAPkzoAwQA
PkzrAwQAwXwQAwQAwXxdAwQAwXzKAwQAwjovAwQAwlcDAwQAwlcQAwQAwlcWAwQA
wlclAwQAwldTAwQAwlexAwQAw4VWAwQAw4XCAwQA1MDTMA0GCSqGSIb3DQEBCwUA
A4IBAQASf0f/rFgMq6llTshh+QFEaygBu8xs6zauaZZU4l0Q5wose80Zr+BENFX9
iyO4kcjj9EQrp6eolLRy3R2lNKqCLldtvCUAyqy4xj27tLzqXS2bQUaR5D3Nx31K
DzT/cI32r3A+b4c1mlgI6qXEAMKwQ+0e7aVG8thnXOq8Z+g7MTv4bvaK6vDwPZ3P
dWOVzlbYex5jiCT4kk/t6KNmp1HbNTeSx0Q4W/0YX5Lbzf7GU2J6jZEng6srnBrj
YxUyLWXMEhwbYa/tZaHntrlmZQyLUfaXpSFG0bjuVquikIx+GPqjm8c8rIm5xDbV
L1zpHceHg++k0ouStNLh7KFqP/YP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org