Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/LEq8udb9rGJZbTwkEyPlHlIr3b8.roa
File: LEq8udb9rGJZbTwkEyPlHlIr3b8.roa (raw, json)
Hash identifier: F7T0GRoB+apmcHe4NfkX5hVPoXHYY8/andHh8nC5pEM=
Subject key identifier: 2C:4A:BC:B9:D6:FD:AC:62:59:6D:3C:24:13:23:E5:1E:52:2B:DD:BF
Certificate issuer: /CN=d055e0b86f3f5125054863cf9264e6346e09bbb7
Certificate serial: 01860C5303C0AFCF3B1D270C59CEB920BC8D
Authority key identifier: D0:55:E0:B8:6F:3F:51:25:05:48:63:CF:92:64:E6:34:6E:09:BB:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FXguG8_USUFSGPPkmTmNG4Ju7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/LEq8udb9rGJZbTwkEyPlHlIr3b8.roa
Signing time: Wed 01 Feb 2023 09:33:32 +0000
ROA not before: Wed 01 Feb 2023 09:33:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203053
IP address blocks: 86.107.43.0/24 maxlen: 24
89.39.209.0/24 maxlen: 24
86.107.78.0/24 maxlen: 24
86.107.79.0/24 maxlen: 24
188.214.214.0/24 maxlen: 24
86.105.228.0/24 maxlen: 24
185.146.85.0/24 maxlen: 24
185.146.84.0/22 maxlen: 22
185.146.87.0/24 maxlen: 24
185.146.86.0/24 maxlen: 24
93.119.122.0/24 maxlen: 24
89.42.13.0/24 maxlen: 24
89.40.33.0/24 maxlen: 24
89.40.32.0/24 maxlen: 24
188.212.127.0/24 maxlen: 24
176.126.172.0/24 maxlen: 24
93.113.55.0/24 maxlen: 24
93.113.54.0/24 maxlen: 24
89.37.29.0/24 maxlen: 24
37.156.181.0/24 maxlen: 24
37.156.180.0/24 maxlen: 24
31.14.56.0/24 maxlen: 24
188.212.252.0/24 maxlen: 24
188.212.255.0/24 maxlen: 24
93.114.248.0/24 maxlen: 24
85.204.69.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:53:03:c0:af:cf:3b:1d:27:0c:59:ce:b9:20:bc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d055e0b86f3f5125054863cf9264e6346e09bbb7
Validity
Not Before: Feb 1 09:33:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c4abcb9d6fdac62596d3c241323e51e522bddbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:10:0e:db:cb:35:09:14:e6:b7:37:17:5a:a7:
36:68:6e:60:e9:72:99:14:31:51:e2:e1:aa:71:30:
c4:ee:61:63:9a:0c:a6:48:74:59:f9:87:01:3c:fd:
43:ff:37:a2:90:cf:32:28:81:11:73:ab:90:92:f3:
7c:fb:6e:d4:1e:a8:89:9e:22:bb:a2:e3:9e:d4:09:
73:06:d8:ef:21:c4:17:d8:20:0e:7c:16:d4:cc:d7:
68:55:dc:fd:3d:ea:65:1f:bb:de:fd:24:ff:37:7a:
ed:bb:9c:df:fd:23:b5:9c:32:87:99:8b:14:9a:c4:
6b:d9:28:b9:35:08:0e:ec:73:52:37:0e:e5:99:58:
38:1a:c7:a4:83:34:f1:e0:aa:5c:c0:c8:9b:f1:5d:
b4:50:e6:e0:c3:ae:79:7e:f6:c8:d5:a1:a7:e0:9d:
74:6c:0f:47:fe:73:9e:99:85:36:f7:3f:ff:5f:29:
53:f6:c0:00:54:d6:6a:45:e0:0d:f2:de:18:dc:28:
ab:25:3b:19:cc:5f:6e:aa:3c:b4:ef:82:fb:00:0d:
8f:c8:db:bc:d8:25:39:64:62:b2:1a:ff:7e:e9:32:
37:f7:e6:cd:00:7a:30:bf:9e:4a:97:fd:96:7f:79:
28:b1:79:d5:a2:50:20:dc:17:38:fd:f9:62:4a:e1:
0d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4A:BC:B9:D6:FD:AC:62:59:6D:3C:24:13:23:E5:1E:52:2B:DD:BF
X509v3 Authority Key Identifier:
keyid:D0:55:E0:B8:6F:3F:51:25:05:48:63:CF:92:64:E6:34:6E:09:BB:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FXguG8_USUFSGPPkmTmNG4Ju7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/LEq8udb9rGJZbTwkEyPlHlIr3b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/0FXguG8_USUFSGPPkmTmNG4Ju7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.56.0/24
37.156.180.0/23
85.204.69.0/24
86.105.228.0/24
86.107.43.0/24
86.107.78.0/23
89.37.29.0/24
89.39.209.0/24
89.40.32.0/23
89.42.13.0/24
89.44.105.0/24
93.113.54.0/23
93.114.248.0/24
93.119.122.0/24
176.126.172.0/24
185.146.84.0/22
188.212.127.0/24
188.212.252.0/24
188.212.255.0/24
188.214.214.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:fb:f3:f5:e0:3a:e2:cb:15:ba:8e:58:4b:34:34:66:8a:81:
4d:e9:e2:71:d5:f2:c4:d5:f1:b9:48:dc:02:95:59:3f:1c:b6:
1f:0a:ba:5f:1f:0e:d8:c6:b0:6e:28:0b:ae:e8:7a:cd:21:cb:
82:57:45:4f:22:06:f1:e3:e8:18:85:b2:5f:05:62:92:60:b8:
5f:c6:a4:bf:10:0b:ec:a0:30:bd:1c:43:b7:1a:3e:b6:d9:82:
32:8b:d1:be:eb:cd:a3:9f:90:f9:48:04:41:31:7a:1a:a3:ca:
94:d3:c9:47:71:3b:1d:fe:f1:52:bc:c9:b4:8a:06:2e:36:f9:
6f:28:86:c7:7d:1f:bb:4f:95:b2:5b:1b:6c:bd:07:02:72:b8:
2b:49:07:91:c2:6c:ca:0d:b6:95:6f:41:7c:66:7a:64:d9:9e:
4f:54:83:8f:30:35:7d:8c:a4:e7:8d:d6:06:b1:2e:0b:40:b9:
48:8e:13:98:28:b3:3f:b2:ca:5e:72:ae:31:a6:b8:ec:67:e4:
6d:3a:2c:cd:26:66:b1:86:3f:87:aa:11:0b:e5:f4:0e:b6:50:
06:2f:98:e9:2e:fd:1b:a1:bf:22:04:c7:3b:27:9b:14:1d:03:
c6:2b:06:d2:03:9e:84:b9:95:78:a0:1b:54:aa:b8:8f:b5:5a:
11:83:a8:3e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYYMUwPAr887HScMWc65ILyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNTVlMGI4NmYzZjUxMjUwNTQ4NjNjZjkyNjRlNjM0NmUw
OWJiYjcwHhcNMjMwMjAxMDkzMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzRhYmNiOWQ2ZmRhYzYyNTk2ZDNjMjQxMzIzZTUxZTUyMmJkZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBAO28s1CRTmtzcXWqc2aG5g6XKZ
FDFR4uGqcTDE7mFjmgymSHRZ+YcBPP1D/zeikM8yKIERc6uQkvN8+27UHqiJniK7
ouOe1AlzBtjvIcQX2CAOfBbUzNdoVdz9PeplH7ve/ST/N3rtu5zf/SO1nDKHmYsU
msRr2Si5NQgO7HNSNw7lmVg4GsekgzTx4KpcwMib8V20UObgw655fvbI1aGn4J10
bA9H/nOemYU29z//XylT9sAAVNZqReAN8t4Y3CirJTsZzF9uqjy074L7AA2PyNu8
2CU5ZGKyGv9+6TI39+bNAHowv55Kl/2Wf3kosXnVolAg3Bc4/fliSuENPQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFCxKvLnW/axiWW08JBMj5R5SK92/MB8GA1UdIwQY
MBaAFNBV4LhvP1ElBUhjz5Jk5jRuCbu3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZYZ3VHOF9VU1VGU0dQUGttVG1ORzRKdTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xY2JhOWYtY2Q2ZS00ZDEyLWE3OGQt
Zjk4YzdmZWMxOTRlLzEvTEVxOHVkYjlyR0paYlR3a0V5UGxIbElyM2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xY2JhOWYtY2Q2ZS00ZDEyLWE3OGQtZjk4YzdmZWMxOTRl
LzEvMEZYZ3VHOF9VU1VGU0dQUGttVG1ORzRKdTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAHw44
AwQBJZy0AwQAVcxFAwQAVmnkAwQAVmsrAwQBVmtOAwQAWSUdAwQAWSfRAwQBWSgg
AwQAWSoNAwQAWSxpAwQBXXE2AwQAXXL4AwQAXXd6AwQAsH6sAwQCuZJUAwQAvNR/
AwQAvNT8AwQAvNT/AwQAvNbWMA0GCSqGSIb3DQEBCwUAA4IBAQCm+/P14DriyxW6
jlhLNDRmioFN6eJx1fLE1fG5SNwClVk/HLYfCrpfHw7YxrBuKAuu6HrNIcuCV0VP
Igbx4+gYhbJfBWKSYLhfxqS/EAvsoDC9HEO3Gj622YIyi9G+682jn5D5SARBMXoa
o8qU08lHcTsd/vFSvMm0igYuNvlvKIbHfR+7T5WyWxtsvQcCcrgrSQeRwmzKDbaV
b0F8Znpk2Z5PVIOPMDV9jKTnjdYGsS4LQLlIjhOYKLM/sspecq4xprjsZ+RtOizN
Jmaxhj+HqhEL5fQOtlAGL5jpLv0bob8iBMc7J5sUHQPGKwbSA56EuZV4oBtUqriP
tVoRg6g+
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:16 2024 by rpki-client on console-ams.rpki-client.org