Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/LMUeB51V91YUAXCuK_Ziy0G5vKE.roa
File: LMUeB51V91YUAXCuK_Ziy0G5vKE.roa (raw, json)
Hash identifier: l4YurAB68/fCSr3udx9cLGJVCcE1R6Y6Y6Plbj5F94U=
Subject key identifier: 2C:C5:1E:07:9D:55:F7:56:14:01:70:AE:2B:F6:62:CB:41:B9:BC:A1
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 0185708CD2BCDBBA8542736D151AF6FEBC0D
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/LMUeB51V91YUAXCuK_Ziy0G5vKE.roa
Signing time: Mon 02 Jan 2023 03:35:54 +0000
ROA not before: Mon 02 Jan 2023 03:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 171.22.60.0/23 maxlen: 23
5.183.240.0/23 maxlen: 23
92.119.24.0/23 maxlen: 23
171.22.62.0/23 maxlen: 23
5.183.242.0/23 maxlen: 23
92.119.26.0/23 maxlen: 23
45.14.80.0/24 maxlen: 24
45.14.81.0/24 maxlen: 24
45.86.24.0/22 maxlen: 22
185.45.94.0/24 maxlen: 24
185.45.92.0/23 maxlen: 23
185.45.95.0/24 maxlen: 24
45.158.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 14 Feb 2023 15:20:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d2:bc:db:ba:85:42:73:6d:15:1a:f6:fe:bc:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jan 2 03:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cc51e079d55f756140170ae2bf662cb41b9bca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fe:da:e6:fa:ef:66:8c:95:71:5d:a5:65:6d:
7e:ae:39:76:76:79:e6:5a:4a:16:41:a7:12:ec:b6:
c2:52:3b:7c:e8:43:71:60:d3:31:95:2a:39:35:1d:
f6:02:3b:a1:ba:d1:42:bd:d5:2d:cc:b5:c4:ae:e9:
4f:d5:bf:b4:02:bc:b4:98:49:4c:b4:ea:96:a1:79:
c4:ba:bb:cc:1c:1f:ea:77:7f:30:70:80:1d:57:f0:
34:c2:23:5e:e9:b1:35:7a:7b:8c:d5:2f:4b:a7:9b:
f1:b3:e3:fd:cb:01:31:9f:bf:9b:9a:48:ad:73:ef:
da:f6:57:c9:43:7a:0f:43:82:09:73:f2:ed:bd:cd:
bb:29:d8:58:df:d4:78:12:cf:1d:55:48:7f:22:da:
79:ff:8c:1c:9b:15:88:13:e5:3f:a4:9c:6a:54:67:
5b:84:36:fd:d0:0c:1a:43:6a:0c:72:b8:7a:6a:c5:
92:a6:db:71:f3:7f:94:01:a9:73:f0:52:b2:8b:92:
08:29:46:a6:63:28:e0:e4:73:d0:09:3f:d6:ac:72:
cc:d6:53:9b:56:4e:c6:88:c2:4b:cb:8f:68:9f:33:
e4:56:5c:43:ee:b5:bb:5e:67:c2:3c:3a:56:1a:cb:
2d:f6:50:40:d1:c9:0b:da:93:59:81:09:79:ea:13:
6d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C5:1E:07:9D:55:F7:56:14:01:70:AE:2B:F6:62:CB:41:B9:BC:A1
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/LMUeB51V91YUAXCuK_Ziy0G5vKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.240.0/22
45.14.80.0/23
45.86.24.0/22
45.158.192.0/22
92.119.24.0/22
171.22.60.0/22
185.45.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:46:8b:94:e1:dd:50:a7:20:f0:00:da:6b:9a:80:43:9e:09:
31:0d:19:9a:42:5b:c5:f8:bb:a7:cb:40:56:91:bb:d7:85:48:
6c:3b:1a:f5:04:b0:cd:21:60:4d:44:08:13:37:08:38:db:c8:
1b:7a:4a:b2:2f:ae:c7:90:dc:f6:30:7d:15:fd:e0:0b:ec:eb:
3b:21:7f:6b:83:de:94:d1:fa:82:fb:1c:b7:5e:2e:5f:4c:51:
a2:4a:cd:76:59:ba:00:26:98:c4:73:4e:0e:2c:27:4e:66:4c:
5a:e9:91:65:4e:eb:8f:24:a4:0e:a5:ed:f6:13:f1:1a:6b:90:
ca:f1:04:b8:07:27:d9:d4:69:9e:1b:ef:b3:1a:1e:b4:d3:c8:
e1:42:1b:3e:00:01:2a:cd:4a:5b:a2:2c:7c:23:89:34:a7:f3:
6e:d5:f9:d9:7b:8c:46:9a:d2:ac:4a:5d:55:8e:8e:9d:13:7d:
cb:93:49:6f:a8:be:34:f8:1c:75:78:56:d3:4e:15:0a:67:b9:
0a:ed:a8:74:91:8b:d2:bf:19:8e:64:be:24:8f:31:f5:41:fd:
a3:8f:20:e1:f4:a6:e5:2e:30:d5:24:87:29:a2:cb:6f:b3:b0:
af:46:f6:55:0d:95:e1:0a:54:7d:ea:1a:5c:95:84:ec:f9:37:
6b:71:7a:6b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwjNK827qFQnNtFRr2/rwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M1MWUwNzlkNTVmNzU2MTQwMTcwYWUyYmY2NjJjYjQxYjliY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf7a5vrvZoyVcV2lZW1+rjl2dnnm
WkoWQacS7LbCUjt86ENxYNMxlSo5NR32AjuhutFCvdUtzLXErulP1b+0Ary0mElM
tOqWoXnEurvMHB/qd38wcIAdV/A0wiNe6bE1enuM1S9Lp5vxs+P9ywExn7+bmkit
c+/a9lfJQ3oPQ4IJc/Ltvc27KdhY39R4Es8dVUh/Itp5/4wcmxWIE+U/pJxqVGdb
hDb90AwaQ2oMcrh6asWSpttx83+UAalz8FKyi5IIKUamYyjg5HPQCT/WrHLM1lOb
Vk7GiMJLy49onzPkVlxD7rW7XmfCPDpWGsst9lBA0ckL2pNZgQl56hNtLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCzFHgedVfdWFAFwriv2YstBubyhMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvTE1VZUI1MVY5MVlVQVhDdUtfWml5MEc1dktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBbfwAwQB
LQ5QAwQCLVYYAwQCLZ7AAwQCXHcYAwQCqxY8AwQCuS1cMA0GCSqGSIb3DQEBCwUA
A4IBAQBdRouU4d1QpyDwANprmoBDngkxDRmaQlvF+Luny0BWkbvXhUhsOxr1BLDN
IWBNRAgTNwg428gbekqyL67HkNz2MH0V/eAL7Os7IX9rg96U0fqC+xy3Xi5fTFGi
Ss12WboAJpjEc04OLCdOZkxa6ZFlTuuPJKQOpe32E/Eaa5DK8QS4ByfZ1GmeG++z
Gh6008jhQhs+AAEqzUpboix8I4k0p/Nu1fnZe4xGmtKsSl1Vjo6dE33Lk0lvqL40
+Bx1eFbTThUKZ7kK7ah0kYvSvxmOZL4kjzH1Qf2jjyDh9KblLjDVJIcpostvs7Cv
RvZVDZXhClR96hpclYTs+TdrcXpr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org