Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/lyj3VbJNQnAbzAGxpkEJwa6DFac.roa
File: lyj3VbJNQnAbzAGxpkEJwa6DFac.roa (raw, json)
Hash identifier: 3GwzegBppmQOPFgxjLlnGBuijQW2NPAYKXRLUqwqsiE=
Subject key identifier: 97:28:F7:55:B2:4D:42:70:1B:CC:01:B1:A6:41:09:C1:AE:83:15:A7
Certificate issuer: /CN=185d46b7c9d321c9ba189e66b1933c1324197cec
Certificate serial: 01857315DB696DDFF2459302055FD55CD534
Authority key identifier: 18:5D:46:B7:C9:D3:21:C9:BA:18:9E:66:B1:93:3C:13:24:19:7C:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GF1Gt8nTIcm6GJ5msZM8EyQZfOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/lyj3VbJNQnAbzAGxpkEJwa6DFac.roa
Signing time: Mon 02 Jan 2023 15:24:50 +0000
ROA not before: Mon 02 Jan 2023 15:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29182
IP address blocks: 37.46.134.0/23 maxlen: 23
91.240.84.0/23 maxlen: 23
91.240.86.0/23 maxlen: 23
185.43.4.0/23 maxlen: 23
185.43.6.0/23 maxlen: 23
37.46.132.0/23 maxlen: 23
37.46.130.0/23 maxlen: 23
37.46.128.0/23 maxlen: 23
213.159.208.0/23 maxlen: 23
213.159.212.0/23 maxlen: 23
213.159.210.0/23 maxlen: 23
213.159.214.0/23 maxlen: 23
185.63.188.0/22 maxlen: 22
80.87.202.0/24 maxlen: 24
80.87.200.0/23 maxlen: 23
80.87.203.0/24 maxlen: 24
212.109.192.0/22 maxlen: 22
212.109.196.0/23 maxlen: 23
212.109.198.0/23 maxlen: 23
212.109.216.0/23 maxlen: 23
212.109.218.0/23 maxlen: 23
212.109.223.0/24 maxlen: 24
212.109.222.0/24 maxlen: 24
212.109.222.0/23 maxlen: 23
212.109.220.0/23 maxlen: 23
83.220.170.0/23 maxlen: 23
83.220.168.0/23 maxlen: 23
83.220.172.0/23 maxlen: 23
83.220.174.0/23 maxlen: 23
185.146.156.0/23 maxlen: 23
185.146.158.0/23 maxlen: 23
80.87.192.0/23 maxlen: 23
80.87.194.0/23 maxlen: 23
80.87.198.0/23 maxlen: 23
80.87.196.0/23 maxlen: 23
77.246.158.0/23 maxlen: 23
77.246.156.0/22 maxlen: 22
77.246.156.0/23 maxlen: 23
82.202.160.0/23 maxlen: 23
82.202.164.0/24 maxlen: 24
82.202.162.0/23 maxlen: 23
82.202.165.0/24 maxlen: 24
82.202.170.0/23 maxlen: 23
82.202.168.0/23 maxlen: 23
82.202.172.0/23 maxlen: 23
82.202.166.0/23 maxlen: 23
82.202.174.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:db:69:6d:df:f2:45:93:02:05:5f:d5:5c:d5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=185d46b7c9d321c9ba189e66b1933c1324197cec
Validity
Not Before: Jan 2 15:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9728f755b24d42701bcc01b1a64109c1ae8315a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5a:57:db:c1:77:c7:e7:05:14:b7:8a:b2:0c:
4d:1a:d6:2e:9e:91:37:af:06:8c:e9:7a:99:1b:2a:
84:7a:cd:65:ae:06:3d:b0:7c:b2:c2:2e:e8:7d:c5:
e5:75:50:f0:bb:e8:3b:4c:8b:b9:21:d7:53:f3:e6:
a7:af:77:92:fc:cd:70:57:a0:a7:c6:0b:c8:48:a4:
4c:90:9b:98:10:4a:09:0f:37:52:6e:aa:03:1c:5b:
b8:da:70:a9:d9:95:0e:d6:5b:e6:31:7b:84:dd:1d:
80:18:ef:ab:b5:95:b0:63:22:46:b4:b1:ad:7d:4b:
5f:71:47:81:32:0e:30:92:16:50:f4:e2:de:15:88:
03:f8:83:10:6b:34:3f:ff:d2:63:4a:f0:c7:77:03:
bc:1a:09:2a:dd:60:e3:2a:50:63:19:7d:28:cf:58:
da:97:1a:ee:68:ea:75:d2:03:aa:64:1e:3e:77:e1:
43:5f:8f:68:b3:dd:60:75:14:5c:15:9a:b2:ba:ed:
c3:e0:ae:d9:ad:2e:51:65:a3:82:78:78:ca:36:b7:
3f:fe:02:45:c4:b9:d2:0d:33:6c:45:30:88:e5:93:
e5:aa:22:cb:a6:74:1b:12:ce:0e:b6:a8:e9:12:11:
c4:04:90:87:51:11:3d:63:83:c6:e6:7d:e0:e9:2d:
a1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:28:F7:55:B2:4D:42:70:1B:CC:01:B1:A6:41:09:C1:AE:83:15:A7
X509v3 Authority Key Identifier:
keyid:18:5D:46:B7:C9:D3:21:C9:BA:18:9E:66:B1:93:3C:13:24:19:7C:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GF1Gt8nTIcm6GJ5msZM8EyQZfOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/lyj3VbJNQnAbzAGxpkEJwa6DFac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bcabb9-fbdb-4311-a29c-c17de50fd5fb/1/GF1Gt8nTIcm6GJ5msZM8EyQZfOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.128.0/21
77.246.156.0/22
80.87.192.0-80.87.203.255
82.202.160.0/20
83.220.168.0/21
91.240.84.0/22
185.43.4.0/22
185.63.188.0/22
185.146.156.0/22
212.109.192.0/21
212.109.216.0/21
213.159.208.0/21
Signature Algorithm: sha256WithRSAEncryption
59:0f:53:45:7c:21:5f:07:55:43:8e:e0:f1:ad:ac:7b:69:83:
18:3f:36:6f:03:51:38:42:ba:31:ab:92:80:8f:d7:10:c4:d7:
04:ad:2c:b3:95:00:10:7c:22:31:7c:0f:04:5e:a7:8e:05:e6:
94:be:1a:36:7d:f8:50:1b:3c:ff:dd:45:4f:56:ce:7c:69:5d:
9d:e9:dd:4d:66:f0:ca:53:7b:48:e9:35:59:9e:c8:7e:b2:b7:
46:7d:f7:f4:3a:da:f1:d3:76:fb:23:6a:04:d0:26:dc:25:57:
4a:78:6b:62:4b:d7:07:bc:d8:13:be:65:fa:ab:c9:44:cb:ac:
95:80:a2:22:10:12:bd:8b:bb:24:78:26:cb:f6:00:b2:32:c0:
a6:68:0f:53:70:56:a0:75:43:de:f0:c9:72:7a:f4:8c:6f:05:
44:69:d1:23:5b:28:9b:e7:0b:36:62:a6:b2:3b:f1:df:6f:6e:
a1:2d:cd:b2:1f:f3:a3:c7:f1:56:ca:3f:c7:d3:f4:7e:f1:d3:
d8:bd:da:6d:d4:c8:53:5b:3b:b4:85:06:df:21:93:79:70:c5:
f2:e8:ee:78:62:0c:b3:58:d4:66:97:26:15:13:db:ee:06:fe:
04:c6:aa:ae:7e:2f:7c:a7:72:da:e6:b7:63:5e:32:e3:8d:d3:
e5:bd:76:a6
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYVzFdtpbd/yRZMCBV/VXNU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NWQ0NmI3YzlkMzIxYzliYTE4OWU2NmIxOTMzYzEzMjQx
OTdjZWMwHhcNMjMwMTAyMTUyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI4Zjc1NWIyNGQ0MjcwMWJjYzAxYjFhNjQxMDljMWFlODMxNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1pX28F3x+cFFLeKsgxNGtYunpE3
rwaM6XqZGyqEes1lrgY9sHyywi7ofcXldVDwu+g7TIu5IddT8+anr3eS/M1wV6Cn
xgvISKRMkJuYEEoJDzdSbqoDHFu42nCp2ZUO1lvmMXuE3R2AGO+rtZWwYyJGtLGt
fUtfcUeBMg4wkhZQ9OLeFYgD+IMQazQ//9JjSvDHdwO8Ggkq3WDjKlBjGX0oz1ja
lxruaOp10gOqZB4+d+FDX49os91gdRRcFZqyuu3D4K7ZrS5RZaOCeHjKNrc//gJF
xLnSDTNsRTCI5ZPlqiLLpnQbEs4OtqjpEhHEBJCHURE9Y4PG5n3g6S2h9wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFJco91WyTUJwG8wBsaZBCcGugxWnMB8GA1UdIwQY
MBaAFBhdRrfJ0yHJuhieZrGTPBMkGXzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0YxR3Q4blRJY202R0o1bXNaTThFeVFaZk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iY2FiYjktZmJkYi00MzExLWEyOWMt
YzE3ZGU1MGZkNWZiLzEvbHlqM1ZiSk5RbkFiekFHeHBrRUp3YTZERmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iY2FiYjktZmJkYi00MzExLWEyOWMtYzE3ZGU1MGZkNWZi
LzEvR0YxR3Q4blRJY202R0o1bXNaTThFeVFaZk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQDJS6AAwQC
TfacMAwDBAZQV8ADBAJQV8gDBARSyqADBANT3KgDBAJb8FQDBAK5KwQDBAK5P7wD
BAK5kpwDBAPUbcADBAPUbdgDBAPVn9AwDQYJKoZIhvcNAQELBQADggEBAFkPU0V8
IV8HVUOO4PGtrHtpgxg/Nm8DUThCujGrkoCP1xDE1wStLLOVABB8IjF8DwRep44F
5pS+GjZ9+FAbPP/dRU9WznxpXZ3p3U1m8MpTe0jpNVmeyH6yt0Z99/Q62vHTdvsj
agTQJtwlV0p4a2JL1we82BO+ZfqryUTLrJWAoiIQEr2LuyR4Jsv2ALIywKZoD1Nw
VqB1Q97wyXJ69IxvBURp0SNbKJvnCzZiprI78d9vbqEtzbIf86PH8VbKP8fT9H7x
09i92m3UyFNbO7SFBt8hk3lwxfLo7nhiDLNY1GaXJhUT2+4G/gTGqq5+L3ynctrm
t2NeMuON0+W9dqY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:15 2024 by rpki-client on console-ams.rpki-client.org