Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/lyrx8nXvbCiwNBRCxG8-n8nqvLg.roa
File: lyrx8nXvbCiwNBRCxG8-n8nqvLg.roa (raw, json)
Hash identifier: qmVHGrLyNSWbYyX0mfClJw2mntMOw0hHWtpA8tgltts=
Subject key identifier: 97:2A:F1:F2:75:EF:6C:28:B0:34:14:42:C4:6F:3E:9F:C9:EA:BC:B8
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 01877A0E7953CEFBA7EA1BDBEAA816B8A9C1
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/lyrx8nXvbCiwNBRCxG8-n8nqvLg.roa
Signing time: Thu 13 Apr 2023 09:59:41 +0000
ROA not before: Thu 13 Apr 2023 09:59:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208988
IP address blocks: 185.44.4.0/22 maxlen: 22
37.10.110.0/23 maxlen: 23
85.190.184.0/21 maxlen: 21
91.208.17.0/24 maxlen: 24
185.123.4.0/22 maxlen: 22
185.195.120.0/22 maxlen: 22
37.10.68.0/23 maxlen: 23
94.126.36.0/22 maxlen: 22
31.214.150.0/23 maxlen: 23
185.68.240.0/22 maxlen: 22
185.50.108.0/22 maxlen: 22
62.221.228.0/22 maxlen: 22
185.125.232.0/22 maxlen: 22
128.0.120.0/23 maxlen: 23
85.222.208.0/20 maxlen: 20
2a01:71a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:0e:79:53:ce:fb:a7:ea:1b:db:ea:a8:16:b8:a9:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Apr 13 09:59:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972af1f275ef6c28b0341442c46f3e9fc9eabcb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:09:5f:ab:d6:b5:4f:6f:39:f6:74:69:af:85:
6d:4c:4e:97:67:3c:c6:95:b1:74:13:1d:7e:44:cf:
30:c1:8d:c1:6c:f7:ab:c2:32:43:79:6f:3d:c5:62:
a1:d0:38:21:46:4e:65:df:7c:80:56:d8:fc:be:1f:
b1:f3:c8:2a:55:97:a3:46:87:43:18:3a:bd:28:d9:
4f:d1:35:3e:be:7f:5d:ba:ea:77:82:59:a0:56:5f:
21:0d:c8:00:b3:fd:be:32:f0:a2:76:39:9e:13:d2:
a6:e8:b2:64:f2:59:32:43:b5:32:8b:b6:85:b6:c7:
c4:bf:b4:8d:8d:85:bb:4b:3f:30:d9:54:32:f3:9f:
e0:d5:61:38:23:ad:6f:c1:b6:26:92:2c:20:3c:2d:
c4:d4:b0:cd:6b:b3:8e:c6:33:c4:60:c7:e3:43:29:
d9:42:d6:94:75:4b:75:9f:2b:61:a8:17:11:df:ac:
5a:80:a2:9f:ba:0f:f5:c3:98:7f:90:13:86:6a:c6:
6d:70:07:81:a5:2a:ff:25:c2:1a:c4:6d:df:76:b0:
1a:47:91:3c:59:43:f6:66:ad:d2:49:da:4a:34:b7:
1c:82:47:19:f4:87:80:c5:5f:04:d5:0a:b9:d4:92:
0c:40:25:df:64:61:2f:1b:10:8f:35:c6:5e:a3:f1:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2A:F1:F2:75:EF:6C:28:B0:34:14:42:C4:6F:3E:9F:C9:EA:BC:B8
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/lyrx8nXvbCiwNBRCxG8-n8nqvLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.150.0/23
37.10.68.0/23
37.10.110.0/23
62.221.228.0/22
85.190.184.0/21
85.222.208.0/20
91.208.17.0/24
94.126.36.0/22
128.0.120.0/23
185.44.4.0/22
185.50.108.0/22
185.68.240.0/22
185.123.4.0/22
185.125.232.0/22
185.195.120.0/22
IPv6:
2a01:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
13:59:09:3a:da:ac:43:dd:f4:42:21:56:5d:98:4e:88:f7:d1:
7e:46:ce:98:44:9f:9d:09:6e:03:d6:eb:fb:e9:1c:49:a8:1e:
4c:3b:21:03:d5:6f:f2:d8:79:cc:dc:5e:e5:a3:49:71:7e:8d:
37:0b:62:e0:d6:23:e5:f9:7b:71:27:80:63:87:45:7f:c2:73:
ee:5f:99:60:0d:fc:56:d5:69:90:e5:8d:3b:b9:c0:fb:87:25:
e0:6f:6f:6f:3d:bc:22:7c:17:9b:44:92:fb:aa:05:ed:81:88:
48:b9:d7:a8:82:fc:a2:02:b9:1f:b3:9b:55:b1:f2:bf:e9:a7:
e9:e0:4b:a1:be:9e:cf:41:78:f0:21:6d:12:b4:a2:ca:f7:46:
b5:fb:28:77:e9:d7:fa:8c:9f:68:ff:37:fb:aa:b0:a4:40:71:
4d:4d:1a:6b:88:2c:80:4b:8c:40:c9:28:41:89:56:40:bc:6d:
d8:57:49:c7:fc:ab:62:2a:20:bf:61:97:71:77:68:25:5e:84:
7a:c1:82:d0:7c:a3:92:ee:b2:e1:96:77:07:0e:19:fd:5f:c8:
78:96:6d:4b:86:8f:d7:cb:10:e0:28:13:f5:54:1e:27:d9:a3:
ac:98:2b:93:14:76:0a:6f:f4:09:74:58:5c:73:70:fd:50:58:
ac:6d:ba:6d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYd6DnlTzvun6hvb6qgWuKnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjMwNDEzMDk1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJhZjFmMjc1ZWY2YzI4YjAzNDE0NDJjNDZmM2U5ZmM5ZWFiY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwlfq9a1T2859nRpr4VtTE6XZzzG
lbF0Ex1+RM8wwY3BbPerwjJDeW89xWKh0DghRk5l33yAVtj8vh+x88gqVZejRodD
GDq9KNlP0TU+vn9duup3glmgVl8hDcgAs/2+MvCidjmeE9Km6LJk8lkyQ7Uyi7aF
tsfEv7SNjYW7Sz8w2VQy85/g1WE4I61vwbYmkiwgPC3E1LDNa7OOxjPEYMfjQynZ
QtaUdUt1nythqBcR36xagKKfug/1w5h/kBOGasZtcAeBpSr/JcIaxG3fdrAaR5E8
WUP2Zq3SSdpKNLccgkcZ9IeAxV8E1Qq51JIMQCXfZGEvGxCPNcZeo/Gc5wIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFJcq8fJ172wosDQUQsRvPp/J6ry4MB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvbHlyeDhuWHZiQ2l3TkJSQ3hHOC1uOG5xdkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAR/WlgME
ASUKRAMEASUKbgMEAj7d5AMEA1W+uAMEBFXe0AMEAFvQEQMEAl5+JAMEAYAAeAME
ArksBAMEArkybAMEArlE8AMEArl7BAMEArl96AMEArnDeDANBAIAAjAHAwUAKgFx
oDANBgkqhkiG9w0BAQsFAAOCAQEAE1kJOtqsQ930QiFWXZhOiPfRfkbOmESfnQlu
A9br++kcSageTDshA9Vv8th5zNxe5aNJcX6NNwti4NYj5fl7cSeAY4dFf8Jz7l+Z
YA38VtVpkOWNO7nA+4cl4G9vbz28InwXm0SS+6oF7YGISLnXqIL8ogK5H7ObVbHy
v+mn6eBLob6ez0F48CFtErSiyvdGtfsod+nX+oyfaP83+6qwpEBxTU0aa4gsgEuM
QMkoQYlWQLxt2FdJx/yrYiogv2GXcXdoJV6EesGC0Hyjku6y4ZZ3Bw4Z/V/IeJZt
S4aP18sQ4CgT9VQeJ9mjrJgrkxR2Cm/0CXRYXHNw/VBYrG26bQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org