Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lirXylHm2vT7jndpObTZH8h4-88.roa
File: lirXylHm2vT7jndpObTZH8h4-88.roa (raw, json)
Hash identifier: UAvI6PZ9mKxAI4OpIMJdggXPFzQSlELIzeYZO4hTPmQ=
Subject key identifier: 96:2A:D7:CA:51:E6:DA:F4:FB:8E:77:69:39:B4:D9:1F:C8:78:FB:CF
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018D78972E22171CE8A5C5EC2F2599848197
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lirXylHm2vT7jndpObTZH8h4-88.roa
Signing time: Mon 05 Feb 2024 09:26:30 +0000
ROA not before: Mon 05 Feb 2024 09:26:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.0.0/17 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
85.254.104.0/22 maxlen: 22
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
109.205.120.0/21 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.0.0/16 maxlen: 24
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 24
185.176.116.0/22 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Mar 2024 13:08:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:97:2e:22:17:1c:e8:a5:c5:ec:2f:25:99:84:81:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Feb 5 09:26:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=962ad7ca51e6daf4fb8e776939b4d91fc878fbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:54:a2:a5:44:71:37:cd:2a:0d:2f:d7:68:f3:
1c:4f:05:5a:a5:f8:c6:6a:3a:ae:cd:6e:2b:fe:bb:
ce:b1:81:4b:2b:59:cf:81:c1:0f:dd:54:44:11:38:
8e:01:f1:40:64:5b:09:21:6e:d8:d0:30:22:7a:53:
3e:51:90:d7:40:1a:6b:49:89:ba:5e:05:de:62:cc:
0c:7b:08:ca:f2:d9:7a:a0:48:2b:e5:e9:09:da:0c:
67:06:4c:c5:5a:32:90:e9:50:e9:77:78:ea:60:0a:
d0:5f:19:1b:e3:fc:8e:c3:90:c9:a6:f3:f7:e0:ab:
b0:c9:6e:0b:2f:59:e2:a9:e9:e9:19:8a:62:3a:14:
ac:cc:10:04:43:de:4f:fb:2f:6d:e6:81:a2:69:2a:
2f:de:60:df:cc:36:32:32:ba:64:51:c4:5e:bf:aa:
29:18:37:7a:07:83:1a:ba:4c:74:9e:81:40:bc:03:
80:5d:ee:53:8c:7f:81:2d:77:c9:62:51:95:99:76:
3e:2f:6f:ee:d3:e2:c1:91:96:3a:0a:68:cf:92:28:
43:f8:8f:42:71:0a:49:fe:57:5c:3c:a5:6f:d3:5a:
a6:8e:ab:69:9c:2b:fc:d7:ad:7b:1e:05:56:ad:ff:
c7:33:15:45:52:a1:62:a5:e2:d1:9a:19:00:f7:8c:
ab:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2A:D7:CA:51:E6:DA:F4:FB:8E:77:69:39:B4:D9:1F:C8:78:FB:CF
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lirXylHm2vT7jndpObTZH8h4-88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
60:2e:a6:30:0b:f4:ad:b1:72:da:e8:a7:4e:a7:e3:35:f3:7d:
5a:d6:5b:e2:a5:62:c8:1c:95:15:39:b0:8c:64:d5:07:46:e8:
1d:4e:66:9a:df:05:f3:16:a1:36:e7:3f:5f:11:33:3d:7a:da:
47:4b:d0:2f:03:79:12:33:d8:86:bf:66:87:6e:fa:18:7b:86:
f9:64:4c:71:83:d8:83:3d:01:1c:e1:56:30:61:a4:4b:d6:6d:
04:dc:d4:00:fd:69:1a:75:3f:55:5e:18:18:0a:b7:c4:0d:4c:
ca:34:91:e8:af:40:24:23:80:0d:99:fd:17:82:a1:e1:fc:78:
9a:d4:75:7e:af:6b:66:9d:0c:f5:88:92:69:e0:6f:33:d3:92:
69:72:42:84:0a:ae:d6:2b:5a:a8:ff:0e:9f:1d:3b:15:73:a9:
37:46:c6:5e:a0:ac:53:4a:38:00:e1:7e:cc:77:6a:7f:5c:c9:
db:da:94:b2:0b:d6:93:1b:a2:32:ab:48:5f:ff:50:87:45:7a:
9e:e0:91:f3:90:6a:cc:60:df:dc:37:d9:0f:a6:b3:26:33:a4:
b6:84:04:bb:95:e2:0d:90:5b:a1:17:58:43:a6:f8:a3:c6:de:
55:f9:17:09:f3:3f:09:36:0a:e4:89:04:9b:c2:77:e9:15:69:
c7:ec:8d:5b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY14ly4iFxzopcXsLyWZhIGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMjA1MDkyNjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJhZDdjYTUxZTZkYWY0ZmI4ZTc3NjkzOWI0ZDkxZmM4NzhmYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVSipURxN80qDS/XaPMcTwVapfjG
ajquzW4r/rvOsYFLK1nPgcEP3VREETiOAfFAZFsJIW7Y0DAielM+UZDXQBprSYm6
XgXeYswMewjK8tl6oEgr5ekJ2gxnBkzFWjKQ6VDpd3jqYArQXxkb4/yOw5DJpvP3
4KuwyW4LL1niqenpGYpiOhSszBAEQ95P+y9t5oGiaSov3mDfzDYyMrpkUcRev6op
GDd6B4Maukx0noFAvAOAXe5TjH+BLXfJYlGVmXY+L2/u0+LBkZY6CmjPkihD+I9C
cQpJ/ldcPKVv01qmjqtpnCv81617HgVWrf/HMxVFUqFipeLRmhkA94yrlwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJYq18pR5tr0+453aTm02R/IePvPMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbGlyWHlsSG0ydlQ3am5kcE9iVFpIOGg0LTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQBgLqYwC/StsXLa6KdOp+M1831a1lvipWLIHJUVObCMZNUHRugdTmaa3wXzFqE2
5z9fETM9etpHS9AvA3kSM9iGv2aHbvoYe4b5ZExxg9iDPQEc4VYwYaRL1m0E3NQA
/WkadT9VXhgYCrfEDUzKNJHor0AkI4ANmf0XgqHh/Hia1HV+r2tmnQz1iJJp4G8z
05JpckKECq7WK1qo/w6fHTsVc6k3RsZeoKxTSjgA4X7Md2p/XMnb2pSyC9aTG6Iy
q0hf/1CHRXqe4JHzkGrMYN/cN9kPprMmM6S2hAS7leINkFuhF1hDpvijxt5V+RcJ
8z8JNgrkiQSbwnfpFWnH7I1b
-----END CERTIFICATE-----
Generated at Tue Mar 5 17:44:34 2024 by rpki-client on console-fra.rpki-client.org