Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lxaHdD5WLJwCLkJDM6AjcizgyM8.roa
File: lxaHdD5WLJwCLkJDM6AjcizgyM8.roa (raw, json)
Hash identifier: T7tLhbZrWyM5pNBFGaslmTjRB+uRJiAHS3YCHpM2k6s=
Subject key identifier: 97:16:87:74:3E:56:2C:9C:02:2E:42:43:33:A0:23:72:2C:E0:C8:CF
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AD6EF1474897D7FE882EF2FFC15AAA1F5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lxaHdD5WLJwCLkJDM6AjcizgyM8.roa
Signing time: Wed 27 Sep 2023 13:58:27 +0000
ROA not before: Wed 27 Sep 2023 13:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
193.57.41.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:ef:14:74:89:7d:7f:e8:82:ef:2f:fc:15:aa:a1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 27 13:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=971687743e562c9c022e424333a023722ce0c8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:76:50:65:b5:b2:66:1d:95:c3:5e:44:d5:b9:
dc:92:6e:30:5d:0a:d2:91:b1:39:bb:50:84:3b:fc:
40:ab:0d:5e:48:2e:e9:60:5b:d1:5d:45:88:e9:92:
e1:67:4a:02:40:4b:97:12:91:0e:79:79:b1:f7:a1:
d1:67:50:0f:48:59:47:ca:31:ba:6f:d3:ec:f3:56:
4c:a0:77:55:48:4a:14:52:f9:b9:80:51:5d:14:6d:
66:62:1a:33:2e:9f:95:b7:b5:5e:9c:39:bd:cd:e2:
31:33:c0:95:4a:fa:24:c7:0f:ee:43:e8:56:33:f1:
6c:59:10:e2:05:ec:fd:61:f5:08:b7:80:52:df:e5:
67:f0:bc:b4:31:46:3c:b2:75:e9:f3:22:20:9f:bb:
04:3e:1b:d3:3d:04:08:fe:9a:a9:66:85:37:ce:ab:
24:68:4c:0f:71:4d:c1:a9:be:a7:93:c9:7f:29:cf:
b7:16:19:c6:b4:a4:ca:83:25:93:30:90:1e:87:2b:
90:13:b3:a9:53:72:9d:02:95:56:6d:fb:ce:04:72:
84:c9:4e:13:9e:46:5a:c3:dc:2d:9c:90:68:6b:47:
54:11:7f:26:bb:72:29:9a:cb:25:29:0a:bd:db:9f:
c7:8e:f9:68:20:c0:c8:50:11:24:3c:d1:c9:10:2b:
d6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:16:87:74:3E:56:2C:9C:02:2E:42:43:33:A0:23:72:2C:E0:C8:CF
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lxaHdD5WLJwCLkJDM6AjcizgyM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.110.0/24
45.94.171.0/24
45.138.183.0/24
45.144.213.0/24
77.83.39.0/24
85.209.120.0/23
193.57.41.0/24
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
80:20:96:23:63:20:2e:31:5f:2c:18:de:81:a9:b4:7d:b9:a2:
47:78:51:51:a4:0b:6a:a8:e0:2c:5b:61:2f:1b:33:c5:ca:87:
e7:60:29:08:c2:63:d9:01:05:f8:0c:50:c1:d6:69:de:4c:0d:
86:05:f3:03:7c:2b:81:6b:bc:9f:45:35:a0:4c:0c:6e:25:9e:
f3:dc:7d:b6:77:64:83:d8:da:04:8d:b0:0f:37:8f:c7:74:08:
97:94:ad:ac:ab:b7:16:7a:2a:81:31:81:bb:66:1a:12:8e:99:
e7:f4:08:12:17:e1:8d:f9:4e:30:ff:2f:2c:c7:5c:02:ea:e0:
f5:75:12:b6:8d:1a:6e:f3:b8:3d:6b:46:dc:c0:bc:a3:f6:ec:
18:07:03:a2:8b:f2:86:58:3b:ad:15:fc:90:fd:28:d3:8c:90:
f5:b4:48:a7:ae:b1:40:53:39:e6:81:75:ff:fd:2a:67:d6:98:
90:19:a0:d6:b1:8a:36:a8:f6:27:6d:70:ab:7a:94:5c:7d:af:
6f:38:db:21:78:e0:54:29:b5:e1:2f:42:b4:d8:46:4d:b6:04:
c2:4c:22:14:b5:63:dd:db:ee:fd:ef:9a:fa:f2:81:99:f2:8d:
69:ba:ed:5b:13:05:14:c6:af:0b:77:8b:ba:91:33:c5:ed:1b:
3c:70:56:15
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYrW7xR0iX1/6ILvL/wVqqH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI3MTM1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE2ODc3NDNlNTYyYzljMDIyZTQyNDMzM2EwMjM3MjJjZTBjOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3ZQZbWyZh2Vw15E1bnckm4wXQrS
kbE5u1CEO/xAqw1eSC7pYFvRXUWI6ZLhZ0oCQEuXEpEOeXmx96HRZ1APSFlHyjG6
b9Ps81ZMoHdVSEoUUvm5gFFdFG1mYhozLp+Vt7VenDm9zeIxM8CVSvokxw/uQ+hW
M/FsWRDiBez9YfUIt4BS3+Vn8Ly0MUY8snXp8yIgn7sEPhvTPQQI/pqpZoU3zqsk
aEwPcU3Bqb6nk8l/Kc+3FhnGtKTKgyWTMJAehyuQE7OpU3KdApVWbfvOBHKEyU4T
nkZaw9wtnJBoa0dUEX8mu3IpmsslKQq925/HjvloIMDIUBEkPNHJECvWyQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJcWh3Q+ViycAi5CQzOgI3Is4MjPMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbHhhSGRENVdMSndDTGtKRE02QWpjaXpneU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjhuAwQA
LV6rAwQALYq3AwQALZDVAwQATVMnAwQBVdF4AwQAwTkpAwQAwz4YMA0GCSqGSIb3
DQEBCwUAA4IBAQCAIJYjYyAuMV8sGN6BqbR9uaJHeFFRpAtqqOAsW2EvGzPFyofn
YCkIwmPZAQX4DFDB1mneTA2GBfMDfCuBa7yfRTWgTAxuJZ7z3H22d2SD2NoEjbAP
N4/HdAiXlK2sq7cWeiqBMYG7ZhoSjpnn9AgSF+GN+U4w/y8sx1wC6uD1dRK2jRpu
87g9a0bcwLyj9uwYBwOii/KGWDutFfyQ/SjTjJD1tEinrrFAUznmgXX//Spn1piQ
GaDWsYo2qPYnbXCrepRcfa9vONsheOBUKbXhL0K02EZNtgTCTCIUtWPd2+7975r6
8oGZ8o1puu1bEwUUxq8Ld4u6kTPF7Rs8cFYV
Generated at Sat Sep 30 14:23:04 2023 by rpki-client on console-fra.rpki-client.org