Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/LvLqCQshu-OTX0Mzph2TfiVo01c.roa
File: LvLqCQshu-OTX0Mzph2TfiVo01c.roa (raw, json)
Hash identifier: H5Cr7o2tcZakjiAGnQ2Nqjb1G9+HIUtDR+UrK0w8BHE=
Subject key identifier: 2E:F2:EA:09:0B:21:BB:E3:93:5F:43:33:A6:1D:93:7E:25:68:D3:57
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 018B8BBD3A6966855C2A3B3C2DAA542773F9
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/LvLqCQshu-OTX0Mzph2TfiVo01c.roa
Signing time: Wed 01 Nov 2023 16:35:16 +0000
ROA not before: Wed 01 Nov 2023 16:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202592
IP address blocks: 185.96.57.0/24 maxlen: 24
185.96.56.0/22 maxlen: 22
185.96.56.0/24 maxlen: 24
194.38.48.0/22 maxlen: 22
193.168.200.0/24 maxlen: 24
193.168.200.0/22 maxlen: 22
193.168.201.0/24 maxlen: 24
193.160.220.0/22 maxlen: 22
185.136.16.0/22 maxlen: 22
147.185.196.0/23 maxlen: 23
185.136.19.0/24 maxlen: 24
185.136.18.0/24 maxlen: 24
147.185.206.0/23 maxlen: 23
207.244.196.0/22 maxlen: 22
43.240.148.0/22 maxlen: 22
207.244.208.0/22 maxlen: 22
45.12.100.0/22 maxlen: 22
2a05:ff01::/32 maxlen: 32
2a05:ff00:2::/48 maxlen: 48
2a05:ff00:1::/48 maxlen: 48
2a07:5b40::/29 maxlen: 48
2a05:ff00::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 Nov 2023 14:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:bd:3a:69:66:85:5c:2a:3b:3c:2d:aa:54:27:73:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Nov 1 16:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ef2ea090b21bbe3935f4333a61d937e2568d357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:95:c1:4c:66:04:a9:2e:66:2e:2a:17:6b:08:
e9:c2:77:8b:ac:b1:3a:7d:ac:85:76:3a:ab:39:ef:
87:6b:33:07:89:77:a3:59:ff:27:25:d5:cf:0c:96:
a9:a4:ba:0b:e7:c0:c2:ba:cc:6c:e2:6b:72:91:71:
d4:74:2b:2e:ae:a2:34:45:25:0e:4a:02:78:0a:88:
1c:8c:cd:3f:00:d9:13:43:09:52:3e:8e:19:00:64:
9e:e5:b8:ea:ec:41:35:5a:d9:b2:42:7f:33:86:12:
6e:8c:8a:04:4e:c9:26:ac:33:29:d0:63:0b:72:63:
6b:20:e0:49:42:8d:be:2b:29:3f:cc:66:0d:b1:c1:
d4:56:76:fd:c6:7a:fd:ab:b4:d6:2e:e1:2f:e2:b5:
50:cd:cc:7d:09:14:e1:fe:45:25:62:21:66:e1:63:
72:66:0d:a4:81:ac:c3:4f:0a:d2:1e:3a:61:8f:ff:
71:1c:ac:07:2b:65:1b:3c:c8:9f:58:b3:3a:fc:e3:
d5:21:c2:ea:33:53:a1:d9:c5:1b:87:1d:55:da:1a:
55:a3:a6:4c:f7:b2:b1:f7:5c:4d:3e:f7:96:ff:3f:
04:8b:48:0d:cb:31:bd:c0:5e:35:e7:bb:26:3a:fa:
42:82:fb:49:99:fb:a6:2d:bf:65:a2:d8:ec:78:b7:
b9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F2:EA:09:0B:21:BB:E3:93:5F:43:33:A6:1D:93:7E:25:68:D3:57
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/LvLqCQshu-OTX0Mzph2TfiVo01c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.148.0/22
45.12.100.0/22
147.185.196.0/23
147.185.206.0/23
185.96.56.0/22
185.136.16.0/22
193.160.220.0/22
193.168.200.0/22
194.38.48.0/22
207.244.196.0/22
207.244.208.0/22
IPv6:
2a05:ff00::/31
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
65:bc:b3:41:ad:80:e6:cd:d4:a9:53:d6:94:fd:2f:81:f1:cc:
55:d9:bf:b1:ba:70:e6:a8:69:79:68:38:64:a1:ee:b9:3d:e1:
4c:0d:69:1d:f5:5a:01:f8:25:1c:3a:68:4f:5f:55:59:91:a4:
4f:20:4e:e8:a8:66:43:59:08:af:78:c9:e5:05:08:6d:2a:73:
c4:d3:75:ff:28:26:16:90:14:c2:7c:fc:53:2e:c1:20:f3:a0:
f4:af:0a:d2:ef:28:f9:bc:5d:e2:2c:55:ba:80:10:ba:9f:64:
c5:75:cf:f3:0d:ba:f4:36:26:81:c8:02:d9:13:10:66:49:fb:
6b:4e:eb:89:76:32:77:7a:f1:d9:93:c5:43:c7:5d:38:94:7b:
de:9c:ee:f3:4a:73:eb:a0:66:7d:26:c1:84:40:b5:e7:8c:05:
b7:33:de:53:45:1e:ef:5c:b1:78:b6:1a:40:8d:8a:69:89:9c:
83:fe:6a:fb:92:bf:a2:2f:5d:31:1f:92:9f:20:73:f7:44:c0:
4b:76:b0:0e:8d:fa:e8:57:16:4b:67:fb:3b:ae:7b:2f:88:54:
22:ee:93:52:6a:9b:3c:9a:1b:ce:ac:aa:47:e1:75:5a:7b:9d:
d6:11:b6:0c:4e:b2:2a:05:07:36:72:2d:66:2f:83:05:f8:25:
de:c2:7a:d5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYuLvTppZoVcKjs8LapUJ3P5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjMxMTAxMTYzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWYyZWEwOTBiMjFiYmUzOTM1ZjQzMzNhNjFkOTM3ZTI1NjhkMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5XBTGYEqS5mLioXawjpwneLrLE6
fayFdjqrOe+HazMHiXejWf8nJdXPDJappLoL58DCusxs4mtykXHUdCsurqI0RSUO
SgJ4CogcjM0/ANkTQwlSPo4ZAGSe5bjq7EE1WtmyQn8zhhJujIoETskmrDMp0GML
cmNrIOBJQo2+Kyk/zGYNscHUVnb9xnr9q7TWLuEv4rVQzcx9CRTh/kUlYiFm4WNy
Zg2kgazDTwrSHjphj/9xHKwHK2UbPMifWLM6/OPVIcLqM1Oh2cUbhx1V2hpVo6ZM
97Kx91xNPveW/z8Ei0gNyzG9wF4157smOvpCgvtJmfumLb9lotjseLe5dQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFC7y6gkLIbvjk19DM6Ydk34laNNXMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvTHZMcUNRc2h1LU9UWDBNenBoMlRmaVZvMDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCK/CUAwQC
LQxkAwQBk7nEAwQBk7nOAwQCuWA4AwQCuYgQAwQCwaDcAwQCwajIAwQCwiYwAwQC
z/TEAwQCz/TQMBQEAgACMA4DBQEqBf8AAwUDKgdbQDANBgkqhkiG9w0BAQsFAAOC
AQEAZbyzQa2A5s3UqVPWlP0vgfHMVdm/sbpw5qhpeWg4ZKHuuT3hTA1pHfVaAfgl
HDpoT19VWZGkTyBO6KhmQ1kIr3jJ5QUIbSpzxNN1/ygmFpAUwnz8Uy7BIPOg9K8K
0u8o+bxd4ixVuoAQup9kxXXP8w269DYmgcgC2RMQZkn7a07riXYyd3rx2ZPFQ8dd
OJR73pzu80pz66BmfSbBhEC154wFtzPeU0Ue71yxeLYaQI2KaYmcg/5q+5K/oi9d
MR+SnyBz90TAS3awDo366FcWS2f7O657L4hUIu6TUmqbPJobzqyqR+F1Wnud1hG2
DE6yKgUHNnItZi+DBfgl3sJ61Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:23 2024 by rpki-client on console-ams.rpki-client.org