Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/LtUM7OgKInrYZBUSxnxs6Oys3mU.roa
File: LtUM7OgKInrYZBUSxnxs6Oys3mU.roa (raw, json)
Hash identifier: VS4k5ZacHggHNoY7IEwqLosJBCxuxqkTVxYAzeGPQv4=
Subject key identifier: 2E:D5:0C:EC:E8:0A:22:7A:D8:64:15:12:C6:7C:6C:E8:EC:AC:DE:65
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01930C8B1456BCAA41F9C34B413C399A7A01
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/LtUM7OgKInrYZBUSxnxs6Oys3mU.roa
Signing time: Fri 08 Nov 2024 16:11:01 +0000
ROA not before: Fri 08 Nov 2024 16:11:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 5.133.124.0/22 maxlen: 22
31.40.196.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
84.54.0.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
85.235.72.0/22 maxlen: 22
139.28.48.0/22 maxlen: 22
139.28.212.0/22 maxlen: 22
176.53.156.0/22 maxlen: 22
176.96.128.0/22 maxlen: 22
193.32.204.0/22 maxlen: 22
194.93.48.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Nov 2024 15:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0c:8b:14:56:bc:aa:41:f9:c3:4b:41:3c:39:9a:7a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 8 16:11:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ed50cece80a227ad8641512c67c6ce8ecacde65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:d0:27:a8:54:bc:9f:b1:c9:00:ec:a5:bf:
75:46:b0:bb:ee:95:4d:51:26:4b:fc:e2:1f:a0:3a:
a0:00:3c:ab:a0:3d:6a:f7:75:8d:95:15:4d:74:a7:
f9:8c:a6:fa:e3:10:0f:1c:4b:f5:11:bf:63:b1:6d:
e5:8b:dd:6f:13:f3:4f:b8:f6:a5:87:67:fb:6f:ab:
a8:e2:59:d3:0e:0a:d1:a4:e9:d6:c0:5e:b6:94:ee:
28:a1:20:62:8e:65:bb:d1:be:46:26:bc:f4:a6:65:
2a:7a:b2:2b:4b:4a:15:56:d0:bd:c1:a7:16:ec:d1:
7f:04:35:ed:40:40:3f:0d:f0:58:7c:0c:b0:6c:f1:
11:a5:43:ea:79:2b:25:df:1a:af:6b:3b:d7:64:b4:
e7:50:aa:02:7c:5b:b9:7a:59:58:20:97:61:e0:a4:
0e:61:ae:34:b7:8b:12:57:6b:ba:26:11:11:9c:1c:
f4:b9:51:de:b1:0d:4d:f9:fe:fa:2f:4a:6d:6e:dc:
50:20:09:b3:16:fa:31:d9:ee:66:76:55:66:86:45:
95:ed:37:6e:ab:07:d3:8b:28:73:4a:8b:80:d0:55:
b7:db:53:6d:07:d9:64:96:cb:3c:fd:fa:f3:cd:60:
a4:60:77:25:9a:d5:0a:48:cc:6a:0f:d5:99:79:bc:
94:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D5:0C:EC:E8:0A:22:7A:D8:64:15:12:C6:7C:6C:E8:EC:AC:DE:65
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/LtUM7OgKInrYZBUSxnxs6Oys3mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
31.40.196.0/22
83.171.244.0/22
84.54.0.0/22
85.8.144.0/22
85.235.72.0/22
139.28.48.0/22
139.28.212.0/22
176.53.156.0/22
176.96.128.0/22
193.32.204.0/22
194.93.48.0/22
212.87.196.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
28:ff:c9:e3:bb:5c:29:0c:3f:5b:fc:a7:6f:ae:07:2a:99:f5:
c0:35:0e:68:70:d2:16:19:02:f3:0a:74:f9:43:10:d1:54:8f:
76:c9:37:a9:bf:d4:34:2a:cb:1f:9e:a1:3d:b8:c6:ee:cd:dc:
b8:df:ba:af:c5:3a:b7:07:2d:ac:41:84:24:f4:a8:7f:f1:13:
dd:d3:21:17:da:12:e4:6b:86:2c:9f:75:e2:cb:9f:b2:8e:2d:
b8:5f:25:ca:97:46:56:a6:ff:04:b5:60:3f:6c:e5:c5:ea:27:
8f:7e:55:d9:b2:9b:dc:93:a8:ab:23:53:e2:4f:2c:41:e2:fd:
a4:d9:f1:5e:d8:52:74:ec:d1:a5:72:3d:d4:d4:96:48:85:cc:
97:af:2e:f9:3c:03:86:6b:9e:c3:8d:ca:7f:54:96:8a:e5:16:
55:3f:c6:ec:f8:e1:a8:1b:8d:c9:d9:ed:df:90:94:6e:ba:3b:
5b:a2:c0:a6:5a:3d:b2:11:90:f3:cb:96:d1:df:d9:1e:00:d8:
76:87:a5:ba:a9:3f:6d:0c:e7:ed:a3:4d:b7:32:ef:cd:78:6d:
1f:72:ea:5a:f8:c7:cf:0f:9c:17:fa:60:b2:75:46:b0:4a:38:
57:bc:d9:0d:07:3c:80:de:54:dd:9f:66:2a:5c:49:09:71:1f:
ae:54:f0:9e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZMMixRWvKpB+cNLQTw5mnoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMTA4MTYxMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQ1MGNlY2U4MGEyMjdhZDg2NDE1MTJjNjdjNmNlOGVjYWNkZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWrQJ6hUvJ+xyQDspb91RrC77pVN
USZL/OIfoDqgADyroD1q93WNlRVNdKf5jKb64xAPHEv1Eb9jsW3li91vE/NPuPal
h2f7b6uo4lnTDgrRpOnWwF62lO4ooSBijmW70b5GJrz0pmUqerIrS0oVVtC9wacW
7NF/BDXtQEA/DfBYfAywbPERpUPqeSsl3xqvazvXZLTnUKoCfFu5ellYIJdh4KQO
Ya40t4sSV2u6JhERnBz0uVHesQ1N+f76L0ptbtxQIAmzFvox2e5mdlVmhkWV7Tdu
qwfTiyhzSouA0FW321NtB9lklss8/frzzWCkYHclmtUKSMxqD9WZebyUxQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFC7VDOzoCiJ62GQVEsZ8bOjsrN5lMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvTHRVTTdPZ0tJbnJZWkJVU3hueHM2T3lzM21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCBYV8AwQC
HyjEAwQCU6v0AwQCVDYAAwQCVQiQAwQCVetIAwQCixwwAwQCixzUAwQCsDWcAwQC
sGCAAwQCwSDMAwQCwl0wAwQC1FfEAwQC1HNkMA0GCSqGSIb3DQEBCwUAA4IBAQAo
/8nju1wpDD9b/KdvrgcqmfXANQ5ocNIWGQLzCnT5QxDRVI92yTepv9Q0KssfnqE9
uMbuzdy437qvxTq3By2sQYQk9Kh/8RPd0yEX2hLka4Ysn3Xiy5+yji24XyXKl0ZW
pv8EtWA/bOXF6iePflXZspvck6irI1PiTyxB4v2k2fFe2FJ07NGlcj3U1JZIhcyX
ry75PAOGa57Djcp/VJaK5RZVP8bs+OGoG43J2e3fkJRuujtbosCmWj2yEZDzy5bR
39keANh2h6W6qT9tDOfto023Mu/NeG0fcupa+MfPD5wX+mCydUawSjhXvNkNBzyA
3lTdn2YqXEkJcR+uVPCe
-----END CERTIFICATE-----
Generated at Wed Nov 13 18:49:43 2024 by rpki-client on console-fra.rpki-client.org