Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/LTke5plKzbMGL0xnYsnJ3-vRVdQ.roa
File: LTke5plKzbMGL0xnYsnJ3-vRVdQ.roa (raw, json)
Hash identifier: fp0wDBKoA8SE3irV8W+jkzVmzZrvqGHurEu8bK6RsEI=
Subject key identifier: 2D:39:1E:E6:99:4A:CD:B3:06:2F:4C:67:62:C9:C9:DF:EB:D1:55:D4
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0189AC20F1CB37398772E320CB3C6FE851CE
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/LTke5plKzbMGL0xnYsnJ3-vRVdQ.roa
Signing time: Mon 31 Jul 2023 13:26:27 +0000
ROA not before: Mon 31 Jul 2023 13:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
45.12.218.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
31.192.240.0/21 maxlen: 21
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.144.183.0/24 maxlen: 24
5.178.103.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:20:f1:cb:37:39:87:72:e3:20:cb:3c:6f:e8:51:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jul 31 13:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d391ee6994acdb3062f4c6762c9c9dfebd155d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:81:7a:e1:69:ff:27:5a:55:03:e4:25:1f:24:
c0:d6:56:9f:f2:c8:b3:2e:d2:ab:82:25:46:3f:61:
83:31:90:67:64:ee:94:9f:c1:13:0c:3d:4c:4c:1b:
ed:ea:7d:77:db:c3:57:6c:37:a0:b5:42:a5:85:5f:
12:3a:e2:b2:aa:9e:fc:27:6c:86:bb:ea:fe:1c:1f:
3a:54:25:e7:ed:1d:9c:a9:05:13:91:60:cb:3a:b3:
79:b0:78:fe:e2:a9:6c:3c:0b:a8:3d:2d:d0:a0:86:
7c:b5:36:d6:af:12:37:0f:9e:2c:d3:3a:0b:a3:f7:
50:89:1c:8b:fe:5d:ea:88:66:0a:88:8d:21:40:38:
34:06:48:eb:20:8a:c5:c2:50:6e:ff:84:2d:10:e0:
66:03:98:24:1c:ed:f7:c3:71:70:e2:70:41:98:05:
a7:99:07:73:52:e3:f1:17:b9:33:75:ef:73:96:99:
7c:b4:c1:9d:27:7f:74:ca:5b:40:7f:0e:de:09:2f:
3f:60:6b:35:4f:e3:59:6f:15:ed:f3:ec:e4:5e:98:
3f:8b:2e:5d:81:27:be:63:4b:b6:34:7f:41:68:ab:
50:0c:f3:30:60:b5:54:a5:3e:70:16:7d:c8:2f:95:
5a:c0:a6:ee:d2:b6:43:f1:12:45:95:b4:6b:b4:4c:
db:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:39:1E:E6:99:4A:CD:B3:06:2F:4C:67:62:C9:C9:DF:EB:D1:55:D4
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/LTke5plKzbMGL0xnYsnJ3-vRVdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.144.183.0/24
5.178.96.0/23
5.178.99.0/24
5.178.103.0-5.178.106.255
5.178.109.0/24
31.192.240.0/21
45.12.216.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
e7:34:06:36:32:a9:45:c9:1a:fd:e9:cf:8e:1d:b8:c4:02:08:
0f:ca:68:90:a9:d2:07:81:ff:2d:69:74:fa:b8:8a:21:a2:84:
68:45:21:c6:9b:3e:a0:4e:f7:07:42:95:3e:58:48:45:cc:dc:
af:1f:a7:ad:06:3a:c6:0e:9d:f0:87:35:c5:ae:ec:b3:ba:39:
7f:46:0e:d7:59:8c:99:28:67:93:06:3f:d2:4a:b6:cd:ac:32:
e2:aa:a5:76:17:00:da:72:53:ed:e5:8f:fe:30:bf:45:ec:0e:
e2:7a:00:45:f8:57:bd:37:dd:1d:2d:09:e1:78:db:b8:90:80:
e7:e5:7d:80:75:a3:2d:b9:fe:d0:c9:91:68:70:c8:de:3c:09:
13:0c:3e:a5:bb:09:9c:f1:3a:a9:5d:d5:b2:39:3a:44:da:4c:
7e:6c:35:5a:65:84:aa:30:09:a6:fa:d9:2c:fd:0b:a9:ad:0a:
d9:82:66:d8:2c:98:74:f2:8d:5c:26:8b:ec:c3:7f:13:f8:01:
e7:b6:3c:f6:73:1f:99:b0:f1:d9:1a:3a:7b:53:50:2d:e3:7d:
93:48:29:e5:55:cb:17:d4:fd:8d:c3:7a:3f:b8:69:eb:a6:5e:
8a:3d:54:ad:f7:84:9c:52:bf:66:1b:ce:f0:b6:cf:ae:d3:80:
32:fa:b0:6e
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYmsIPHLNzmHcuMgyzxv6FHOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwNzMxMTMyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDM5MWVlNjk5NGFjZGIzMDYyZjRjNjc2MmM5YzlkZmViZDE1NWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IF64Wn/J1pVA+QlHyTA1laf8siz
LtKrgiVGP2GDMZBnZO6Un8ETDD1MTBvt6n1328NXbDegtUKlhV8SOuKyqp78J2yG
u+r+HB86VCXn7R2cqQUTkWDLOrN5sHj+4qlsPAuoPS3QoIZ8tTbWrxI3D54s0zoL
o/dQiRyL/l3qiGYKiI0hQDg0BkjrIIrFwlBu/4QtEOBmA5gkHO33w3Fw4nBBmAWn
mQdzUuPxF7kzde9zlpl8tMGdJ390yltAfw7eCS8/YGs1T+NZbxXt8+zkXpg/iy5d
gSe+Y0u2NH9BaKtQDPMwYLVUpT5wFn3IL5VawKbu0rZD8RJFlbRrtEzbmQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFC05HuaZSs2zBi9MZ2LJyd/r0VXUMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvTFRrZTVwbEt6Yk1HTDB4bllzbkozLXZSVmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBRBAIAATBLAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAAWQtwMEAQWyYAMEAAWyYzAMAwQABbJnAwQABbJqAwQABbJt
AwQDH8DwAwQCLQzYAwQCuQUkMA0GCSqGSIb3DQEBCwUAA4IBAQDnNAY2MqlFyRr9
6c+OHbjEAggPymiQqdIHgf8taXT6uIohooRoRSHGmz6gTvcHQpU+WEhFzNyvH6et
BjrGDp3whzXFruyzujl/Rg7XWYyZKGeTBj/SSrbNrDLiqqV2FwDaclPt5Y/+ML9F
7A7iegBF+Fe9N90dLQnheNu4kIDn5X2AdaMtuf7QyZFocMjePAkTDD6luwmc8Tqp
XdWyOTpE2kx+bDVaZYSqMAmm+tks/QuprQrZgmbYLJh08o1cJovsw38T+AHntjz2
cx+ZsPHZGjp7U1At432TSCnlVcsX1P2Nw3o/uGnrpl6KPVSt94ScUr9mG87wts+u
04Ay+rBu
-----END CERTIFICATE-----
Generated at Wed Aug 2 17:31:31 2023 by rpki-client on console-fra.rpki-client.org