Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/LwXWxgmixisjQYoUIE0OXL0bbCI.roa
File: LwXWxgmixisjQYoUIE0OXL0bbCI.roa (raw, json)
Hash identifier: LbuRiqVYLq4m34gyEvHSi+doZfgBEn6Un0TPeyLKJ5U=
Subject key identifier: 2F:05:D6:C6:09:A2:C6:2B:23:41:8A:14:20:4D:0E:5C:BD:1B:6C:22
Certificate issuer: /CN=6eab53640b0931924b73f760925845150a6ccca5
Certificate serial: 018CC4930B868D59D67042112C591F915D02
Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/LwXWxgmixisjQYoUIE0OXL0bbCI.roa
Signing time: Mon 01 Jan 2024 10:30:20 +0000
ROA not before: Mon 01 Jan 2024 10:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25447
IP address blocks: 85.13.0.0/18 maxlen: 18
85.13.2.0/24 maxlen: 24
85.13.8.0/24 maxlen: 24
62.93.120.0/21 maxlen: 21
176.61.160.0/19 maxlen: 19
188.117.192.0/18 maxlen: 18
188.117.200.0/22 maxlen: 22
188.117.208.0/22 maxlen: 22
188.117.220.0/22 maxlen: 22
85.13.14.0/24 maxlen: 24
85.13.16.0/24 maxlen: 24
217.16.112.0/20 maxlen: 20
217.16.114.0/24 maxlen: 24
217.16.113.0/24 maxlen: 24
217.16.124.0/24 maxlen: 24
217.16.127.0/24 maxlen: 24
82.192.0.0/19 maxlen: 19
82.192.0.0/23 maxlen: 23
82.192.5.0/24 maxlen: 24
82.192.6.0/24 maxlen: 24
188.117.240.0/20 maxlen: 20
82.192.18.0/24 maxlen: 24
62.93.68.0/24 maxlen: 24
62.93.76.0/24 maxlen: 24
62.93.74.0/24 maxlen: 24
62.93.73.0/24 maxlen: 24
62.93.88.0/24 maxlen: 24
62.93.96.0/20 maxlen: 20
62.93.96.0/21 maxlen: 21
62.93.104.0/21 maxlen: 21
62.93.112.0/22 maxlen: 22
217.199.83.0/24 maxlen: 24
217.199.80.0/20 maxlen: 20
62.93.64.0/19 maxlen: 19
217.199.90.0/24 maxlen: 24
2a03:4e47::/32 maxlen: 32
2a03:4e40::/29 maxlen: 29
2a03:4e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 13:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0b:86:8d:59:d6:70:42:11:2c:59:1f:91:5d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5
Validity
Not Before: Jan 1 10:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f05d6c609a2c62b23418a14204d0e5cbd1b6c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:05:7d:0e:88:53:06:b5:53:e9:d0:4f:b3:e9:
62:c4:3d:75:49:b6:91:85:57:d0:a4:6b:52:d4:54:
e3:c2:2b:89:80:b5:97:05:58:ae:9e:6b:63:f0:a6:
e1:47:3f:4f:55:65:8c:50:9b:c0:0b:8c:4c:1f:24:
b0:c3:b8:b1:a0:0a:e1:eb:81:76:c8:c9:41:13:53:
ba:33:a8:5c:a7:bc:23:f4:bf:77:38:36:d7:c9:06:
b4:de:d9:a1:82:44:75:26:9c:0e:ae:59:ab:5e:99:
9f:9e:62:d4:d9:4c:5a:a6:0b:2d:d4:ed:24:ff:24:
05:c8:60:f2:f7:e9:bd:76:c4:e8:b4:2a:46:b4:8c:
e3:69:d8:39:51:16:11:81:b0:f9:46:bf:56:63:f9:
8e:26:3f:43:d1:6d:04:3b:89:f1:dd:56:e7:bf:91:
1c:fc:54:9e:3d:41:10:1f:0d:90:28:5e:4e:e3:86:
a0:ca:f9:28:0b:2b:33:cd:6a:69:87:c6:67:73:2a:
8a:c8:61:cf:b3:4a:1a:ac:33:01:32:0c:35:c2:ad:
fb:28:1b:6c:cd:60:9c:92:bf:3c:6b:88:5e:59:d7:
5b:4e:3e:ae:8c:0a:1a:72:09:5f:78:27:f8:83:37:
70:25:c1:f9:3a:d5:3d:a1:37:bb:bd:1d:60:2a:c5:
e6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:05:D6:C6:09:A2:C6:2B:23:41:8A:14:20:4D:0E:5C:BD:1B:6C:22
X509v3 Authority Key Identifier:
keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/LwXWxgmixisjQYoUIE0OXL0bbCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.64.0-62.93.115.255
62.93.120.0/21
82.192.0.0/19
85.13.0.0/18
176.61.160.0/19
188.117.192.0/18
217.16.112.0/20
217.199.80.0/20
IPv6:
2a03:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
6b:78:50:3b:db:2f:53:40:b6:98:a7:da:58:e6:c0:5a:9d:58:
45:80:36:93:cc:e2:0d:79:cd:57:88:44:d8:59:72:6d:37:43:
7e:2f:f4:2c:d9:10:1d:56:38:16:b8:47:64:c9:13:5f:63:40:
71:5e:3c:f8:38:f2:49:31:d2:e3:2e:12:5a:2f:ab:6e:93:09:
fb:2b:1b:ca:db:13:45:ed:fd:50:19:b0:b4:07:9c:e1:59:73:
bf:f5:7c:96:22:77:d6:c3:b3:d5:79:fe:61:3f:3b:4b:8d:ec:
72:a8:10:84:2c:d2:b7:77:db:bd:8e:84:9e:18:46:4f:08:72:
3c:bf:50:54:62:4a:14:cc:3e:30:98:c3:fb:85:84:2d:ba:3f:
05:37:25:c5:54:0d:5d:e9:34:89:0a:73:54:53:6c:b5:39:90:
a3:b9:ea:84:64:d9:30:4b:fc:67:b5:ca:e7:5b:dc:e4:87:3d:
10:44:54:03:01:51:75:08:dd:00:d3:36:51:00:c5:e2:bd:04:
7c:6d:b4:79:34:35:52:1a:22:f0:10:62:e3:c1:f5:04:db:a4:
25:e4:b8:c8:b4:40:04:35:11:87:5c:bb:f5:7a:27:b6:7f:7c:
c6:a0:5b:bc:60:6e:e5:00:81:62:81:6a:a3:43:c4:26:0d:b6:
f0:b6:ac:4e
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzEkwuGjVnWcEIRLFkfkV0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2
Y2NjYTUwHhcNMjQwMTAxMTAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA1ZDZjNjA5YTJjNjJiMjM0MThhMTQyMDRkMGU1Y2JkMWI2YzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQV9DohTBrVT6dBPs+lixD11SbaR
hVfQpGtS1FTjwiuJgLWXBViunmtj8KbhRz9PVWWMUJvAC4xMHySww7ixoArh64F2
yMlBE1O6M6hcp7wj9L93ODbXyQa03tmhgkR1JpwOrlmrXpmfnmLU2Uxapgst1O0k
/yQFyGDy9+m9dsTotCpGtIzjadg5URYRgbD5Rr9WY/mOJj9D0W0EO4nx3Vbnv5Ec
/FSePUEQHw2QKF5O44agyvkoCyszzWpph8ZncyqKyGHPs0oarDMBMgw1wq37KBts
zWCckr88a4heWddbTj6ujAoacglfeCf4gzdwJcH5OtU9oTe7vR1gKsXmJwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFC8F1sYJosYrI0GKFCBNDly9G2wiMB8GA1UdIwQY
MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt
NTMwNDYzMjM5NTFmLzEvTHdYV3hnbWl4aXNqUVlvVUlFME9YTDBiYkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm
LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4MAwDBAY+XUAD
BAI+XXADBAM+XXgDBAVSwAADBAZVDQADBAWwPaADBAa8dcADBATZEHADBATZx1Aw
DQQCAAIwBwMFAyoDTkAwDQYJKoZIhvcNAQELBQADggEBAGt4UDvbL1NAtpin2ljm
wFqdWEWANpPM4g15zVeIRNhZcm03Q34v9CzZEB1WOBa4R2TJE19jQHFePPg48kkx
0uMuElovq26TCfsrG8rbE0Xt/VAZsLQHnOFZc7/1fJYid9bDs9V5/mE/O0uN7HKo
EIQs0rd3272OhJ4YRk8Icjy/UFRiShTMPjCYw/uFhC26PwU3JcVUDV3pNIkKc1RT
bLU5kKO56oRk2TBL/Ge1yudb3OSHPRBEVAMBUXUI3QDTNlEAxeK9BHxttHk0NVIa
IvAQYuPB9QTbpCXkuMi0QAQ1EYdcu/V6J7Z/fMagW7xgbuUAgWKBaqNDxCYNtvC2
rE4=
-----END CERTIFICATE-----
Generated at Thu Mar 21 18:08:36 2024 by rpki-client on console-fra.rpki-client.org