Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LOrpMKAEsEEj_l56_jEORYQkmYM.roa
File: LOrpMKAEsEEj_l56_jEORYQkmYM.roa (raw, json)
Hash identifier: GdDTA0eqZ4fTGrQabhvACJrCslZ/NH8Nhobp/kgQBf8=
Subject key identifier: 2C:EA:E9:30:A0:04:B0:41:23:FE:5E:7A:FE:31:0E:45:84:24:99:83
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01882FDE3F58C31D4E1E20D15EC47D2BB8D5
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LOrpMKAEsEEj_l56_jEORYQkmYM.roa
Signing time: Thu 18 May 2023 17:17:54 +0000
ROA not before: Thu 18 May 2023 17:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.112.0/21 maxlen: 24
77.36.124.0/22 maxlen: 22
93.120.96.0/22 maxlen: 22
46.151.36.0/22 maxlen: 24
188.191.252.0/22 maxlen: 24
77.36.68.0/22 maxlen: 24
91.237.44.0/22 maxlen: 24
194.33.102.0/23 maxlen: 24
194.33.100.0/23 maxlen: 24
194.33.100.0/22 maxlen: 24
81.161.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Jun 2023 13:51:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2f:de:3f:58:c3:1d:4e:1e:20:d1:5e:c4:7d:2b:b8:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 18 17:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ceae930a004b04123fe5e7afe310e4584249983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:91:2c:b1:02:e0:7e:90:3c:23:5e:6e:eb:
d8:47:42:e4:57:68:55:99:58:b5:92:e2:55:3a:02:
82:d0:64:5e:d4:30:23:85:c0:3e:e0:4a:73:2a:07:
df:5c:b7:a1:43:9e:97:19:45:94:99:6b:e2:65:6c:
88:8a:1f:a5:9c:a5:09:f0:c7:f9:43:c7:7e:15:0a:
cc:cd:f1:9e:dd:4b:bc:7f:12:fd:3b:23:8e:87:1f:
01:ba:27:e8:45:8a:6b:06:35:7d:05:e5:27:09:d8:
38:89:4e:af:6e:32:32:9d:de:d6:b3:1f:fb:c5:3e:
0a:99:ca:4d:3d:bf:27:24:5c:36:0b:6d:8d:3a:1e:
77:9c:43:ea:2d:eb:42:29:ca:a9:bc:85:56:63:dd:
7c:93:9e:48:6b:38:14:df:f4:44:4e:e9:41:67:d4:
73:82:ad:38:f3:a0:4d:59:d7:fa:b3:ed:dc:36:f6:
73:d5:6e:97:31:ee:7b:68:67:4d:4f:fc:12:7c:22:
3f:20:4b:4e:32:42:3c:87:d5:5b:cf:da:77:f3:4e:
b7:68:71:10:29:9a:eb:50:5a:5c:31:e9:fa:2b:d8:
54:6d:05:d2:13:33:2c:c0:ec:20:e3:fa:88:d7:bf:
f1:6e:0a:a1:34:14:a5:35:e2:c1:de:ce:86:29:1b:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:EA:E9:30:A0:04:B0:41:23:FE:5E:7A:FE:31:0E:45:84:24:99:83
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LOrpMKAEsEEj_l56_jEORYQkmYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.36.0/22
77.36.68.0/22
77.36.112.0/21
77.36.124.0/22
81.161.4.0/22
91.237.44.0/22
93.120.96.0/22
188.191.252.0/22
194.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
88:67:94:7e:59:c1:49:20:fe:71:0d:0d:7a:a1:f5:81:b0:34:
fe:94:31:28:08:8b:99:a4:ab:4b:90:05:bc:74:54:55:52:ae:
ca:85:d7:b5:53:a4:88:60:05:ce:0c:0e:2b:cd:6c:02:0b:54:
7f:6e:10:72:8b:24:0c:b6:ef:a4:ec:2a:8e:eb:c5:a6:37:23:
50:fe:ad:fe:03:4f:29:70:7d:0b:8c:29:63:af:ef:cc:a8:29:
c4:df:f6:42:0c:b5:47:e6:0d:0c:12:58:27:46:02:b3:53:1b:
f1:a5:ff:ea:92:c8:99:95:45:6d:30:81:c1:68:6b:75:33:f3:
47:4a:05:88:fe:f1:c3:16:1a:9d:c3:db:e1:8e:9e:3f:5c:7c:
e4:8d:a9:f4:9c:8d:5e:bc:b0:b9:0b:f0:28:63:67:57:fd:8a:
26:fb:24:89:53:c8:8e:f9:be:ec:16:e8:64:ae:c1:3e:39:af:
ed:92:27:80:6b:f1:71:fb:79:5e:8b:d9:17:f4:43:8a:7a:18:
47:33:7e:36:59:b3:ca:f2:1b:64:45:43:ad:6f:17:e7:52:27:
8c:f6:c6:6c:a5:96:b0:05:12:da:9a:52:60:2e:6b:6e:99:8d:
8f:88:7e:a2:2f:ca:07:06:33:ef:c1:45:db:ff:c7:f7:7f:5f:
81:93:d9:48
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYgv3j9Ywx1OHiDRXsR9K7jVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNTE4MTcxNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2VhZTkzMGEwMDRiMDQxMjNmZTVlN2FmZTMxMGU0NTg0MjQ5OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZyRLLEC4H6QPCNebuvYR0LkV2hV
mVi1kuJVOgKC0GRe1DAjhcA+4EpzKgffXLehQ56XGUWUmWviZWyIih+lnKUJ8Mf5
Q8d+FQrMzfGe3Uu8fxL9OyOOhx8BuifoRYprBjV9BeUnCdg4iU6vbjIynd7Wsx/7
xT4KmcpNPb8nJFw2C22NOh53nEPqLetCKcqpvIVWY918k55IazgU3/RETulBZ9Rz
gq0486BNWdf6s+3cNvZz1W6XMe57aGdNT/wSfCI/IEtOMkI8h9Vbz9p38063aHEQ
KZrrUFpcMen6K9hUbQXSEzMswOwg4/qI17/xbgqhNBSlNeLB3s6GKRtAPwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCzq6TCgBLBBI/5eev4xDkWEJJmDMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTE9ycE1LQUVzRUVqX2w1Nl9qRU9SWVFrbVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLpckAwQC
TSREAwQDTSRwAwQCTSR8AwQCUaEEAwQCW+0sAwQCXXhgAwQCvL/8AwQCwiFkMA0G
CSqGSIb3DQEBCwUAA4IBAQCIZ5R+WcFJIP5xDQ16ofWBsDT+lDEoCIuZpKtLkAW8
dFRVUq7Khde1U6SIYAXODA4rzWwCC1R/bhByiyQMtu+k7CqO68WmNyNQ/q3+A08p
cH0LjCljr+/MqCnE3/ZCDLVH5g0MElgnRgKzUxvxpf/qksiZlUVtMIHBaGt1M/NH
SgWI/vHDFhqdw9vhjp4/XHzkjan0nI1evLC5C/AoY2dX/Yom+ySJU8iO+b7sFuhk
rsE+Oa/tkieAa/Fx+3lei9kX9EOKehhHM342WbPK8htkRUOtbxfnUieM9sZspZaw
BRLamlJgLmtumY2PiH6iL8oHBjPvwUXb/8f3f1+Bk9lI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org