Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LQltycolpN3KP76oU6FXWQkWHdc.roa
File: LQltycolpN3KP76oU6FXWQkWHdc.roa (raw, json)
Hash identifier: JasGj7qp31dZnX4WWYTnTAW4ymaN5loPmShP7iK9+LA=
Subject key identifier: 2D:09:6D:C9:CA:25:A4:DD:CA:3F:BE:A8:53:A1:57:59:09:16:1D:D7
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018AB7DEF6C71A7EDD20472054C79CAA834C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LQltycolpN3KP76oU6FXWQkWHdc.roa
Signing time: Thu 21 Sep 2023 13:12:37 +0000
ROA not before: Thu 21 Sep 2023 13:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 91.238.42.0/24 maxlen: 24
91.238.42.0/23 maxlen: 23
91.238.43.0/24 maxlen: 24
91.245.91.0/24 maxlen: 24
176.103.121.0/24 maxlen: 24
64.43.72.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 12:06:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:de:f6:c7:1a:7e:dd:20:47:20:54:c7:9c:aa:83:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 21 13:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d096dc9ca25a4ddca3fbea853a1575909161dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d1:c6:6d:1b:21:81:19:8e:76:56:27:8b:83:
7c:2c:c7:2f:84:ae:6e:d8:08:56:db:71:75:cd:fa:
eb:0a:cb:d0:c4:c2:14:75:f2:a1:fd:f4:75:dd:c6:
59:e8:29:bb:2c:c8:68:75:35:30:8d:31:bb:93:74:
04:b4:52:88:68:2d:18:84:1d:7a:13:11:41:09:2c:
2e:e1:b6:17:eb:a0:4e:70:65:9e:a6:c6:82:37:ec:
0a:3c:2c:2c:06:69:df:e3:d3:d3:aa:46:e4:d3:f4:
9d:f5:e7:7b:48:6f:21:51:fa:ad:72:1e:1f:14:ef:
91:08:96:cb:41:9d:6f:01:55:5a:13:97:b5:87:47:
b3:e4:65:e7:78:f3:f4:82:9e:18:bb:77:a5:88:e5:
47:ce:8f:ba:98:74:f3:a9:8e:6c:25:65:0b:0e:e2:
78:18:9c:35:8a:10:7d:08:6e:27:20:29:cc:3c:ea:
e5:9c:cf:a6:17:c2:ad:56:cc:7f:25:4e:b9:71:30:
1b:21:07:ac:ce:32:86:a5:4f:d6:0d:3a:ad:f0:d0:
0a:e8:b1:7f:39:d8:e5:32:2a:c5:58:7e:8c:11:21:
03:4d:54:df:a8:83:9c:ab:be:42:c2:5f:45:89:a0:
f6:18:4b:d1:99:b2:1b:60:fe:ce:b7:5c:a0:80:f1:
d6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:09:6D:C9:CA:25:A4:DD:CA:3F:BE:A8:53:A1:57:59:09:16:1D:D7
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LQltycolpN3KP76oU6FXWQkWHdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.72.0/24
91.234.120.0/23
91.238.42.0/23
91.245.91.0/24
176.103.121.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:4d:0e:ce:e0:7b:ae:4a:9c:d3:04:48:5e:1f:a5:9d:12:91:
ba:09:7a:49:d7:2d:f0:d0:94:57:99:88:93:bb:ca:b6:95:03:
60:53:c9:b5:66:ce:13:bb:95:c7:d3:cb:2d:f3:2d:91:e1:78:
e8:4d:05:63:fd:30:8a:72:81:a2:dc:b2:0c:fd:64:2d:2a:74:
a2:55:cc:b3:88:30:70:a5:84:7b:ad:f2:cb:3b:9c:90:42:b7:
30:95:b6:e1:3b:e9:22:69:24:f7:35:d2:b5:b8:1a:9a:e6:f0:
c3:1b:d4:33:76:7a:20:6b:27:03:21:bd:f9:30:b5:d6:17:c8:
fa:ca:a6:62:03:eb:32:fb:44:8b:f3:48:b8:96:46:23:49:86:
b5:17:ea:17:7d:91:a7:12:56:04:a1:f6:84:56:0c:26:37:d5:
a2:54:af:05:16:80:9f:83:15:7e:43:3e:69:75:30:ab:63:b7:
9e:a2:b7:06:7d:b2:60:5c:4a:46:6d:18:40:da:54:a3:17:b3:
22:5b:16:85:74:aa:09:de:79:4e:1d:38:c2:79:f5:2e:39:ee:
b4:9e:b1:94:4e:43:15:06:10:e9:f1:21:79:31:4b:52:ff:80:
8c:76:e4:32:11:30:7e:4a:2a:30:3b:64:fc:e5:cb:f5:3e:a4:
7c:20:68:73
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYq33vbHGn7dIEcgVMecqoNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwOTIxMTMxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA5NmRjOWNhMjVhNGRkY2EzZmJlYTg1M2ExNTc1OTA5MTYxZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutHGbRshgRmOdlYni4N8LMcvhK5u
2AhW23F1zfrrCsvQxMIUdfKh/fR13cZZ6Cm7LMhodTUwjTG7k3QEtFKIaC0YhB16
ExFBCSwu4bYX66BOcGWepsaCN+wKPCwsBmnf49PTqkbk0/Sd9ed7SG8hUfqtch4f
FO+RCJbLQZ1vAVVaE5e1h0ez5GXnePP0gp4Yu3eliOVHzo+6mHTzqY5sJWULDuJ4
GJw1ihB9CG4nICnMPOrlnM+mF8KtVsx/JU65cTAbIQeszjKGpU/WDTqt8NAK6LF/
OdjlMirFWH6MESEDTVTfqIOcq75Cwl9FiaD2GEvRmbIbYP7Ot1yggPHWCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC0JbcnKJaTdyj++qFOhV1kJFh3XMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTFFsdHljb2xwTjNLUDc2b1U2RlhXUWtXSGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAQCtIAwQB
W+p4AwQBW+4qAwQAW/VbAwQAsGd5MA0GCSqGSIb3DQEBCwUAA4IBAQAcTQ7O4Huu
SpzTBEheH6WdEpG6CXpJ1y3w0JRXmYiTu8q2lQNgU8m1Zs4Tu5XH08st8y2R4Xjo
TQVj/TCKcoGi3LIM/WQtKnSiVcyziDBwpYR7rfLLO5yQQrcwlbbhO+kiaST3NdK1
uBqa5vDDG9QzdnogaycDIb35MLXWF8j6yqZiA+sy+0SL80i4lkYjSYa1F+oXfZGn
ElYEofaEVgwmN9WiVK8FFoCfgxV+Qz5pdTCrY7eeorcGfbJgXEpGbRhA2lSjF7Mi
WxaFdKoJ3nlOHTjCefUuOe60nrGUTkMVBhDp8SF5MUtS/4CMduQyETB+SiowO2T8
5cv1PqR8IGhz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org