Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lTlhYxcqQRojrM8FssYZ216EgLM.roa
File: lTlhYxcqQRojrM8FssYZ216EgLM.roa (raw, json)
Hash identifier: 6rSvtUiC67l3GOmJVDzaBKDhxxJxPHaZ4fPekGcE2E0=
Subject key identifier: 95:39:61:63:17:2A:41:1A:23:AC:CF:05:B2:C6:19:DB:5E:84:80:B3
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCA91BB668FC4A85B6D132DF1FD3C1
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lTlhYxcqQRojrM8FssYZ216EgLM.roa
Signing time: Sun 01 Jan 2023 05:45:01 +0000
ROA not before: Sun 01 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56871
IP address blocks: 89.45.92.0/24 maxlen: 24
89.45.93.0/24 maxlen: 24
185.104.196.0/22 maxlen: 22
89.42.233.0/24 maxlen: 24
89.42.232.0/24 maxlen: 24
188.213.233.0/24 maxlen: 24
86.104.132.0/23 maxlen: 23
89.44.100.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a9:1b:b6:68:fc:4a:85:b6:d1:32:df:1f:d3:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95396163172a411a23accf05b2c619db5e8480b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:b0:fc:d8:37:2f:63:a7:c1:ee:68:25:24:
11:72:49:71:b0:a5:77:f5:0d:c0:fb:1e:13:5d:15:
dd:65:08:b4:db:2f:b7:4c:bc:05:98:48:ea:f4:62:
b1:0b:1c:25:48:a4:c2:e1:eb:b3:0e:5e:a1:06:2f:
dc:01:ce:f8:dc:63:4f:c5:dc:54:24:53:2c:98:21:
4b:36:63:a0:4c:ef:ba:fa:67:fe:cf:e3:44:d3:58:
37:00:66:bf:9e:1e:e2:e9:62:4f:8c:63:7a:ae:76:
b6:93:2e:b7:a8:cc:4c:c5:c9:40:21:c6:ed:bb:79:
13:a3:9d:0c:27:ef:45:cb:ef:58:87:14:23:ce:13:
78:13:fa:3e:39:67:9c:b7:d7:0b:7e:1f:74:90:8d:
d8:a3:80:1f:90:48:bd:4b:e9:ba:31:1f:df:79:51:
83:27:39:5c:a2:17:c0:91:c2:46:cf:42:fe:54:3f:
27:ce:df:66:c2:00:cc:3e:9a:34:ba:6b:10:14:0b:
58:98:48:74:e1:f1:3b:02:cd:38:aa:6a:a2:4a:3f:
9b:73:17:b3:a9:7e:5d:2a:26:87:04:1e:66:b1:8e:
b4:0d:cd:9a:0f:eb:bd:12:7e:85:8c:37:28:91:d0:
45:3b:4a:49:dd:47:c9:3e:bc:e4:e8:d9:91:c0:1b:
a2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:39:61:63:17:2A:41:1A:23:AC:CF:05:B2:C6:19:DB:5E:84:80:B3
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lTlhYxcqQRojrM8FssYZ216EgLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.132.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
185.104.196.0/22
188.213.233.0/24
Signature Algorithm: sha256WithRSAEncryption
54:f1:29:60:2e:50:fc:67:7c:af:0b:3f:7c:91:3b:1c:ed:ad:
03:cb:81:26:fb:4a:56:c8:dc:19:51:16:6d:48:90:2d:58:33:
74:79:41:d1:e8:9e:d7:16:d5:63:eb:80:ec:be:e1:76:c9:5e:
53:81:a6:00:16:1a:c0:b1:44:f5:e2:8b:ef:f5:8d:e5:02:dd:
26:7f:19:b9:21:c5:9d:91:8c:e6:f9:54:48:6f:9f:7a:e8:a6:
00:6b:24:87:ed:30:2c:60:34:82:fa:ad:3c:77:93:cf:37:c5:
0c:09:10:56:26:b9:0c:f7:56:e1:7b:8d:fe:9b:4f:51:4b:66:
3d:ff:5e:69:ca:55:69:91:75:6b:9d:4e:df:0d:82:a3:9f:9f:
36:d2:32:11:3a:4e:08:01:c9:95:49:25:f9:65:d9:89:06:c4:
26:2e:83:99:4a:13:74:28:27:73:db:da:8e:b3:c3:b8:6f:16:
fe:28:e2:6d:ac:2a:a8:1b:78:8a:96:65:fc:76:5b:38:0f:9e:
ee:5f:68:7c:e0:b4:68:31:1f:7c:b5:d9:ca:65:6f:89:6b:86:
e9:a2:02:d6:7f:35:f5:98:f0:0b:d9:f5:6f:41:ae:dd:34:ac:
e0:b8:34:1a:30:cd:2d:cd:bb:71:10:0a:69:0e:f9:ad:88:6e:
e2:6b:f5:7b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVr3Kkbtmj8SoW20TLfH9PBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTM5NjE2MzE3MmE0MTFhMjNhY2NmMDViMmM2MTlkYjVlODQ4MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvWw/Ng3L2Onwe5oJSQRcklxsKV3
9Q3A+x4TXRXdZQi02y+3TLwFmEjq9GKxCxwlSKTC4euzDl6hBi/cAc743GNPxdxU
JFMsmCFLNmOgTO+6+mf+z+NE01g3AGa/nh7i6WJPjGN6rna2ky63qMxMxclAIcbt
u3kTo50MJ+9Fy+9YhxQjzhN4E/o+OWect9cLfh90kI3Yo4AfkEi9S+m6MR/feVGD
JzlcohfAkcJGz0L+VD8nzt9mwgDMPpo0umsQFAtYmEh04fE7As04qmqiSj+bcxez
qX5dKiaHBB5msY60Dc2aD+u9En6FjDcokdBFO0pJ3UfJPrzk6NmRwBuipQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJU5YWMXKkEaI6zPBbLGGdtehICzMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbFRsaFl4Y3FRUm9qck04RnNzWVoyMTZFZ0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVmiEAwQB
WSroAwQBWSxkAwQBWS1cAwQCuWjEAwQAvNXpMA0GCSqGSIb3DQEBCwUAA4IBAQBU
8SlgLlD8Z3yvCz98kTsc7a0Dy4Em+0pWyNwZURZtSJAtWDN0eUHR6J7XFtVj64Ds
vuF2yV5TgaYAFhrAsUT14ovv9Y3lAt0mfxm5IcWdkYzm+VRIb5966KYAaySH7TAs
YDSC+q08d5PPN8UMCRBWJrkM91bhe43+m09RS2Y9/15pylVpkXVrnU7fDYKjn582
0jIROk4IAcmVSSX5ZdmJBsQmLoOZShN0KCdz29qOs8O4bxb+KOJtrCqoG3iKlmX8
dls4D57uX2h84LRoMR98tdnKZW+Ja4bpogLWfzX1mPAL2fVvQa7dNKzguDQaMM0t
zbtxEAppDvmtiG7ia/V7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org