Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lqHUMUjiwujNsXOeMJqv68-83lw.roa
File: lqHUMUjiwujNsXOeMJqv68-83lw.roa (raw, json)
Hash identifier: AeWSAWEiEeqmJ4C7M2MZQy004lu+emi37tOZWL2KBLE=
Subject key identifier: 96:A1:D4:31:48:E2:C2:E8:CD:B1:73:9E:30:9A:AF:EB:CF:BC:DE:5C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018C7C293CFD5C836CBF2B4531A18C079C0C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lqHUMUjiwujNsXOeMJqv68-83lw.roa
Signing time: Mon 18 Dec 2023 09:02:06 +0000
ROA not before: Mon 18 Dec 2023 09:02:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 185.55.4.0/22 maxlen: 23
176.96.88.0/22 maxlen: 22
176.103.240.0/21 maxlen: 22
176.116.232.0/22 maxlen: 22
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
64.43.112.0/22 maxlen: 22
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
64.43.124.0/22 maxlen: 22
178.212.188.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Dec 2023 11:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:29:3c:fd:5c:83:6c:bf:2b:45:31:a1:8c:07:9c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 18 09:02:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96a1d43148e2c2e8cdb1739e309aafebcfbcde5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:25:fd:55:cb:ad:1b:a7:44:54:17:56:52:
41:4e:72:e4:ad:ea:d5:47:95:99:1d:f9:41:b7:9f:
7d:82:d6:ef:fd:0f:f9:75:b1:b6:bf:86:0b:d7:0a:
0e:3d:79:1c:ee:fa:a0:35:82:b5:60:9e:e4:54:11:
19:da:1e:64:d6:71:e1:69:c1:38:ec:6e:96:21:2d:
c7:86:cc:0a:9c:09:a3:b6:47:48:17:68:a2:f3:47:
d7:8e:b9:09:25:3a:3a:62:d4:8b:17:72:36:9e:46:
ea:78:20:de:4b:af:25:ce:38:7d:ea:e0:0f:1b:42:
42:5a:5a:68:ef:8f:17:ba:30:22:a5:75:1f:ce:25:
7f:89:da:5d:aa:ba:e9:9b:87:d1:e6:a7:f7:6b:a6:
2d:7a:47:b3:d2:e3:c8:d5:94:4c:87:dd:a2:8f:fe:
6e:c9:dd:94:58:d8:e8:90:8d:99:2d:5f:ec:c2:4b:
bb:e3:b3:92:9c:4d:65:9d:de:0d:c8:73:da:f5:f5:
27:3d:99:a3:31:f0:7a:d0:29:fe:0c:31:6d:a7:e2:
62:a3:15:7e:a6:73:9d:98:7d:1c:5e:b7:7a:03:9f:
16:94:a8:1e:46:82:0d:de:0b:e9:95:56:18:f2:a3:
ec:d1:fc:1d:56:34:f6:0d:b2:47:fa:ed:9e:ad:b7:
b2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A1:D4:31:48:E2:C2:E8:CD:B1:73:9E:30:9A:AF:EB:CF:BC:DE:5C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lqHUMUjiwujNsXOeMJqv68-83lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.112.0/22
64.43.124.0/22
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.116.232.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:a3:7f:e0:61:9d:b9:84:da:04:92:f3:36:b1:51:85:88:d7:
e8:f8:84:c8:a2:e4:35:d9:4a:62:a7:7f:b8:59:94:d2:c3:54:
a6:42:c1:12:f3:32:7e:77:3e:09:26:bc:46:ec:2e:6a:49:26:
64:c2:ed:2c:db:28:e3:1d:75:cb:40:77:73:87:7d:e2:35:2d:
55:04:13:d1:56:57:3a:f7:6e:1a:33:3a:97:e2:f1:c9:9a:59:
26:e6:d4:16:6e:45:4d:5f:92:52:92:7b:fd:0e:b6:e5:6e:e6:
b0:a3:da:91:57:2b:a6:36:f6:60:9e:c8:86:24:d1:a9:d5:ad:
79:b1:54:73:ce:a6:11:1c:25:93:30:38:4a:ec:3e:a6:3f:48:
ab:7a:7c:c9:62:1a:be:1e:de:9c:2c:fd:72:c1:e1:c0:53:05:
f5:68:2c:e5:97:89:3d:29:69:d2:d4:c3:e6:85:f5:1c:3c:bb:
82:5c:77:00:f3:28:0a:be:0a:be:ce:73:0c:49:52:fa:d2:3c:
f0:34:5d:23:90:dd:ed:be:a8:07:aa:86:f6:1f:02:3f:6f:00:
c8:0f:3a:9d:75:ec:7c:10:7b:b5:9c:d0:b0:78:14:8b:e7:86:
2b:9b:ca:66:b1:5e:5a:6c:66:dc:ec:06:50:ce:00:8a:25:38:
65:1d:fa:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYx8KTz9XINsvytFMaGMB5wMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMjE4MDkwMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmExZDQzMTQ4ZTJjMmU4Y2RiMTczOWUzMDlhYWZlYmNmYmNkZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWAl/VXLrRunRFQXVlJBTnLkrerV
R5WZHflBt599gtbv/Q/5dbG2v4YL1woOPXkc7vqgNYK1YJ7kVBEZ2h5k1nHhacE4
7G6WIS3HhswKnAmjtkdIF2ii80fXjrkJJTo6YtSLF3I2nkbqeCDeS68lzjh96uAP
G0JCWlpo748XujAipXUfziV/idpdqrrpm4fR5qf3a6Ytekez0uPI1ZRMh92ij/5u
yd2UWNjokI2ZLV/swku747OSnE1lnd4NyHPa9fUnPZmjMfB60Cn+DDFtp+JioxV+
pnOdmH0cXrd6A58WlKgeRoIN3gvplVYY8qPs0fwdVjT2DbJH+u2erbey0wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJah1DFI4sLozbFznjCar+vPvN5cMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbHFIVU1Vaml3dWpOc1hPZU1KcXY2OC04M2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCQCtwAwQC
QCt8AwQCsGBYAwQDsGZ4AwQDsGfwAwQCsHToAwQDstS4AwQCuTcEAwQCuTeMAwQC
wSTMMA0GCSqGSIb3DQEBCwUAA4IBAQCmo3/gYZ25hNoEkvM2sVGFiNfo+ITIouQ1
2Upip3+4WZTSw1SmQsES8zJ+dz4JJrxG7C5qSSZkwu0s2yjjHXXLQHdzh33iNS1V
BBPRVlc6924aMzqX4vHJmlkm5tQWbkVNX5JSknv9Drblbuawo9qRVyumNvZgnsiG
JNGp1a15sVRzzqYRHCWTMDhK7D6mP0irenzJYhq+Ht6cLP1yweHAUwX1aCzll4k9
KWnS1MPmhfUcPLuCXHcA8ygKvgq+znMMSVL60jzwNF0jkN3tvqgHqob2HwI/bwDI
Dzqddex8EHu1nNCweBSL54Yrm8pmsV5abGbc7AZQzgCKJThlHfpS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org