Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/LFrYk_VhtxMY0NlX069MS_eNWiM.roa
File: LFrYk_VhtxMY0NlX069MS_eNWiM.roa (raw, json)
Hash identifier: YPfvUkmGLJpCmiGbbd3VAi+l8InD2SyTjO/QMQObTtU=
Subject key identifier: 2C:5A:D8:93:F5:61:B7:13:18:D0:D9:57:D3:AF:4C:4B:F7:8D:5A:23
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018617DFD1AAE2F00348A4478E6B28C7BF6A
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/LFrYk_VhtxMY0NlX069MS_eNWiM.roa
Signing time: Fri 03 Feb 2023 15:23:09 +0000
ROA not before: Fri 03 Feb 2023 15:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48635
IP address blocks: 195.39.204.0/23 maxlen: 24
195.39.214.0/23 maxlen: 24
185.103.240.0/22 maxlen: 24
185.103.156.0/22 maxlen: 24
93.187.220.0/22 maxlen: 24
185.56.144.0/22 maxlen: 24
109.72.80.0/20 maxlen: 24
185.159.240.0/22 maxlen: 24
2.57.56.0/22 maxlen: 24
185.66.248.0/22 maxlen: 24
92.63.168.0/21 maxlen: 24
62.221.250.0/24 maxlen: 24
62.221.248.0/21 maxlen: 24
31.186.168.0/21 maxlen: 24
185.37.68.0/22 maxlen: 24
185.182.56.0/22 maxlen: 24
185.224.88.0/22 maxlen: 24
185.109.216.0/22 maxlen: 24
93.180.64.0/21 maxlen: 24
185.107.212.0/22 maxlen: 24
185.107.224.0/23 maxlen: 24
185.187.12.0/22 maxlen: 24
31.25.96.0/21 maxlen: 24
185.87.184.0/22 maxlen: 24
79.99.128.0/21 maxlen: 24
185.175.200.0/22 maxlen: 24
185.233.28.0/22 maxlen: 24
5.157.80.0/21 maxlen: 24
185.27.172.0/22 maxlen: 24
185.95.28.0/22 maxlen: 24
195.238.74.0/23 maxlen: 24
185.223.32.0/22 maxlen: 24
109.106.160.0/19 maxlen: 24
185.94.228.0/22 maxlen: 24
185.94.228.0/24 maxlen: 24
2a05:1500:500::/40 maxlen: 40
2a01:b942::/32 maxlen: 48
2a03:3060::/29 maxlen: 48
2a0b:7280:0:4::/63 maxlen: 63
2a0b:7280::/29 maxlen: 48
2a04:6bc0::/36 maxlen: 48
2a0b:8f80::/48 maxlen: 48
2a02:40c1::/32 maxlen: 48
2a05:1500::/29 maxlen: 48
2a01:b944::/32 maxlen: 48
2a00:f10::/29 maxlen: 48
2a0c:84c0::/29 maxlen: 48
2a01:b940::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Mar 2023 09:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:df:d1:aa:e2:f0:03:48:a4:47:8e:6b:28:c7:bf:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Feb 3 15:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c5ad893f561b71318d0d957d3af4c4bf78d5a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b9:ef:0f:1e:22:be:53:7a:dd:66:e4:32:38:
66:1f:0d:5d:6e:a9:59:98:26:f5:00:51:62:50:e3:
8e:d6:d5:99:c1:84:f0:5b:d0:e2:b1:81:c2:29:9d:
05:7b:26:4c:9f:dc:01:9b:6c:ee:c5:0d:fa:67:e8:
bf:d5:cb:44:df:4c:a8:27:b8:07:45:8c:e0:16:6b:
58:3c:da:54:a6:ae:92:72:f8:36:8e:49:e9:98:a5:
c3:ab:65:8d:59:c0:95:de:ea:51:cc:5f:24:a3:50:
ea:f2:06:36:0c:1a:01:2a:b6:94:19:6d:81:bb:97:
17:95:6f:fd:71:52:5d:6e:95:8b:97:9a:c2:f2:38:
61:e5:49:d5:d9:a3:40:8a:78:be:b0:84:eb:0c:59:
7b:dd:c8:db:6c:c2:04:00:4a:b4:9b:58:e7:b9:f2:
2a:10:f9:08:c4:ae:0d:87:68:d1:52:33:89:d3:59:
8b:0d:3a:97:da:12:8d:ef:aa:1e:75:6d:72:d4:0a:
ef:8e:9d:63:c7:46:29:6b:6b:8d:16:dd:03:0e:fa:
94:ab:c7:af:c7:49:06:4a:fa:f4:56:f9:3b:13:32:
e6:48:b9:6f:6a:74:11:2a:a8:69:d1:c6:23:87:64:
aa:aa:36:74:d3:4d:49:b9:2d:1b:8b:00:64:df:21:
f6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5A:D8:93:F5:61:B7:13:18:D0:D9:57:D3:AF:4C:4B:F7:8D:5A:23
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/LFrYk_VhtxMY0NlX069MS_eNWiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/22
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0/19
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/23
185.109.216.0/22
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.39.204.0/23
195.39.214.0/23
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c1::/32
2a03:3060::/29
2a04:6bc0::/36
2a05:1500::/29
2a0b:7280::/29
2a0b:8f80::/48
2a0c:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:41:02:7c:34:94:99:11:85:54:e0:54:e7:38:4c:b4:f0:82:
14:40:f3:ce:aa:1e:8e:d4:e2:83:4e:52:a3:f2:dd:fb:d8:0a:
0f:d9:8b:80:08:b0:23:33:3e:35:7f:1c:03:b6:5a:de:40:0a:
3b:3a:44:06:b9:bd:94:98:66:09:82:e0:0c:f1:7f:da:6f:5b:
15:a2:d4:04:c8:b4:0c:03:df:00:b9:85:5a:88:82:31:dc:47:
1c:7f:16:9d:bb:33:b4:66:4c:7e:9b:37:18:62:c4:60:a6:b0:
98:4d:83:2f:29:49:e0:95:11:b1:61:76:c3:23:e8:b1:f4:ec:
5f:ce:2a:b9:9d:da:53:f7:71:fa:69:15:16:3c:28:a1:8f:1b:
0d:12:c8:88:64:df:f1:33:0e:4f:a9:96:b9:84:42:35:5c:78:
aa:e6:58:1d:e6:53:bb:6a:ae:0f:fc:c4:8f:34:38:9c:a6:2f:
6a:c9:35:ac:15:b5:e9:1e:21:90:96:9d:c8:b2:7c:4a:1e:b2:
c3:86:29:97:93:33:55:03:45:df:91:e2:9a:29:e7:3c:5e:ef:
42:c4:37:29:9b:73:3e:f6:08:01:48:e7:3d:cc:b2:6c:ee:6f:
77:e6:c7:e4:13:9a:58:c3:53:88:62:10:af:4d:48:50:6e:0c:
48:65:14:a1
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYYX39Gq4vADSKRHjmsox79qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMjAzMTUyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzVhZDg5M2Y1NjFiNzEzMThkMGQ5NTdkM2FmNGM0YmY3OGQ1YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7nvDx4ivlN63WbkMjhmHw1dbqlZ
mCb1AFFiUOOO1tWZwYTwW9DisYHCKZ0FeyZMn9wBm2zuxQ36Z+i/1ctE30yoJ7gH
RYzgFmtYPNpUpq6Scvg2jknpmKXDq2WNWcCV3upRzF8ko1Dq8gY2DBoBKraUGW2B
u5cXlW/9cVJdbpWLl5rC8jhh5UnV2aNAini+sITrDFl73cjbbMIEAEq0m1jnufIq
EPkIxK4Nh2jRUjOJ01mLDTqX2hKN76oedW1y1Arvjp1jx0Ypa2uNFt0DDvqUq8ev
x0kGSvr0Vvk7EzLmSLlvanQRKqhp0cYjh2SqqjZ0001JuS0biwBk3yH2OQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFCxa2JP1YbcTGNDZV9OvTEv3jVojMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvTEZyWWtfVmh0eE1ZME5sWDA2OU1TX2VOV2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCBzQQCAAEwgcYD
BAICOTgDBAMFnVADBAMfGWADBAMfuqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEAD
BAJdu9wDBARtSFADBAVtaqADBAK5G6wDBAK5JUQDBAK5OJADBAK5QvgDBAK5V7gD
BAK5XuQDBAK5XxwDBAK5Z5wDBAK5Z/ADBAK5a9QDBAG5a+ADBAK5bdgDBAK5n/AD
BAK5r8gDBAK5tjgDBAK5uwwDBAK53yADBAK54FgDBAK56RwDBAHDJ8wDBAHDJ9YD
BAHD7kowSAQCAAIwQgMFAyoADxADBQMqAblAAwUAKgJAwQMFAyoDMGADBgQqBGvA
AAMFAyoFFQADBQMqC3KAAwcAKguPgAAAAwUDKgyEwDANBgkqhkiG9w0BAQsFAAOC
AQEAnEECfDSUmRGFVOBU5zhMtPCCFEDzzqoejtTig05So/Ld+9gKD9mLgAiwIzM+
NX8cA7Za3kAKOzpEBrm9lJhmCYLgDPF/2m9bFaLUBMi0DAPfALmFWoiCMdxHHH8W
nbsztGZMfps3GGLEYKawmE2DLylJ4JURsWF2wyPosfTsX84quZ3aU/dx+mkVFjwo
oY8bDRLIiGTf8TMOT6mWuYRCNVx4quZYHeZTu2quD/zEjzQ4nKYvask1rBW16R4h
kJadyLJ8Sh6yw4Ypl5MzVQNF35HiminnPF7vQsQ3KZtzPvYIAUjnPcyybO5vd+bH
5BOaWMNTiGIQr01IUG4MSGUUoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org