Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Lfx-pxddg3nVkZw89amPCT3GAik.roa
File: Lfx-pxddg3nVkZw89amPCT3GAik.roa (raw, json)
Hash identifier: s6SRpnjnSPYDPtkeFn1OqcV8tY6+UPea502H0D5KkmM=
Subject key identifier: 2D:FC:7E:A7:17:5D:83:79:D5:91:9C:3C:F5:A9:8F:09:3D:C6:02:29
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018618C59DC46F6671DC519AC7DBA8D95F57
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Lfx-pxddg3nVkZw89amPCT3GAik.roa
Signing time: Fri 03 Feb 2023 19:34:09 +0000
ROA not before: Fri 03 Feb 2023 19:34:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Feb 2023 09:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:c5:9d:c4:6f:66:71:dc:51:9a:c7:db:a8:d9:5f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Feb 3 19:34:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dfc7ea7175d8379d5919c3cf5a98f093dc60229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:53:03:fe:72:3c:31:65:e4:2b:3c:09:0f:9b:
0b:02:c1:3a:97:64:bf:12:37:23:ff:5e:89:90:49:
70:ed:a5:b6:1a:0b:64:e1:ed:b9:b2:1e:33:5d:f4:
2c:94:8f:e5:40:e5:be:2f:8e:94:9a:ee:db:5d:dd:
6f:59:7a:88:16:01:fa:cd:93:fd:f9:e9:f1:af:7e:
36:a4:7d:45:4b:d5:d3:a8:4e:37:3f:6a:a1:77:e5:
a1:01:ee:85:2f:53:06:f7:88:ae:0b:bf:64:1a:16:
79:73:82:5e:ff:79:b8:a2:7a:7a:96:a2:d4:9c:fd:
4d:80:dc:df:08:df:e7:75:33:a4:96:70:65:68:d1:
ff:14:53:46:5b:88:ad:d9:e2:e1:fd:b4:46:e2:d6:
3b:28:80:24:a0:0a:ba:49:a3:dd:d1:0c:33:74:c9:
97:30:ca:ff:ad:31:fd:2c:91:1c:3d:3a:5f:d7:b7:
d3:01:74:ba:35:b5:14:ff:b7:5e:fb:8b:6a:cb:06:
24:50:38:c1:65:94:82:8d:74:5c:7d:ed:3c:b4:e2:
aa:32:2e:76:e4:a6:69:f9:f5:5f:e9:e0:8f:55:a8:
ff:e9:ef:15:49:f9:a4:b6:74:f6:0b:79:68:35:16:
bd:cb:8a:4b:99:03:3a:12:2a:d8:4e:e4:2b:2c:f1:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FC:7E:A7:17:5D:83:79:D5:91:9C:3C:F5:A9:8F:09:3D:C6:02:29
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Lfx-pxddg3nVkZw89amPCT3GAik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0-89.43.42.255
89.43.44.0/24
89.43.73.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
1b:9b:10:5d:68:5a:93:5d:20:5e:c2:7d:da:42:44:23:70:96:
81:8f:ac:63:bf:c5:b0:f1:ee:06:d4:75:d5:eb:6e:53:c6:fc:
cc:c2:90:b5:7b:34:99:80:07:cd:1b:62:52:b8:1e:4c:fd:fa:
c1:5f:69:5a:b5:8d:db:36:53:88:2e:30:0f:89:2c:08:2e:d2:
f2:e8:e1:b8:e6:db:07:b3:d2:14:48:38:91:c5:3f:91:95:03:
1f:b4:06:95:4b:d0:06:ff:e2:22:6d:d7:06:72:ec:91:4d:66:
e2:3c:7f:82:aa:70:ec:eb:40:64:0b:40:b9:da:c7:a8:ed:c8:
50:b8:d7:8a:97:3c:dc:06:31:d5:d8:cc:52:9a:07:20:db:87:
12:21:79:71:2b:cf:b1:6f:ce:76:f9:47:48:dd:0d:59:0f:ff:
a6:bd:06:6f:46:31:dd:19:89:b5:db:26:42:6b:67:18:48:14:
87:a7:d3:bd:fd:b2:ae:ab:0e:93:8d:98:65:02:aa:5b:b0:16:
6d:95:12:21:89:05:85:c4:86:06:54:dc:9c:22:ac:fb:c0:2a:
bc:52:75:b3:ba:ec:84:c9:43:e3:07:0b:3c:16:43:86:c6:3b:
55:a0:17:ea:2b:47:62:af:90:c4:ee:98:63:7c:54:a5:03:63:
8e:fd:6d:ec
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYYYxZ3Eb2Zx3FGax9uo2V9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMjAzMTkzNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZjN2VhNzE3NWQ4Mzc5ZDU5MTljM2NmNWE5OGYwOTNkYzYwMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFMD/nI8MWXkKzwJD5sLAsE6l2S/
Ejcj/16JkElw7aW2Ggtk4e25sh4zXfQslI/lQOW+L46Umu7bXd1vWXqIFgH6zZP9
+enxr342pH1FS9XTqE43P2qhd+WhAe6FL1MG94iuC79kGhZ5c4Je/3m4onp6lqLU
nP1NgNzfCN/ndTOklnBlaNH/FFNGW4it2eLh/bRG4tY7KIAkoAq6SaPd0QwzdMmX
MMr/rTH9LJEcPTpf17fTAXS6NbUU/7de+4tqywYkUDjBZZSCjXRcfe08tOKqMi52
5KZp+fVf6eCPVaj/6e8VSfmktnT2C3loNRa9y4pLmQM6EirYTuQrLPEt8wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFC38fqcXXYN51ZGcPPWpjwk9xgIpMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvTGZ4LXB4ZGRnM25Wa1p3ODlhbVBDVDNHQWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB0BAIAATBuAwQAVcx9
AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8MAwDBANZKygDBABZ
KyoDBABZKywDBABZK0kDBABdcZ4DBABdcjcDBABdcmMDBABdcrsDBAC81RIDBAG8
10gDBAC88A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAG5sQ
XWhak10gXsJ92kJEI3CWgY+sY7/FsPHuBtR11etuU8b8zMKQtXs0mYAHzRtiUrge
TP36wV9pWrWN2zZTiC4wD4ksCC7S8ujhuObbB7PSFEg4kcU/kZUDH7QGlUvQBv/i
Im3XBnLskU1m4jx/gqpw7OtAZAtAudrHqO3IULjXipc83AYx1djMUpoHINuHEiF5
cSvPsW/OdvlHSN0NWQ//pr0Gb0Yx3RmJtdsmQmtnGEgUh6fTvf2yrqsOk42YZQKq
W7AWbZUSIYkFhcSGBlTcnCKs+8AqvFJ1s7rshMlD4wcLPBZDhsY7VaAX6itHYq+Q
xO6YY3xUpQNjjv1t7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org