Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/LQDl7z2XqERDXI65HL9xK3mDPr4.roa
File: LQDl7z2XqERDXI65HL9xK3mDPr4.roa (raw, json)
Hash identifier: baS5EEha1TyZhAodZJgHDLaLs5SWsidoY2d1VEqF3sE=
Subject key identifier: 2D:00:E5:EF:3D:97:A8:44:43:5C:8E:B9:1C:BF:71:2B:79:83:3E:BE
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 018CCAA8F021A5881E18B679EBB94ABE9B74
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/LQDl7z2XqERDXI65HL9xK3mDPr4.roa
Signing time: Tue 02 Jan 2024 14:51:58 +0000
ROA not before: Tue 02 Jan 2024 14:51:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.1.0/24 maxlen: 24
46.253.3.0/24 maxlen: 24
46.253.2.0/24 maxlen: 24
46.253.4.0/24 maxlen: 24
46.253.0.0/24 maxlen: 24
46.253.5.0/24 maxlen: 24
46.253.6.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
95.169.203.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 04 Feb 2024 19:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:a8:f0:21:a5:88:1e:18:b6:79:eb:b9:4a:be:9b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Jan 2 14:51:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d00e5ef3d97a844435c8eb91cbf712b79833ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:2f:dd:7e:b3:26:e2:26:61:b9:c4:f1:eb:
0d:b7:62:78:79:f1:f2:63:83:5a:ce:1d:94:4b:6f:
9f:17:0f:14:94:0a:08:eb:a6:14:a9:38:12:80:ca:
05:9d:3c:2f:fc:f3:8d:6d:42:eb:8c:08:9c:fa:30:
fb:26:ee:f1:56:f6:94:1d:a6:82:dd:2c:06:cf:df:
7b:ab:02:2b:c3:68:7f:8a:56:ae:6e:08:95:5b:75:
77:ea:28:da:6f:01:35:67:b3:38:8a:ca:40:db:25:
80:56:33:07:59:f6:db:7d:92:2c:bb:e8:d1:1d:ad:
1f:db:f3:4b:7c:f4:d7:9b:6a:81:1f:c6:8d:7f:3d:
c6:db:ff:2b:02:30:f4:af:52:92:1a:1b:2f:d6:05:
f6:33:a1:88:67:ca:63:8f:61:3e:97:38:e7:e7:48:
16:aa:28:bb:f5:12:96:3e:21:03:df:73:23:a1:63:
56:40:cf:9a:96:ad:0a:8f:03:2b:47:e2:80:1d:fd:
f9:fd:b0:1d:5a:fb:2e:ee:ce:59:cd:25:5a:94:2f:
d6:44:76:8f:e3:84:35:df:3d:7c:57:f1:07:39:46:
40:b8:f3:9f:11:bb:34:c8:5b:70:0e:74:bb:80:dd:
19:cb:aa:e9:a0:05:94:13:c0:f7:b2:e3:33:72:30:
98:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:00:E5:EF:3D:97:A8:44:43:5C:8E:B9:1C:BF:71:2B:79:83:3E:BE
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/LQDl7z2XqERDXI65HL9xK3mDPr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.0.0-46.253.6.255
91.132.60.0/24
91.132.62.0/23
95.169.202.0/23
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
8d:fc:f5:57:6e:f5:33:06:1b:73:27:86:e8:df:79:59:bf:c7:
25:3d:8c:7a:f0:8f:7d:07:fd:ea:bf:ba:68:79:00:3c:d6:1f:
ab:56:5d:45:ba:1b:db:63:ba:a5:c6:20:a5:79:c1:bf:ca:d3:
fd:53:10:96:2b:df:0e:93:ba:64:49:ee:29:38:00:ff:83:db:
19:b2:fd:30:ad:9c:b3:7e:92:06:d4:23:4c:00:d5:b4:9a:55:
1a:cb:4a:0c:34:e3:81:7e:9d:06:bf:86:b2:94:ba:aa:97:0b:
f2:e7:12:99:c4:92:e0:35:2e:97:14:a5:7d:61:57:28:15:1e:
70:c6:fc:89:5d:74:0a:18:d0:b0:56:7a:2a:7c:25:a4:d4:eb:
d7:b8:26:22:43:12:64:c5:79:91:b3:56:03:65:13:e6:d4:89:
b8:48:0c:ff:8e:bc:0b:8d:a5:58:11:d3:76:e8:54:ab:92:20:
62:e9:0c:6b:c3:9c:41:50:be:88:59:08:1b:40:37:da:55:0d:
21:81:4e:55:c9:4b:41:2b:15:ee:4d:79:d2:2e:ec:a1:b8:0b:
b3:1e:35:27:54:84:c9:2b:5b:32:af:76:df:8e:10:07:57:4c:
0c:26:62:9c:a8:fd:fe:5f:42:db:1a:ef:fc:fc:b9:dc:b1:1e:
42:aa:10:f6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzKqPAhpYgeGLZ567lKvpt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjQwMTAyMTQ1MTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDAwZTVlZjNkOTdhODQ0NDM1YzhlYjkxY2JmNzEyYjc5ODMzZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh8v3X6zJuImYbnE8esNt2J4efHy
Y4Nazh2US2+fFw8UlAoI66YUqTgSgMoFnTwv/PONbULrjAic+jD7Ju7xVvaUHaaC
3SwGz997qwIrw2h/ilaubgiVW3V36ijabwE1Z7M4ispA2yWAVjMHWfbbfZIsu+jR
Ha0f2/NLfPTXm2qBH8aNfz3G2/8rAjD0r1KSGhsv1gX2M6GIZ8pjj2E+lzjn50gW
qii79RKWPiED33MjoWNWQM+alq0KjwMrR+KAHf35/bAdWvsu7s5ZzSValC/WRHaP
44Q13z18V/EHOUZAuPOfEbs0yFtwDnS7gN0Zy6rpoAWUE8D3suMzcjCYFQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFC0A5e89l6hEQ1yOuRy/cSt5gz6+MB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvTFFEbDd6MlhxRVJEWEk2NUhMOXhLM21EUHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlMAsDAwAu/QME
AC79BgMEAFuEPAMEAVuEPgMEAV+pygMEALnz1TANBAIAAjAHAwUAKgm+gDANBgkq
hkiG9w0BAQsFAAOCAQEAjfz1V271MwYbcyeG6N95Wb/HJT2MevCPfQf96r+6aHkA
PNYfq1ZdRbob22O6pcYgpXnBv8rT/VMQlivfDpO6ZEnuKTgA/4PbGbL9MK2cs36S
BtQjTADVtJpVGstKDDTjgX6dBr+GspS6qpcL8ucSmcSS4DUulxSlfWFXKBUecMb8
iV10ChjQsFZ6KnwlpNTr17gmIkMSZMV5kbNWA2UT5tSJuEgM/468C42lWBHTduhU
q5IgYukMa8OcQVC+iFkIG0A32lUNIYFOVclLQSsV7k150i7sobgLsx41J1SEyStb
Mq92344QB1dMDCZinKj9/l9C2xrv/Py53LEeQqoQ9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:16 2024 by rpki-client on console-fra.rpki-client.org