Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/Ls6sqzqrxKvY5hAX-o6XqFvB8T4.roa
File: Ls6sqzqrxKvY5hAX-o6XqFvB8T4.roa (raw, json)
Hash identifier: XaN2zr8G84IJJ3XqixCM9tFn10jzqt5v4Ww4jZlmNC4=
Subject key identifier: 2E:CE:AC:AB:3A:AB:C4:AB:D8:E6:10:17:FA:8E:97:A8:5B:C1:F1:3E
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 018CF396E10EEB6AE51F7C3F26E87B2E6E4B
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/Ls6sqzqrxKvY5hAX-o6XqFvB8T4.roa
Signing time: Wed 10 Jan 2024 13:36:40 +0000
ROA not before: Wed 10 Jan 2024 13:36:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 144.86.231.0/24 maxlen: 24
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/24 maxlen: 24
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 12:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:96:e1:0e:eb:6a:e5:1f:7c:3f:26:e8:7b:2e:6e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jan 10 13:36:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2eceacab3aabc4abd8e61017fa8e97a85bc1f13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:04:a6:4b:fc:f8:13:87:ef:f1:7a:c0:6f:9d:
1b:88:e7:0a:b0:c8:9f:92:91:e6:da:0e:c0:09:7a:
36:f0:d4:40:b8:4e:a8:cb:65:8a:a8:7c:ad:37:dc:
6b:d4:d9:a0:fd:e4:54:c8:5d:96:61:a0:68:68:46:
eb:4d:82:46:0f:2a:2a:96:83:b1:32:94:6e:3f:21:
2e:53:ac:b3:8d:57:d5:7e:b1:d4:a9:c2:3a:10:a5:
f4:1c:36:de:a9:97:4d:51:f9:24:ac:fe:66:99:7f:
27:f8:eb:e7:34:6e:de:f4:0e:bf:c4:5f:4a:79:41:
34:d3:dd:23:b2:32:bc:0f:77:98:06:82:c2:b2:66:
4c:20:c8:0d:8c:4b:d2:32:d1:cf:01:55:36:03:d7:
06:e8:ac:18:bd:81:4c:a5:ba:47:16:4e:d6:2d:63:
12:3b:f4:2b:a3:bf:28:0a:25:72:ee:0c:d5:51:be:
73:fd:e2:46:48:a6:58:d8:e8:18:78:5f:d1:f8:8c:
7a:d8:f4:48:54:25:cb:c9:d6:18:02:cb:15:1a:6f:
b3:19:98:90:34:ec:92:00:0f:c5:f2:c4:c1:0d:a9:
12:7e:fe:d8:a8:9b:06:a0:a7:f2:e5:61:a2:b3:a5:
ad:13:6f:a8:ce:c0:54:48:c1:28:38:a8:7e:4c:46:
63:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CE:AC:AB:3A:AB:C4:AB:D8:E6:10:17:FA:8E:97:A8:5B:C1:F1:3E
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/Ls6sqzqrxKvY5hAX-o6XqFvB8T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
195.133.220.0/22
199.74.188.0/22
Signature Algorithm: sha256WithRSAEncryption
44:f4:ff:a7:bb:fc:b8:44:eb:5c:59:d9:e3:96:9b:ac:46:56:
cd:ee:e1:73:8e:24:b7:be:af:14:13:19:1d:2f:2d:63:c2:32:
26:dd:f1:3c:4b:ba:cf:f9:23:d2:9d:13:cd:fb:3f:15:b4:22:
95:03:c6:92:ba:9c:95:7c:9e:cf:11:b5:68:3c:05:a4:6a:0b:
13:2c:f0:e7:dc:9d:2c:ed:00:79:b6:8e:09:78:04:c4:0d:95:
d6:de:74:74:f5:79:d7:61:e6:50:bd:ac:26:49:db:ef:09:26:
6c:3a:05:67:19:06:77:5f:72:e6:70:37:c5:2f:03:dc:11:1d:
37:2a:b7:72:dd:94:48:40:75:17:48:a4:e4:f0:f7:84:a3:6b:
bc:ac:0f:10:04:3c:4d:46:60:e8:43:e5:e0:d7:bf:60:b4:9e:
2d:78:d2:5b:dc:d1:26:9d:83:8d:a8:bb:4e:3c:8d:19:61:fe:
76:12:4c:d2:21:31:53:f7:3b:87:c7:3f:4e:d2:0b:74:8a:a2:
e9:67:44:0d:de:8a:76:42:5c:ff:16:9d:62:dc:2f:d9:4d:d6:
1e:f4:50:d5:b1:4b:fd:5f:4a:bd:ab:d0:98:6c:aa:d2:40:d1:
a8:e2:bd:a4:bc:19:b5:fd:a5:3e:c4:98:95:cc:1c:aa:b7:43:
6c:09:fa:2d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzzluEO62rlH3w/Juh7Lm5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjQwMTEwMTMzNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNlYWNhYjNhYWJjNGFiZDhlNjEwMTdmYThlOTdhODViYzFmMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgSmS/z4E4fv8XrAb50biOcKsMif
kpHm2g7ACXo28NRAuE6oy2WKqHytN9xr1Nmg/eRUyF2WYaBoaEbrTYJGDyoqloOx
MpRuPyEuU6yzjVfVfrHUqcI6EKX0HDbeqZdNUfkkrP5mmX8n+OvnNG7e9A6/xF9K
eUE0090jsjK8D3eYBoLCsmZMIMgNjEvSMtHPAVU2A9cG6KwYvYFMpbpHFk7WLWMS
O/Qro78oCiVy7gzVUb5z/eJGSKZY2OgYeF/R+Ix62PRIVCXLydYYAssVGm+zGZiQ
NOySAA/F8sTBDakSfv7YqJsGoKfy5WGis6WtE2+ozsBUSMEoOKh+TEZjZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC7OrKs6q8Sr2OYQF/qOl6hbwfE+MB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvTHM2c3F6cXJ4S3ZZNWhBWC1vNlhxRnZCOFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDXbTYAwQC
kFbkAwQCuRTEAwQCuYp4AwQCw4XcAwQCx0q8MA0GCSqGSIb3DQEBCwUAA4IBAQBE
9P+nu/y4ROtcWdnjlpusRlbN7uFzjiS3vq8UExkdLy1jwjIm3fE8S7rP+SPSnRPN
+z8VtCKVA8aSupyVfJ7PEbVoPAWkagsTLPDn3J0s7QB5to4JeATEDZXW3nR09XnX
YeZQvawmSdvvCSZsOgVnGQZ3X3LmcDfFLwPcER03Krdy3ZRIQHUXSKTk8PeEo2u8
rA8QBDxNRmDoQ+Xg179gtJ4teNJb3NEmnYONqLtOPI0ZYf52EkzSITFT9zuHxz9O
0gt0iqLpZ0QN3op2Qlz/Fp1i3C/ZTdYe9FDVsUv9X0q9q9CYbKrSQNGo4r2kvBm1
/aU+xJiVzByqt0NsCfot
-----END CERTIFICATE-----
Generated at Thu Jan 11 15:19:11 2024 by rpki-client on console-ams.rpki-client.org