Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/LHdLtdtzkp_tJwjAoMlLtYKC7TQ.roa
File: LHdLtdtzkp_tJwjAoMlLtYKC7TQ.roa (raw, json)
Hash identifier: z1z3I8IyNDt6lt50CBdw2D+eL0+qkdnjGekxfR7VhI0=
Subject key identifier: 2C:77:4B:B5:DB:73:92:9F:ED:27:08:C0:A0:C9:4B:B5:82:82:ED:34
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 0188AC07CC48C62EBF4818234A4BCE700E04
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/LHdLtdtzkp_tJwjAoMlLtYKC7TQ.roa
Signing time: Sun 11 Jun 2023 19:56:12 +0000
ROA not before: Sun 11 Jun 2023 19:56:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/22 maxlen: 24
185.180.100.0/24 maxlen: 24
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
147.236.183.0/24 maxlen: 24
147.234.23.0/24 maxlen: 24
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/23 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.125.0/24 maxlen: 24
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.121.0/24 maxlen: 24
141.226.120.0/22 maxlen: 23
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
147.236.154.0/23 maxlen: 23
147.236.156.0/24 maxlen: 24
147.236.156.0/22 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/24 maxlen: 24
185.108.80.0/24 maxlen: 24
185.108.80.0/22 maxlen: 23
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Jun 2023 20:08:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ac:07:cc:48:c6:2e:bf:48:18:23:4a:4b:ce:70:0e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Jun 11 19:56:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c774bb5db73929fed2708c0a0c94bb58282ed34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e9:6e:46:eb:57:74:44:44:32:05:8b:fa:4f:
fa:57:bf:4d:c8:92:e0:fd:89:c7:97:b5:a2:a2:b1:
fa:0a:cf:53:e4:13:e6:c7:2d:41:a9:f4:cf:8b:93:
f9:42:d1:14:bf:b6:d3:9b:e4:b3:53:23:2c:9c:4e:
e5:fd:e4:c8:ff:4b:d2:5c:9a:87:a7:78:b4:83:9b:
99:76:08:d9:61:25:3d:bf:0c:42:9d:ec:89:7f:07:
91:de:f6:52:f4:7e:0e:82:1c:79:91:39:18:31:0d:
6d:12:76:53:84:5d:a3:4b:7a:c0:d9:0a:93:75:87:
68:06:25:b7:73:c1:3c:a5:df:22:16:c4:9d:ed:16:
83:9c:b2:d0:f0:8d:4b:ff:32:1b:55:2e:ad:a2:0a:
31:43:e9:92:95:e3:7b:f0:0d:ea:c3:bf:39:e7:11:
7f:38:b8:84:ee:7f:4a:b4:a1:0e:e9:14:5f:0c:e0:
87:86:de:51:90:34:69:93:bf:81:86:b2:21:f3:95:
7b:1e:65:f6:82:be:83:40:77:9f:6f:fb:17:0d:a6:
bb:c4:9e:90:f1:2f:d2:1c:12:38:3e:cd:cd:fd:25:
d6:96:72:5d:0c:18:3b:b5:21:d9:a2:78:ee:48:89:
d5:15:9c:2d:58:fc:70:65:91:20:41:90:bd:85:7f:
f4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:77:4B:B5:DB:73:92:9F:ED:27:08:C0:A0:C9:4B:B5:82:82:ED:34
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/LHdLtdtzkp_tJwjAoMlLtYKC7TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0/23
147.236.120.0/21
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
a5:c5:d3:cd:da:a8:dc:f4:50:a4:46:cc:bd:ae:7c:cc:a1:c3:
5d:bf:a4:ab:d8:18:fa:01:86:dd:27:3d:e8:52:c7:d4:2d:c2:
9c:5b:d2:0e:18:c7:7a:95:3f:34:7a:72:74:90:95:94:db:87:
be:23:04:f5:e2:97:d0:0e:ea:89:3b:4e:d5:07:69:06:07:5b:
0c:68:f6:73:47:93:b8:11:a4:13:1d:75:65:86:2b:0d:27:f9:
67:bd:53:c0:6b:be:5f:db:a1:20:88:4f:0c:43:54:7a:a7:75:
d9:ec:17:d2:65:19:e3:d2:ed:55:28:e7:b3:2c:bb:73:28:28:
56:87:67:35:10:04:39:a7:93:cd:5f:75:0d:7c:91:42:77:77:
2d:cb:b7:07:c6:1a:25:39:dc:06:3a:12:1a:75:69:10:8b:35:
3c:09:c8:eb:2d:00:82:62:13:a3:49:3a:56:91:35:42:8b:bf:
60:9a:0e:0f:97:4a:bd:c2:70:6c:7c:6d:5b:16:15:23:14:2c:
0f:97:84:cb:d2:5e:c8:d8:d2:c4:85:20:44:85:c7:5b:8d:d1:
d0:2d:54:9b:ba:a2:b2:9b:97:8f:8b:ad:a3:4e:c8:9c:10:05:
86:9b:9c:e2:c5:f5:89:21:7b:29:a9:c8:b1:c0:dd:0c:b5:e2:
20:d5:b6:de
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYisB8xIxi6/SBgjSkvOcA4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjMwNjExMTk1NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzc3NGJiNWRiNzM5MjlmZWQyNzA4YzBhMGM5NGJiNTgyODJlZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneluRutXdEREMgWL+k/6V79NyJLg
/YnHl7WiorH6Cs9T5BPmxy1BqfTPi5P5QtEUv7bTm+SzUyMsnE7l/eTI/0vSXJqH
p3i0g5uZdgjZYSU9vwxCneyJfweR3vZS9H4Oghx5kTkYMQ1tEnZThF2jS3rA2QqT
dYdoBiW3c8E8pd8iFsSd7RaDnLLQ8I1L/zIbVS6togoxQ+mSleN78A3qw7855xF/
OLiE7n9KtKEO6RRfDOCHht5RkDRpk7+BhrIh85V7HmX2gr6DQHefb/sXDaa7xJ6Q
8S/SHBI4Ps3N/SXWlnJdDBg7tSHZonjuSInVFZwtWPxwZZEgQZC9hX/0dQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFCx3S7Xbc5Kf7ScIwKDJS7WCgu00MB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvTEhkTHRkdHprcF90SndqQW9NbEx0WUtDN1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoAwQBk+x0AwQDk+x4AwQEk+yQ
AwQEk+ywAwQCuWxQAwQCuZX8AwQCuadsAwQCua8gAwQCubRkAwQCubZMAwQCubj0
AwQDvL/gAwQE2a9QMA0EAgACMAcDBQAqAHxAMA0GCSqGSIb3DQEBCwUAA4IBAQCl
xdPN2qjc9FCkRsy9rnzMocNdv6Sr2Bj6AYbdJz3oUsfULcKcW9IOGMd6lT80enJ0
kJWU24e+IwT14pfQDuqJO07VB2kGB1sMaPZzR5O4EaQTHXVlhisNJ/lnvVPAa75f
26EgiE8MQ1R6p3XZ7BfSZRnj0u1VKOezLLtzKChWh2c1EAQ5p5PNX3UNfJFCd3ct
y7cHxholOdwGOhIadWkQizU8CcjrLQCCYhOjSTpWkTVCi79gmg4Pl0q9wnBsfG1b
FhUjFCwPl4TL0l7I2NLEhSBEhcdbjdHQLVSbuqKym5ePi62jTsicEAWGm5zixfWJ
IXspqcixwN0MteIg1bbe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:30 2024 by rpki-client on console-ams.rpki-client.org