Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/L3ThNl3EKVXnZibG2QB_zpnJO04.roa
File: L3ThNl3EKVXnZibG2QB_zpnJO04.roa (raw, json)
Hash identifier: ETsGncdn/HDNbA/fTxxxqDa0MyK20TpGCAwU2BYfiqI=
Subject key identifier: 2F:74:E1:36:5D:C4:29:55:E7:66:26:C6:D9:00:7F:CE:99:C9:3B:4E
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01862DCDD56BA68898E8A52C9FABD8F3928F
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/L3ThNl3EKVXnZibG2QB_zpnJO04.roa
Signing time: Tue 07 Feb 2023 21:35:09 +0000
ROA not before: Tue 07 Feb 2023 21:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.84.1.0/24 maxlen: 24
188.119.122.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
5.182.36.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2d:cd:d5:6b:a6:88:98:e8:a5:2c:9f:ab:d8:f3:92:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Feb 7 21:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f74e1365dc42955e76626c6d9007fce99c93b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:15:ed:b0:83:46:f8:f9:6b:b8:09:cf:53:74:
ab:d0:79:08:02:d1:ca:91:50:6a:02:3b:8c:a4:5d:
f7:f5:25:3c:cd:12:16:2c:e1:9d:90:1a:44:1c:63:
1e:7f:6b:f2:e6:3b:47:93:60:3b:5f:3f:1c:82:50:
76:a5:86:68:d0:90:2a:3b:9f:40:23:0a:b7:72:7b:
9c:94:47:5c:b7:7f:e9:46:e9:89:95:ef:01:7c:8e:
2c:42:38:07:34:e5:bf:e4:88:d8:c8:67:3f:ea:d6:
a2:13:85:b5:ce:1d:51:73:6f:6f:a9:e9:54:0b:92:
43:4b:de:00:3c:e6:24:4a:75:4e:ad:1b:99:e9:a3:
9a:67:b3:12:4a:a5:3e:08:3a:47:24:5b:44:c5:c1:
2e:03:a2:9e:53:a9:9a:6b:9c:3e:df:33:b8:d0:d2:
e2:f6:68:bf:90:f5:d3:2b:21:57:6c:ba:ae:49:fc:
1b:02:38:13:99:14:86:b0:5f:2c:c1:17:76:d8:53:
51:b5:c6:44:f4:ae:bb:13:0e:e3:85:75:e7:dc:e9:
08:d5:e6:21:a6:35:fe:21:10:fa:9f:0e:ce:df:85:
4c:05:33:ce:54:cc:9a:89:bd:8c:33:52:58:ab:24:
9f:59:e6:d4:17:e8:f3:25:19:c5:30:b6:67:ee:94:
c6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:74:E1:36:5D:C4:29:55:E7:66:26:C6:D9:00:7F:CE:99:C9:3B:4E
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/L3ThNl3EKVXnZibG2QB_zpnJO04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/24
5.182.39.0/24
45.8.144.0/23
45.67.35.0/24
45.84.0.0/23
45.87.153.0-45.87.154.255
45.89.52.0/24
45.159.248.0/22
93.185.166.0/24
141.98.169.0/24
185.231.204.0/22
188.119.122.0/23
193.46.56.0/23
193.57.136.0-193.57.138.255
194.4.48.0/22
194.116.172.0/24
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
37:dd:2b:d6:d4:dd:8d:db:ab:86:4b:ea:69:00:1f:08:b0:85:
85:10:d1:9c:20:be:5f:2e:7f:d8:b7:d6:bf:62:c4:c0:02:ef:
ec:67:dc:4c:49:be:74:4c:ab:ae:90:23:2d:e0:f0:ac:83:80:
0a:ae:61:b9:2b:46:74:1b:75:f7:f4:56:96:b1:82:0b:bf:8c:
15:d3:a1:ff:01:5e:ef:59:7a:73:a8:a7:a8:ba:df:3c:b1:eb:
03:14:e8:63:26:54:68:c1:10:c7:b1:cd:5f:77:1f:3f:95:0f:
fd:6a:89:a2:37:bf:77:11:d3:68:52:fe:60:90:b8:72:6a:48:
f0:38:ff:c4:54:68:d9:a6:ba:d9:8f:e8:fa:9d:e5:37:cb:60:
31:be:45:f3:d2:f5:df:80:13:9c:a1:df:eb:f7:fe:b0:b5:71:
60:e4:2f:3c:70:08:ff:08:a8:69:45:c9:67:db:71:94:b3:2b:
0d:02:b3:76:3d:d6:42:d6:c2:42:9a:8d:fb:56:fb:55:a4:72:
ae:97:cb:39:74:c8:45:1c:2b:a7:72:8e:98:62:d7:9f:68:b7:
93:83:b5:b2:e2:ce:cc:cb:a1:d1:4f:a7:dc:fe:bf:ed:b7:cd:
fa:5b:04:3b:4a:b1:9f:bd:49:fa:aa:05:30:3e:1d:6a:6b:b4:
55:4a:aa:c4
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYYtzdVrpoiY6KUsn6vY85KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMjA3MjEzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjc0ZTEzNjVkYzQyOTU1ZTc2NjI2YzZkOTAwN2ZjZTk5YzkzYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxXtsING+PlruAnPU3Sr0HkIAtHK
kVBqAjuMpF339SU8zRIWLOGdkBpEHGMef2vy5jtHk2A7Xz8cglB2pYZo0JAqO59A
Iwq3cnuclEdct3/pRumJle8BfI4sQjgHNOW/5IjYyGc/6taiE4W1zh1Rc29vqelU
C5JDS94APOYkSnVOrRuZ6aOaZ7MSSqU+CDpHJFtExcEuA6KeU6maa5w+3zO40NLi
9mi/kPXTKyFXbLquSfwbAjgTmRSGsF8swRd22FNRtcZE9K67Ew7jhXXn3OkI1eYh
pjX+IRD6nw7O34VMBTPOVMyaib2MM1JYqySfWebUF+jzJRnFMLZn7pTGPwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFC904TZdxClV52YmxtkAf86ZyTtOMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTDNUaE5sM0VLVlhuWmliRzJRQl96cG5KTzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAFtiQD
BAAFticDBAEtCJADBAAtQyMDBAEtVAAwDAMEAC1XmQMEAC1XmgMEAC1ZNAMEAi2f
+AMEAF25pgMEAI1iqQMEArnnzAMEAbx3egMEAcEuODAMAwQDwTmIAwQAwTmKAwQC
wgQwAwQAwnSsAwQBwnS+MA0GCSqGSIb3DQEBCwUAA4IBAQA33SvW1N2N26uGS+pp
AB8IsIWFENGcIL5fLn/Yt9a/YsTAAu/sZ9xMSb50TKuukCMt4PCsg4AKrmG5K0Z0
G3X39FaWsYILv4wV06H/AV7vWXpzqKeout88sesDFOhjJlRowRDHsc1fdx8/lQ/9
aomiN793EdNoUv5gkLhyakjwOP/EVGjZprrZj+j6neU3y2AxvkXz0vXfgBOcod/r
9/6wtXFg5C88cAj/CKhpRcln23GUsysNArN2PdZC1sJCmo37VvtVpHKul8s5dMhF
HCunco6YYtefaLeTg7Wy4s7My6HRT6fc/r/tt836WwQ7SrGfvUn6qgUwPh1qa7RV
SqrE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:42 2023 by rpki-client on console-fra.rpki-client.org