Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LtO-De_GzkdBu_l_g_UdEtFkYhE.roa
File: LtO-De_GzkdBu_l_g_UdEtFkYhE.roa (raw, json)
Hash identifier: U0j8Ew9ygIxoVSWzjvUgWUf++zg2fDs+aRx9Cxby9XI=
Subject key identifier: 2E:D3:BE:0D:EF:C6:CE:47:41:BB:F9:7F:83:F5:1D:12:D1:64:62:11
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01858E124B68AD32596A267B23F3F2CBE880
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LtO-De_GzkdBu_l_g_UdEtFkYhE.roa
Signing time: Sat 07 Jan 2023 21:10:41 +0000
ROA not before: Sat 07 Jan 2023 21:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 06:56:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8e:12:4b:68:ad:32:59:6a:26:7b:23:f3:f2:cb:e8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 7 21:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ed3be0defc6ce4741bbf97f83f51d12d1646211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:97:d6:60:d6:60:3d:09:1d:9a:e9:93:63:90:
e4:49:16:4e:10:a8:99:d4:df:94:cd:fc:74:75:72:
1b:8d:80:f1:26:f9:90:a4:db:61:87:f8:b1:d1:9c:
37:80:21:d5:43:0d:08:9e:a8:14:71:54:a3:09:1e:
c6:1c:d0:47:b8:2d:ee:11:8b:5f:27:60:ee:39:c1:
bf:ba:bf:1e:45:f3:2b:41:65:c8:d5:56:9a:ca:ff:
89:e4:6a:a6:c8:fd:9d:74:2b:ba:94:23:ca:9d:2b:
0f:75:11:ba:c3:c8:a3:ef:f0:2b:7e:46:54:19:95:
f7:8d:94:ea:fe:75:4a:5d:af:85:10:06:25:bb:d1:
54:05:55:f5:7f:21:29:38:b0:67:59:1e:4b:cd:ce:
61:48:84:e6:53:e3:65:86:f8:c2:89:61:21:bb:b0:
6b:5f:0e:c0:26:6e:90:7c:e4:16:91:55:e4:9d:a7:
b0:bb:ac:6d:06:83:da:0e:ff:e9:1b:dd:3a:6a:cc:
d4:42:78:75:54:03:c9:3d:af:c1:58:5a:fe:57:5b:
2e:e6:c4:31:2c:61:f9:22:a5:fb:41:b7:9e:06:87:
66:2c:08:ed:02:62:d1:c7:2e:97:54:45:25:b0:26:
ce:d6:01:4c:e9:84:4f:e9:3e:07:ac:74:9e:6c:c5:
32:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D3:BE:0D:EF:C6:CE:47:41:BB:F9:7F:83:F5:1D:12:D1:64:62:11
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LtO-De_GzkdBu_l_g_UdEtFkYhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.52.0/22
84.32.76.0/23
84.32.240.0/24
84.32.243.0/24
88.216.17.0/24
88.216.36.0/24
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.132.0/23
88.216.190.0/24
88.216.214.0/24
88.216.228.0-88.216.247.255
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
59:63:8c:99:46:f9:ec:5d:f6:59:60:30:49:e2:73:ef:c4:35:
a5:e7:70:96:f3:00:3a:ba:c5:5e:e2:db:e6:2c:bf:e5:13:c4:
db:f8:e7:24:d8:ac:a4:bd:08:57:9d:85:3f:52:f1:33:3c:58:
0f:45:0c:58:ed:d0:56:54:00:74:9d:d0:3a:e2:8c:54:e7:74:
27:d6:34:32:a6:81:04:1f:ee:df:a3:bd:04:86:fb:96:5c:d9:
b7:40:a8:8b:37:18:0a:5e:34:01:e7:a3:3d:70:41:32:2f:d3:
79:6f:d0:ee:ae:b5:ff:92:b8:12:d0:64:0c:0c:9f:d8:40:44:
74:02:b7:be:4a:8e:79:3c:55:b7:bf:17:4f:08:48:e3:cc:ea:
c9:83:bd:86:07:1e:36:ec:12:d6:18:24:48:7d:00:37:0e:ca:
f8:be:f0:57:19:94:7a:91:7b:b3:0f:b9:ce:65:a5:6a:66:f2:
1c:96:d3:ea:01:c6:b4:82:e7:c2:db:1e:dc:cc:52:f5:4c:0d:
4f:79:aa:e3:24:7b:29:b6:06:fb:91:e6:28:28:1b:02:d8:ca:
8a:19:41:d0:95:6f:2d:35:2d:af:e2:7d:98:33:6a:dd:ae:86:
e3:7b:52:94:96:cc:73:d3:83:6c:5d:f7:f6:85:79:2f:7f:63:
5e:3d:1d:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYWOEktorTJZaiZ7I/Pyy+iAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA3MjExMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQzYmUwZGVmYzZjZTQ3NDFiYmY5N2Y4M2Y1MWQxMmQxNjQ2MjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZfWYNZgPQkdmumTY5DkSRZOEKiZ
1N+Uzfx0dXIbjYDxJvmQpNthh/ix0Zw3gCHVQw0InqgUcVSjCR7GHNBHuC3uEYtf
J2DuOcG/ur8eRfMrQWXI1Vaayv+J5GqmyP2ddCu6lCPKnSsPdRG6w8ij7/ArfkZU
GZX3jZTq/nVKXa+FEAYlu9FUBVX1fyEpOLBnWR5Lzc5hSITmU+NlhvjCiWEhu7Br
Xw7AJm6QfOQWkVXknaewu6xtBoPaDv/pG906aszUQnh1VAPJPa/BWFr+V1su5sQx
LGH5IqX7QbeeBodmLAjtAmLRxy6XVEUlsCbO1gFM6YRP6T4HrHSebMUyRwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFC7Tvg3vxs5HQbv5f4P1HRLRZGIRMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTHRPLURlX0d6a2RCdV9sX2dfVWRFdEZrWWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFQgBgME
AFQgKgMEAlQgNAMEAVQgTAMEAFQg8AMEAFQg8wMEAFjYEQMEAFjYJAMEAFjYKAME
AFjYKwMEAFjYYgMEAVjYhAMEAFjYvgMEAFjY1jAMAwQCWNjkAwQDWNjwAwQCWNj8
MA0GCSqGSIb3DQEBCwUAA4IBAQBZY4yZRvnsXfZZYDBJ4nPvxDWl53CW8wA6usVe
4tvmLL/lE8Tb+Ock2KykvQhXnYU/UvEzPFgPRQxY7dBWVAB0ndA64oxU53Qn1jQy
poEEH+7fo70EhvuWXNm3QKiLNxgKXjQB56M9cEEyL9N5b9DurrX/krgS0GQMDJ/Y
QER0Are+So55PFW3vxdPCEjjzOrJg72GBx427BLWGCRIfQA3Dsr4vvBXGZR6kXuz
D7nOZaVqZvIcltPqAca0gufC2x7czFL1TA1PearjJHsptgb7keYoKBsC2MqKGUHQ
lW8tNS2v4n2YM2rdrobje1KUlsxz04NsXff2hXkvf2NePR35
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org