Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/lf18_PG9X8gDtbTqpYuLCy_t7Qw.roa
File: lf18_PG9X8gDtbTqpYuLCy_t7Qw.roa (raw, json)
Hash identifier: jkxU9geavHrkcKGRmDtC0FWz7sfUvgzttRSiMapUFkQ=
Subject key identifier: 95:FD:7C:FC:F1:BD:5F:C8:03:B5:B4:EA:A5:8B:8B:0B:2F:ED:ED:0C
Certificate issuer: /CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Certificate serial: 018A1C3846BFEE62472F798503DEA3A0B281
Authority key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/lf18_PG9X8gDtbTqpYuLCy_t7Qw.roa
Signing time: Tue 22 Aug 2023 07:49:24 +0000
ROA not before: Tue 22 Aug 2023 07:49:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64476
IP address blocks: 185.231.8.0/22 maxlen: 22
85.190.84.0/24 maxlen: 24
85.190.85.0/24 maxlen: 24
85.190.88.0/22 maxlen: 22
185.253.171.0/24 maxlen: 24
185.253.169.0/24 maxlen: 24
185.253.170.0/24 maxlen: 24
185.253.168.0/24 maxlen: 24
85.190.64.0/24 maxlen: 24
46.247.138.0/23 maxlen: 23
46.247.136.0/23 maxlen: 23
85.190.67.0/24 maxlen: 24
46.247.141.0/24 maxlen: 24
185.161.168.0/22 maxlen: 22
46.247.140.0/24 maxlen: 24
87.121.208.0/21 maxlen: 21
2a0a:e805:500::/40 maxlen: 40
2a0a:e805:710::/44 maxlen: 44
2a0a:e805:610::/44 maxlen: 44
2a0a:e805:210::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:38:46:bf:ee:62:47:2f:79:85:03:de:a3:a0:b2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Validity
Not Before: Aug 22 07:49:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95fd7cfcf1bd5fc803b5b4eaa58b8b0b2feded0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:db:d2:9f:7c:39:ce:23:60:8a:4b:32:8a:20:
7b:e0:fa:50:99:fc:27:35:f6:57:66:7d:cf:db:df:
3b:87:e5:5a:32:87:19:71:02:a8:47:86:83:15:ab:
3e:16:38:02:f2:6c:47:39:73:6f:33:96:05:07:9c:
a2:23:a2:e8:5a:3b:84:ea:e5:f6:e6:49:33:72:df:
e2:29:ea:d7:d1:0d:5a:e3:07:f1:c3:4b:e1:d2:2a:
b5:56:a5:d4:42:e0:8a:0a:72:25:49:ea:35:ec:20:
b3:c7:60:ea:bb:df:9c:7f:ac:db:c0:b7:3e:06:23:
77:50:32:e7:f5:9d:88:c0:5f:ae:ea:7d:98:95:79:
83:1d:8b:56:a0:b5:52:f6:63:2c:bc:17:df:7d:89:
09:4a:9e:a9:db:56:b2:bc:85:81:0b:c4:29:f4:99:
90:f3:6f:bf:97:36:12:ee:c9:2a:ba:fb:ad:d4:7d:
e3:bd:88:3c:04:ce:ab:51:85:17:1b:c9:69:61:79:
a6:dd:8e:88:d6:6d:c8:60:ef:51:e3:8f:fa:68:af:
f5:d5:ed:b6:d4:62:74:c7:36:4a:72:29:01:87:ba:
f1:65:49:a7:ae:77:7b:5b:04:09:6a:12:93:dc:37:
ac:e7:1b:7e:e4:b8:89:09:62:91:d0:44:5c:dd:9b:
c6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FD:7C:FC:F1:BD:5F:C8:03:B5:B4:EA:A5:8B:8B:0B:2F:ED:ED:0C
X509v3 Authority Key Identifier:
keyid:6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/lf18_PG9X8gDtbTqpYuLCy_t7Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.136.0-46.247.141.255
85.190.64.0/24
85.190.67.0/24
85.190.84.0/23
85.190.88.0/22
87.121.208.0/21
185.161.168.0/22
185.231.8.0/22
185.253.168.0/22
IPv6:
2a0a:e805:210::/44
2a0a:e805:500::/40
2a0a:e805:610::/44
2a0a:e805:710::/44
Signature Algorithm: sha256WithRSAEncryption
68:e2:e1:bb:34:ee:f1:08:61:33:3c:48:12:28:e6:78:e4:52:
f9:fd:2f:52:7a:06:90:8b:71:2e:61:93:f8:a4:b7:48:97:66:
61:43:6b:55:61:a5:34:60:6c:81:d3:c4:b3:ff:72:7e:6d:15:
a2:06:bb:11:c8:4c:32:e4:bd:79:47:5e:a1:15:52:47:d0:3c:
99:13:50:58:11:e6:c2:38:32:92:00:56:55:cb:b5:4b:81:a6:
75:5c:74:c0:32:03:bd:e2:8e:4a:df:8e:56:1a:9a:7c:7f:af:
4d:1a:4b:e5:7b:72:18:04:7c:10:97:bb:58:1e:32:9e:25:d7:
26:91:f2:47:47:a5:d3:f6:b4:97:19:4a:ff:d1:05:46:55:d1:
47:da:65:cf:9c:6a:30:92:f8:ae:98:34:bf:f8:59:8a:f1:4f:
1a:58:e6:8a:09:ee:c4:d2:ab:db:d0:21:98:32:10:ef:e3:72:
54:f8:fc:9a:8d:6d:bf:db:54:68:e5:98:2f:2d:78:a4:01:db:
f3:1e:b5:a1:34:e3:da:a0:a2:7f:d1:78:e5:0c:af:cd:71:3d:
aa:f0:0b:5f:e2:55:2a:49:35:eb:87:7b:2f:75:15:15:f1:6d:
22:0b:df:f4:81:f0:c9:18:1f:90:51:fb:94:5c:d7:ab:08:cf:
76:67:6d:67
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYocOEa/7mJHL3mFA96joLKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTBkOGUxNTY0ZTQwMzEyYzlkZGYyMWJhMmFhMDNiYTU1
OWVhZDYwHhcNMjMwODIyMDc0OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWZkN2NmY2YxYmQ1ZmM4MDNiNWI0ZWFhNThiOGIwYjJmZWRlZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtvSn3w5ziNgiksyiiB74PpQmfwn
NfZXZn3P2987h+VaMocZcQKoR4aDFas+FjgC8mxHOXNvM5YFB5yiI6LoWjuE6uX2
5kkzct/iKerX0Q1a4wfxw0vh0iq1VqXUQuCKCnIlSeo17CCzx2Dqu9+cf6zbwLc+
BiN3UDLn9Z2IwF+u6n2YlXmDHYtWoLVS9mMsvBfffYkJSp6p21ayvIWBC8Qp9JmQ
82+/lzYS7skquvut1H3jvYg8BM6rUYUXG8lpYXmm3Y6I1m3IYO9R44/6aK/11e22
1GJ0xzZKcikBh7rxZUmnrnd7WwQJahKT3Des5xt+5LiJCWKR0ERc3ZvGiQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFJX9fPzxvV/IA7W06qWLiwsv7e0MMB8GA1UdIwQY
MBaAFG8Q2OFWTkAxLJ3fIboqoDulWerWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYt
YjZhOGY4ZTgwZjdiLzEvbGYxOF9QRzlYOGdEdGJUcXBZdUxDeV90N1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYtYjZhOGY4ZTgwZjdi
LzEvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwRAQCAAEwPjAMAwQDLveI
AwQBLveMAwQAVb5AAwQAVb5DAwQBVb5UAwQCVb5YAwQDV3nQAwQCuaGoAwQCuecI
AwQCuf2oMCkEAgACMCMDBwQqCugFAhADBgAqCugFBQMHBCoK6AUGEAMHBCoK6AUH
EDANBgkqhkiG9w0BAQsFAAOCAQEAaOLhuzTu8QhhMzxIEijmeORS+f0vUnoGkItx
LmGT+KS3SJdmYUNrVWGlNGBsgdPEs/9yfm0Voga7EchMMuS9eUdeoRVSR9A8mRNQ
WBHmwjgykgBWVcu1S4GmdVx0wDIDveKOSt+OVhqafH+vTRpL5XtyGAR8EJe7WB4y
niXXJpHyR0el0/a0lxlK/9EFRlXRR9plz5xqMJL4rpg0v/hZivFPGljmignuxNKr
29AhmDIQ7+NyVPj8mo1tv9tUaOWYLy14pAHb8x61oTTj2qCif9F45QyvzXE9qvAL
X+JVKkk164d7L3UVFfFtIgvf9IHwyRgfkFH7lFzXqwjPdmdtZw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:56 2024 by rpki-client on console-fra.rpki-client.org