Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/LUn-NgWJAroEvkbhKkV2orNdp78.roa
File: LUn-NgWJAroEvkbhKkV2orNdp78.roa (raw, json)
Hash identifier: RNeSJE5HNvFMQ8T0fQPR4rpZ4PI22sGnw1y5iSKhk14=
Subject key identifier: 2D:49:FE:36:05:89:02:BA:04:BE:46:E1:2A:45:76:A2:B3:5D:A7:BF
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 01856E26519613654634F9787F5824F6D4C7
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/LUn-NgWJAroEvkbhKkV2orNdp78.roa
Signing time: Sun 01 Jan 2023 16:24:42 +0000
ROA not before: Sun 01 Jan 2023 16:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208006
IP address blocks: 130.185.123.0/24 maxlen: 24
130.185.122.0/24 maxlen: 24
185.235.40.0/22 maxlen: 24
130.185.120.0/22 maxlen: 24
185.215.232.0/22 maxlen: 24
185.215.235.0/24 maxlen: 24
185.215.234.0/24 maxlen: 24
185.204.168.0/22 maxlen: 24
194.5.192.0/23 maxlen: 24
194.5.206.0/23 maxlen: 24
2a0d:4ac0::/48 maxlen: 48
2a0d:4ac0:3::/48 maxlen: 48
2a0d:4ac0:1::/48 maxlen: 48
2a0d:4ac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 12 Feb 2023 09:55:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:51:96:13:65:46:34:f9:78:7f:58:24:f6:d4:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Jan 1 16:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d49fe36058902ba04be46e12a4576a2b35da7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:f0:e2:35:18:db:e0:6b:08:00:e0:af:23:
f9:4a:d3:81:38:d1:22:14:21:1b:9d:74:95:6f:61:
37:9e:bf:55:78:dd:e3:00:6b:af:0c:69:13:40:1d:
44:39:3c:0f:4d:27:97:2a:15:8d:37:d9:61:46:e7:
c0:42:97:bb:8d:ed:05:dc:85:44:4a:1c:33:5a:98:
5e:76:41:9c:cf:1f:f4:7b:57:f0:61:9b:a0:79:c1:
78:1b:1a:b3:c0:a1:21:a4:b7:32:e7:c5:6c:46:95:
11:f1:70:bc:24:7b:f4:36:1e:9e:26:99:af:43:88:
94:fe:6b:f4:0a:95:da:bd:3b:51:19:3a:e0:d5:38:
14:4a:ea:ea:5d:95:44:c6:a0:7c:ab:88:6c:18:c2:
7b:d2:49:dd:70:ba:00:68:82:78:ac:79:cc:e0:22:
9d:b1:a3:3b:35:37:d3:7a:1e:1b:50:ba:18:45:f8:
4c:c8:42:47:67:4c:af:15:03:0c:be:27:1c:a1:e4:
ec:9e:59:42:95:a1:45:90:58:2c:5e:4f:34:2b:6a:
8b:27:c2:ba:a8:23:74:74:89:e7:c4:12:bf:1b:84:
4f:9c:1a:35:a9:d9:3f:5b:b1:e9:d3:75:43:25:d0:
52:d7:8d:89:c6:c8:3e:e2:ad:3a:9a:b8:62:2a:52:
12:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:49:FE:36:05:89:02:BA:04:BE:46:E1:2A:45:76:A2:B3:5D:A7:BF
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/LUn-NgWJAroEvkbhKkV2orNdp78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.215.232.0/22
185.235.40.0/22
194.5.192.0/23
194.5.206.0/23
IPv6:
2a0d:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
56:48:52:a7:c3:ee:f9:b5:12:04:91:e4:1b:f6:6a:a9:60:e5:
92:ed:57:ad:d9:34:ff:82:55:83:bc:eb:d2:50:44:a2:5d:1a:
71:ba:f3:b1:6b:01:b7:2f:ac:6e:1b:6c:55:58:b8:fa:ca:58:
72:42:1f:6f:c3:59:a6:a3:89:47:20:f1:c0:cd:df:a2:d1:6f:
fe:73:6e:57:9c:dc:50:99:61:f9:ec:17:9c:1b:94:38:ff:07:
f4:6a:b4:51:4e:dd:e8:8d:80:6f:36:d5:30:13:be:80:d3:3c:
30:7d:ae:48:64:82:27:0d:fb:36:98:62:2d:e6:90:77:9a:56:
33:91:fc:98:57:88:38:1f:b7:79:a5:70:af:8e:1f:1f:4f:c1:
f7:cb:5e:e5:56:8b:97:e4:47:73:2e:c4:7f:ba:ec:8f:a4:d4:
6d:42:dd:da:8c:ac:f1:20:ea:a6:b8:2f:0a:f3:60:78:35:84:
1a:70:cf:45:94:9c:65:45:2a:67:08:6c:e0:0f:7b:33:18:33:
bc:dc:9c:48:e7:25:96:9e:bd:b5:58:c3:48:84:34:2d:0c:8d:
dd:78:9f:c2:78:92:c6:17:44:55:ea:bc:2c:8f:5b:7b:04:b0:
a9:d7:e6:69:8b:ff:71:24:3f:07:5d:51:18:b5:cb:51:f3:89:
cb:82:7c:ff
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVuJlGWE2VGNPl4f1gk9tTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMTAxMTYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDQ5ZmUzNjA1ODkwMmJhMDRiZTQ2ZTEyYTQ1NzZhMmIzNWRhN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Tw4jUY2+BrCADgryP5StOBONEi
FCEbnXSVb2E3nr9VeN3jAGuvDGkTQB1EOTwPTSeXKhWNN9lhRufAQpe7je0F3IVE
ShwzWphedkGczx/0e1fwYZugecF4GxqzwKEhpLcy58VsRpUR8XC8JHv0Nh6eJpmv
Q4iU/mv0CpXavTtRGTrg1TgUSurqXZVExqB8q4hsGMJ70kndcLoAaIJ4rHnM4CKd
saM7NTfTeh4bULoYRfhMyEJHZ0yvFQMMviccoeTsnllClaFFkFgsXk80K2qLJ8K6
qCN0dInnxBK/G4RPnBo1qdk/W7Hp03VDJdBS142Jxsg+4q06mrhiKlISEQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFC1J/jYFiQK6BL5G4SpFdqKzXae/MB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvTFVuLU5nV0pBcm9FdmtiaEtrVjJvck5kcDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQCgrl4AwQC
ucyoAwQCudfoAwQCuesoAwQBwgXAAwQBwgXOMA8EAgACMAkDBwIqDUrAAAAwDQYJ
KoZIhvcNAQELBQADggEBAFZIUqfD7vm1EgSR5Bv2aqlg5ZLtV63ZNP+CVYO869JQ
RKJdGnG687FrAbcvrG4bbFVYuPrKWHJCH2/DWaajiUcg8cDN36LRb/5zblec3FCZ
YfnsF5wblDj/B/RqtFFO3eiNgG821TATvoDTPDB9rkhkgicN+zaYYi3mkHeaVjOR
/JhXiDgft3mlcK+OHx9PwffLXuVWi5fkR3MuxH+67I+k1G1C3dqMrPEg6qa4Lwrz
YHg1hBpwz0WUnGVFKmcIbOAPezMYM7zcnEjnJZaevbVYw0iENC0Mjd14n8J4ksYX
RFXqvCyPW3sEsKnX5mmL/3EkPwddURi1y1HzicuCfP8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:11 2024 by rpki-client on console-ams.rpki-client.org