Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/LMzC_blljRHvAQYsdtSOyye2zn0.roa
File: LMzC_blljRHvAQYsdtSOyye2zn0.roa (raw, json)
Hash identifier: G9P56csuLUhWmEm3XroO0sStAQlHww7K9cQkPna4nX4=
Subject key identifier: 2C:CC:C2:FD:B9:65:8D:11:EF:01:06:2C:76:D4:8E:CB:27:B6:CE:7D
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F72345EE767DA0AE9DC7651244F03EFF0
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/LMzC_blljRHvAQYsdtSOyye2zn0.roa
Signing time: Mon 13 May 2024 13:46:25 +0000
ROA not before: Mon 13 May 2024 13:46:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.43.136.0/21 maxlen: 21
45.43.136.0/24 maxlen: 24
45.43.138.0/24 maxlen: 24
45.43.139.0/24 maxlen: 24
45.43.164.0/23 maxlen: 23
64.137.8.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
64.137.42.0/23 maxlen: 23
64.137.48.0/23 maxlen: 23
64.137.58.0/23 maxlen: 23
64.137.60.0/22 maxlen: 22
64.137.73.0/24 maxlen: 24
64.137.74.0/24 maxlen: 24
64.137.77.0/24 maxlen: 24
64.137.78.0/24 maxlen: 24
64.137.80.0/22 maxlen: 22
64.137.89.0/24 maxlen: 24
64.137.92.0/23 maxlen: 23
64.137.94.0/23 maxlen: 23
64.137.96.0/22 maxlen: 22
64.137.100.0/23 maxlen: 23
104.143.232.0/21 maxlen: 21
104.143.240.0/22 maxlen: 22
104.143.248.0/21 maxlen: 24
104.222.190.0/24 maxlen: 24
104.233.0.0/21 maxlen: 21
104.233.31.0/24 maxlen: 24
104.233.32.0/20 maxlen: 20
104.233.57.0/24 maxlen: 24
104.238.0.0/22 maxlen: 22
104.238.15.0/24 maxlen: 24
104.238.16.0/24 maxlen: 24
104.238.18.0/24 maxlen: 24
104.238.22.0/24 maxlen: 24
104.238.25.0/24 maxlen: 24
104.239.9.0/24 maxlen: 24
104.239.45.0/24 maxlen: 24
104.239.46.0/24 maxlen: 24
104.239.48.0/24 maxlen: 24
104.239.95.0/24 maxlen: 24
104.239.99.0/24 maxlen: 24
104.239.110.0/24 maxlen: 24
104.249.29.0/24 maxlen: 24
104.249.32.0/22 maxlen: 22
104.249.36.0/24 maxlen: 24
104.249.37.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.250.192.0/21 maxlen: 21
104.250.208.0/20 maxlen: 20
138.128.151.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 08:51:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:34:5e:e7:67:da:0a:e9:dc:76:51:24:4f:03:ef:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 13 13:46:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cccc2fdb9658d11ef01062c76d48ecb27b6ce7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:a7:ac:27:0c:92:c9:58:d3:de:c8:51:17:
1d:3c:7c:1d:12:fa:7c:ed:b5:4f:69:69:cc:0d:84:
c0:29:49:27:aa:4e:2b:08:02:ba:01:81:2a:66:bd:
d0:18:49:84:ee:72:d2:92:31:9a:63:0d:bc:9c:65:
c5:25:e6:c4:6e:6e:3a:46:68:e3:21:58:b0:80:a6:
c3:52:54:1a:36:9f:b7:38:39:85:f5:72:d2:1c:2d:
c4:0c:40:b5:23:02:d1:5d:c4:77:d5:b3:e9:1b:ea:
af:b1:b4:7d:50:3c:9c:9a:86:d8:72:ee:76:f5:16:
16:e0:f2:03:b1:3b:60:21:1b:7f:6a:a3:4e:9a:ac:
a4:2d:a3:74:e2:db:11:48:2a:15:0f:16:7c:18:95:
30:1c:1d:a8:d8:54:e3:b3:f0:db:5a:19:39:11:4b:
76:4f:05:ae:fc:87:ae:8f:e1:f9:60:f6:a6:b2:a8:
c3:26:97:98:08:68:46:ea:e0:45:45:f2:25:4e:93:
02:47:a8:5a:bd:7f:6e:49:e2:f4:14:b2:5b:79:57:
6c:1c:ba:72:b7:f8:9b:87:ee:28:cd:cd:fe:53:ff:
29:9f:f0:23:44:5a:47:13:8f:69:b2:e0:5d:af:85:
2a:e4:31:3a:08:a9:b1:98:9a:5d:cf:70:e0:46:b7:
b6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CC:C2:FD:B9:65:8D:11:EF:01:06:2C:76:D4:8E:CB:27:B6:CE:7D
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/LMzC_blljRHvAQYsdtSOyye2zn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.136.0/21
45.43.164.0/23
64.137.8.0/24
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.73.0-64.137.74.255
64.137.77.0-64.137.78.255
64.137.80.0/22
64.137.89.0/24
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.222.190.0/24
104.233.0.0/21
104.233.31.0-104.233.47.255
104.233.57.0/24
104.238.0.0/22
104.238.15.0-104.238.16.255
104.238.18.0/24
104.238.22.0/24
104.238.25.0/24
104.239.9.0/24
104.239.45.0-104.239.46.255
104.239.48.0/24
104.239.95.0/24
104.239.99.0/24
104.239.110.0/24
104.249.29.0/24
104.249.32.0-104.249.37.255
104.249.55.0/24
104.250.192.0/21
104.250.208.0/20
138.128.151.0/24
138.128.153.0/24
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
37:8b:65:50:0c:e8:ff:11:ab:4c:f7:16:29:32:3e:7e:ff:9e:
23:5d:61:80:45:7b:08:7e:c0:77:29:24:55:bc:76:73:16:fa:
8b:2e:2b:4d:af:01:26:3c:30:1c:9e:c5:08:d2:bf:3f:23:cc:
e9:cb:f5:06:e3:02:26:8e:9c:ab:af:5f:54:89:a0:0a:7a:75:
2e:fc:61:65:85:f9:22:4c:66:e8:f9:81:55:32:97:7f:ea:f5:
90:fb:d6:a7:a7:f7:80:88:89:8c:d8:ad:db:76:c8:7a:8b:6a:
37:06:e9:ca:b6:82:96:97:11:9b:3e:41:40:aa:a7:76:00:be:
a1:36:a5:26:59:18:d7:0f:d2:18:35:bf:a6:be:7a:f4:3f:b0:
7c:f3:3d:a2:b7:17:44:8d:10:6c:d8:8a:d4:18:91:7a:01:91:
19:79:2f:cd:91:99:ed:c0:86:bb:43:29:17:f8:31:de:b8:46:
96:bc:5a:9b:95:ed:7e:12:47:c9:c3:fb:92:d0:3b:ab:b3:32:
50:2f:df:b8:7b:2f:60:f6:d0:48:97:02:d6:ad:0c:50:97:69:
89:b5:0b:8f:4d:1a:b9:1b:60:24:db:dc:22:4b:aa:4d:9e:b4:
b1:66:fa:f3:f6:66:e1:d7:9b:2d:1a:89:80:bf:4c:83:7f:17:
3a:c3:47:b2
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAY9yNF7nZ9oK6dx2USRPA+/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTEzMTM0NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2NjYzJmZGI5NjU4ZDExZWYwMTA2MmM3NmQ0OGVjYjI3YjZjZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/unrCcMkslY097IURcdPHwdEvp8
7bVPaWnMDYTAKUknqk4rCAK6AYEqZr3QGEmE7nLSkjGaYw28nGXFJebEbm46Rmjj
IViwgKbDUlQaNp+3ODmF9XLSHC3EDEC1IwLRXcR31bPpG+qvsbR9UDycmobYcu52
9RYW4PIDsTtgIRt/aqNOmqykLaN04tsRSCoVDxZ8GJUwHB2o2FTjs/DbWhk5EUt2
TwWu/Ieuj+H5YPamsqjDJpeYCGhG6uBFRfIlTpMCR6havX9uSeL0FLJbeVdsHLpy
t/ibh+4ozc3+U/8pn/AjRFpHE49psuBdr4Uq5DE6CKmxmJpdz3DgRre2pwIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFCzMwv25ZY0R7wEGLHbUjssnts59MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTE16Q19ibGxqUkh2QVFZc2R0U095eWUyem4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCCAToEAgABMIIB
MgMEAy0riAMEAS0rpAMEAECJCAMEAUCJCgMEAUCJDgMEAUCJEgMEAUCJKgMEAUCJ
MDAMAwQBQIk6AwQGQIkAMAwDBABAiUkDBABAiUowDAMEAECJTQMEAECJTgMEAkCJ
UAMEAECJWTAMAwQCQIlcAwQBQIlkMAwDBANoj+gDBAJoj/ADBANoj/gDBABo3r4D
BANo6QAwDAMEAGjpHwMEBGjpIAMEAGjpOQMEAmjuADAMAwQAaO4PAwQAaO4QAwQA
aO4SAwQAaO4WAwQAaO4ZAwQAaO8JMAwDBABo7y0DBABo7y4DBABo7zADBABo718D
BABo72MDBABo724DBABo+R0wDAMEBWj5IAMEAWj5JAMEAGj5NwMEA2j6wAMEBGj6
0AMEAIqAlwMEAIqAmQMEANitbzANBgkqhkiG9w0BAQsFAAOCAQEAN4tlUAzo/xGr
TPcWKTI+fv+eI11hgEV7CH7AdykkVbx2cxb6iy4rTa8BJjwwHJ7FCNK/PyPM6cv1
BuMCJo6cq69fVImgCnp1LvxhZYX5Ikxm6PmBVTKXf+r1kPvWp6f3gIiJjNit23bI
eotqNwbpyraClpcRmz5BQKqndgC+oTalJlkY1w/SGDW/pr569D+wfPM9orcXRI0Q
bNiK1BiRegGRGXkvzZGZ7cCGu0MpF/gx3rhGlrxam5XtfhJHycP7ktA7q7MyUC/f
uHsvYPbQSJcC1q0MUJdpibULj00auRtgJNvcIkuqTZ60sWb68/Zm4debLRqJgL9M
g38XOsNHsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org