Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Lrl5qT-xRBgUrXKEsxEQfWW0oRU.roa
File: Lrl5qT-xRBgUrXKEsxEQfWW0oRU.roa (raw, json)
Hash identifier: 5UDyb2BVmjYD5UoKph2SJazD4pEzWoeXvEzzA1mM+vg=
Subject key identifier: 2E:B9:79:A9:3F:B1:44:18:14:AD:72:84:B3:11:10:7D:65:B4:A1:15
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018D3A9666C34F15EC7EC219B0FB431C022D
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Lrl5qT-xRBgUrXKEsxEQfWW0oRU.roa
Signing time: Wed 24 Jan 2024 08:29:11 +0000
ROA not before: Wed 24 Jan 2024 08:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1680
IP address blocks: 46.116.0.0/16 maxlen: 16
46.117.0.0/16 maxlen: 16
46.210.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.88.0/22 maxlen: 24
62.0.92.0/23 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
62.90.0.0/16 maxlen: 24
62.90.135.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
82.166.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
82.166.201.128/25 maxlen: 25
85.64.0.0/16 maxlen: 16
85.65.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
89.138.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
93.172.0.0/16 maxlen: 16
93.173.0.0/16 maxlen: 16
95.35.0.0/16 maxlen: 24
109.186.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
147.161.8.0/21 maxlen: 24
147.234.17.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
147.234.26.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
147.234.28.0/24 maxlen: 24
147.234.43.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
176.12.128.0/17 maxlen: 24
176.13.0.0/16 maxlen: 24
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
192.118.30.0/23 maxlen: 23
194.90.0.0/16 maxlen: 24
194.90.1.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.21.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
207.232.0.0/18 maxlen: 18
212.29.192.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
212.143.0.0/16 maxlen: 24
212.143.194.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
217.132.0.0/16 maxlen: 16
2001:4df0::/29 maxlen: 32
2001:4df0::/32 maxlen: 32
2001:4df1::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Apr 2024 20:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:96:66:c3:4f:15:ec:7e:c2:19:b0:fb:43:1c:02:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 24 08:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2eb979a93fb1441814ad7284b311107d65b4a115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:30:60:f6:d0:d5:73:be:57:8f:87:29:fd:e2:
77:89:bb:69:84:38:6b:ea:48:1b:2e:76:cd:ac:a8:
34:d1:ee:b2:7b:39:d3:24:e0:3c:4e:61:ff:7c:c6:
ae:5a:78:b5:f8:eb:ed:d5:2e:77:17:fd:64:84:45:
df:ad:f8:84:6b:b3:7f:72:f0:ad:2f:1a:59:0b:0a:
e6:86:0d:aa:b5:7e:33:f3:50:1f:81:10:5b:d2:b4:
ad:7c:26:ea:6d:95:45:e7:11:10:09:e4:5f:f3:c5:
9b:b9:8c:a3:24:79:81:68:94:99:1b:f9:cc:cd:f7:
5c:10:89:44:15:bc:cd:e8:26:c5:73:ac:23:cc:56:
a6:e5:a0:bd:01:59:f6:4c:74:8a:c2:72:58:f6:a6:
84:0a:32:d8:e1:50:53:47:6a:7d:96:a4:4c:d5:8e:
8e:d1:e7:36:2d:d8:88:de:ee:76:10:36:cb:8d:b1:
fd:f7:8a:b4:8d:cd:f7:6d:32:ed:0c:4e:93:1c:5a:
b4:58:12:f1:6b:ec:fb:87:49:3d:37:62:14:57:09:
e3:b8:4c:56:43:4b:b9:25:ef:b7:b2:16:a6:ca:3b:
43:e0:da:97:5a:d9:5f:12:14:bc:59:3f:6a:b6:f2:
15:f4:55:de:95:0a:2b:99:af:58:b3:86:51:b4:1e:
1d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B9:79:A9:3F:B1:44:18:14:AD:72:84:B3:11:10:7D:65:B4:A1:15
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Lrl5qT-xRBgUrXKEsxEQfWW0oRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.26.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
27:9d:64:23:d2:1b:b9:b6:cc:25:1a:95:83:e9:e4:4d:40:8f:
f7:f2:1f:a9:1d:45:b5:a4:7e:9b:0d:05:05:4a:77:66:5f:16:
49:b4:59:71:9f:ac:36:2f:0f:47:02:c1:f5:ab:0b:45:e2:43:
6f:78:3a:12:ca:94:c0:90:5e:67:39:40:aa:f8:6a:f0:72:e5:
1b:36:f3:7e:96:7d:c1:85:6b:2d:b7:77:55:4e:bf:5f:f2:e0:
0f:cc:8e:70:c1:e0:33:b3:2b:f7:3b:f4:13:09:c4:67:ae:ed:
61:1e:d2:08:93:39:23:e8:33:2f:d4:03:0a:56:84:ef:c0:72:
d8:ce:38:b1:bd:4c:0b:5c:f7:df:e4:a9:e1:39:71:cb:e0:2c:
ab:7d:a6:f1:da:10:75:63:44:1c:84:7f:00:14:55:56:f3:80:
05:13:67:f2:44:1d:3b:08:5f:2c:6a:2d:09:1b:b2:d3:61:f6:
a7:dc:b4:d6:b2:2b:fc:67:b9:67:eb:f5:4b:48:11:2b:85:c8:
a1:cb:0a:02:0b:83:34:5f:2b:46:19:74:06:6d:4e:35:c4:45:
be:9b:d6:ff:a6:b8:16:d9:c2:1a:ca:01:45:78:bc:db:33:c7:
8f:e2:fb:47:ed:20:1b:6d:fa:52:63:b3:9b:32:72:c0:cf:ae:
16:22:2a:9a
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAY06lmbDTxXsfsIZsPtDHAItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTI0MDgyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI5NzlhOTNmYjE0NDE4MTRhZDcyODRiMzExMTA3ZDY1YjRhMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTBg9tDVc75Xj4cp/eJ3ibtphDhr
6kgbLnbNrKg00e6yeznTJOA8TmH/fMauWni1+Ovt1S53F/1khEXfrfiEa7N/cvCt
LxpZCwrmhg2qtX4z81AfgRBb0rStfCbqbZVF5xEQCeRf88WbuYyjJHmBaJSZG/nM
zfdcEIlEFbzN6CbFc6wjzFam5aC9AVn2THSKwnJY9qaECjLY4VBTR2p9lqRM1Y6O
0ec2LdiI3u52EDbLjbH994q0jc33bTLtDE6THFq0WBLxa+z7h0k9N2IUVwnjuExW
Q0u5Je+3shamyjtD4NqXWtlfEhS8WT9qtvIV9FXelQorma9Ys4ZRtB4diwIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFC65eak/sUQYFK1yhLMREH1ltKEVMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvTHJsNXFULXhSQmdVclhLRXN4RVFmV1cwb1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgc0EAgABMIHGAwMB
LnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoDAwFZigMDAV2s
AwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oRAwQAk+oWMAwD
BAGT6hoDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjALAwQHsAyAAwMB
sAwDBALAdhwDAwDCWgMDAMfLAwQGz+gAAwQG1B3AAwMA1I8DAwDUlgMEB9TrAAMD
ANmEMBsEAgACMBUDBQMgAU3wAwUDKgIBSAMFACoDxcAwDQYJKoZIhvcNAQELBQAD
ggEBACedZCPSG7m2zCUalYPp5E1Aj/fyH6kdRbWkfpsNBQVKd2ZfFkm0WXGfrDYv
D0cCwfWrC0XiQ294OhLKlMCQXmc5QKr4avBy5Rs2836WfcGFay23d1VOv1/y4A/M
jnDB4DOzK/c79BMJxGeu7WEe0giTOSPoMy/UAwpWhO/ActjOOLG9TAtc99/kqeE5
ccvgLKt9pvHaEHVjRByEfwAUVVbzgAUTZ/JEHTsIXyxqLQkbstNh9qfctNayK/xn
uWfr9UtIESuFyKHLCgILgzRfK0YZdAZtTjXERb6b1v+muBbZwhrKAUV4vNszx4/i
+0ftIBtt+lJjs5sycsDPrhYiKpo=
-----END CERTIFICATE-----
Generated at Wed Apr 3 23:24:09 2024 by rpki-client on console-ams.rpki-client.org