Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/LzrXAUwVr1Qc4nTuExOsX_jyPto.roa
File: LzrXAUwVr1Qc4nTuExOsX_jyPto.roa (raw, json)
Hash identifier: geTbU7ck9K+Oxn2tQSxollnCW88iMKOU5476RDGrrG0=
Subject key identifier: 2F:3A:D7:01:4C:15:AF:54:1C:E2:74:EE:13:13:AC:5F:F8:F2:3E:DA
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 018CC26CF28A24E2313644026CC84F8F0A1C
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/LzrXAUwVr1Qc4nTuExOsX_jyPto.roa
Signing time: Mon 01 Jan 2024 00:29:28 +0000
ROA not before: Mon 01 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 192.214.192.0/19 maxlen: 24
23.90.192.0/18 maxlen: 24
185.87.100.0/22 maxlen: 24
185.20.16.0/22 maxlen: 24
185.134.156.0/22 maxlen: 24
45.133.68.0/22 maxlen: 24
79.99.160.0/21 maxlen: 24
185.133.80.0/22 maxlen: 24
92.119.232.0/22 maxlen: 24
185.197.108.0/22 maxlen: 24
5.183.248.0/22 maxlen: 24
45.89.76.0/22 maxlen: 24
45.92.180.0/22 maxlen: 24
185.48.252.0/22 maxlen: 24
45.129.218.0/24 maxlen: 24
45.129.216.0/24 maxlen: 24
185.163.136.0/22 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 24
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 24
185.191.36.0/22 maxlen: 24
185.163.212.0/22 maxlen: 24
185.86.88.0/22 maxlen: 24
45.86.96.0/22 maxlen: 24
185.163.220.0/22 maxlen: 24
185.163.228.0/22 maxlen: 24
31.204.80.0/21 maxlen: 24
94.187.128.0/19 maxlen: 24
2.59.144.0/22 maxlen: 24
185.186.88.0/22 maxlen: 24
185.169.156.0/22 maxlen: 24
185.132.64.0/22 maxlen: 24
45.142.108.0/22 maxlen: 24
185.135.176.0/22 maxlen: 24
195.216.140.0/22 maxlen: 24
168.220.128.0/19 maxlen: 24
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.120.0/22 maxlen: 24
46.18.126.0/23 maxlen: 24
185.254.8.0/22 maxlen: 24
185.138.116.0/22 maxlen: 24
5.10.128.0/21 maxlen: 24
45.80.252.0/22 maxlen: 24
185.98.116.0/22 maxlen: 24
45.152.16.0/22 maxlen: 24
62.192.156.0/22 maxlen: 24
2a00:41e0::/29 maxlen: 48
2a05:b780::/29 maxlen: 48
2a01:648::/29 maxlen: 48
2a00:6780::/29 maxlen: 48
2a05:c100::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 06:57:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f2:8a:24:e2:31:36:44:02:6c:c8:4f:8f:0a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jan 1 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f3ad7014c15af541ce274ee1313ac5ff8f23eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:67:9f:2e:75:a2:4e:b5:7f:b4:db:be:1b:4b:
e3:fc:4e:60:92:38:d1:bd:cd:80:80:34:ef:bb:ba:
6f:c2:9a:a0:aa:df:76:e2:5c:13:ba:52:16:16:2c:
40:b5:7c:f6:01:22:cd:0b:f8:39:fe:80:e7:ba:96:
38:36:b3:9b:9d:d6:4a:db:99:56:64:2b:62:91:9e:
94:66:ed:4a:c6:04:f2:41:99:9b:b9:1c:96:56:58:
ed:ac:7e:e6:64:f5:18:6f:33:8d:1f:ef:ef:a1:95:
e0:02:be:7f:06:59:7a:fb:03:39:78:34:51:29:0c:
fa:d6:a6:9e:aa:67:95:eb:dd:f6:d3:6f:0d:8b:18:
11:ac:e6:4d:35:02:4e:3b:e8:56:a6:03:c1:b7:b4:
92:77:e0:63:4a:54:67:e4:c1:74:cb:b6:29:d9:04:
65:f2:49:df:28:6f:16:34:43:27:42:d1:a0:24:33:
5a:3e:26:09:bf:81:42:0f:f5:55:da:bb:ed:cd:1b:
6c:4e:1b:a8:38:df:69:af:c3:0e:17:2c:66:3a:fc:
1f:25:18:46:e7:7c:78:b6:a3:e2:52:85:6a:15:6b:
c6:bc:06:16:af:74:a7:81:69:d6:67:fc:05:30:f3:
24:eb:6a:49:e9:26:c6:ba:02:24:42:1b:46:eb:b4:
e7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3A:D7:01:4C:15:AF:54:1C:E2:74:EE:13:13:AC:5F:F8:F2:3E:DA
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/LzrXAUwVr1Qc4nTuExOsX_jyPto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
46:1d:47:cd:b5:2f:ec:ae:21:7a:94:ea:05:c4:c4:73:ac:c1:
bc:44:db:1e:64:e9:82:30:d8:d7:03:2c:b3:91:67:27:1c:b5:
3d:1f:9a:63:f6:2b:18:42:e2:66:3e:1b:fc:8f:2b:45:c1:f2:
6f:9b:4d:76:59:1f:63:ea:c7:4a:c5:a6:a3:59:60:be:ec:61:
a1:bb:63:72:70:31:87:92:c4:c0:33:9c:04:98:15:84:45:12:
ef:60:e7:36:d3:c3:ac:49:bc:b5:58:3c:b7:74:bd:d2:12:af:
a4:78:1d:ae:92:bd:b8:23:93:11:01:31:0e:de:c9:17:e0:2e:
cf:53:3a:ad:c3:10:69:e9:b7:4d:e1:97:4e:c1:2a:de:47:04:
6a:ae:1d:8a:d7:f7:42:aa:52:ab:24:ca:61:1c:3f:ba:c3:de:
5a:26:1c:34:be:5e:b1:52:e2:eb:25:2d:ee:1a:b6:0d:24:ed:
26:b8:e4:e6:f4:2f:c2:da:98:25:de:81:43:99:94:3e:84:b1:
df:b0:16:32:a6:61:b2:b2:ac:92:e0:f0:e1:41:9f:0f:b2:c0:
c2:5b:9c:39:57:d1:8c:d8:4f:f3:cf:35:dd:c8:81:e1:da:56:
09:dd:fc:94:06:5a:89:9e:fa:e0:03:f9:70:29:17:50:1b:b1:
28:7b:8e:cf
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYzCbPKKJOIxNkQCbMhPjwocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjQwMTAxMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNhZDcwMTRjMTVhZjU0MWNlMjc0ZWUxMzEzYWM1ZmY4ZjIzZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWefLnWiTrV/tNu+G0vj/E5gkjjR
vc2AgDTvu7pvwpqgqt924lwTulIWFixAtXz2ASLNC/g5/oDnupY4NrObndZK25lW
ZCtikZ6UZu1KxgTyQZmbuRyWVljtrH7mZPUYbzONH+/voZXgAr5/Bll6+wM5eDRR
KQz61qaeqmeV6932028NixgRrOZNNQJOO+hWpgPBt7SSd+BjSlRn5MF0y7Yp2QRl
8knfKG8WNEMnQtGgJDNaPiYJv4FCD/VV2rvtzRtsThuoON9pr8MOFyxmOvwfJRhG
53x4tqPiUoVqFWvGvAYWr3SngWnWZ/wFMPMk62pJ6SbGugIkQhtG67TnWQIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFC861wFMFa9UHOJ07hMTrF/48j7aMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvTHpyWEFVd1ZyMVFjNG5UdUV4T3NYX2p5UHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCARIEAgABMIIB
CgMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQCuRQQAwQC
uTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQC
uYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQC
ucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHgAwUDKgBn
gAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEARh1HzbUv
7K4hepTqBcTEc6zBvETbHmTpgjDY1wMss5FnJxy1PR+aY/YrGELiZj4b/I8rRcHy
b5tNdlkfY+rHSsWmo1lgvuxhobtjcnAxh5LEwDOcBJgVhEUS72DnNtPDrEm8tVg8
t3S90hKvpHgdrpK9uCOTEQExDt7JF+Auz1M6rcMQaem3TeGXTsEq3kcEaq4ditf3
QqpSqyTKYRw/usPeWiYcNL5esVLi6yUt7hq2DSTtJrjk5vQvwtqYJd6BQ5mUPoSx
37AWMqZhsrKskuDw4UGfD7LAwlucOVfRjNhP88813ciB4dpWCd38lAZaiZ764AP5
cCkXUBuxKHuOzw==
-----END CERTIFICATE-----
Generated at Tue Oct 22 08:44:36 2024 by rpki-client on console-ams.rpki-client.org