Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/lb4FgLmhN1bMaGWCiB56HmaenMs.roa
File: lb4FgLmhN1bMaGWCiB56HmaenMs.roa (raw, json)
Hash identifier: ofFv/Y6tSd49BS1GjPmBkzFSRWHEiI0Y9SG5grl7eZA=
Subject key identifier: 95:BE:05:80:B9:A1:37:56:CC:68:65:82:88:1E:7A:1E:66:9E:9C:CB
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018DEF80BFD3383DB5B880459ED6408829C2
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/lb4FgLmhN1bMaGWCiB56HmaenMs.roa
Signing time: Wed 28 Feb 2024 11:36:48 +0000
ROA not before: Wed 28 Feb 2024 11:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13194
IP address blocks: 82.140.129.0/24 maxlen: 24
84.15.0.0/16 maxlen: 24
84.46.139.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
86.38.1.0/24 maxlen: 24
86.38.34.0/24 maxlen: 24
86.38.41.0/24 maxlen: 24
86.38.52.0/24 maxlen: 24
86.38.62.0/24 maxlen: 24
86.38.64.0/18 maxlen: 24
86.38.72.0/24 maxlen: 24
86.38.73.0/24 maxlen: 24
86.38.74.0/24 maxlen: 24
86.38.75.0/24 maxlen: 24
86.38.81.0/24 maxlen: 24
86.38.84.0/24 maxlen: 24
86.38.97.0/24 maxlen: 24
86.38.152.0/24 maxlen: 24
86.38.153.0/24 maxlen: 24
86.38.215.0/24 maxlen: 24
86.38.228.0/24 maxlen: 24
86.38.230.0/24 maxlen: 24
86.38.237.0/24 maxlen: 24
86.38.245.0/24 maxlen: 24
89.116.124.0/24 maxlen: 24
89.116.129.0/24 maxlen: 24
89.116.143.0/24 maxlen: 24
89.116.151.0/24 maxlen: 24
89.116.155.0/24 maxlen: 24
89.116.160.0/24 maxlen: 24
89.116.162.0/24 maxlen: 24
89.116.174.0/24 maxlen: 24
89.116.176.0/24 maxlen: 24
89.116.178.0/24 maxlen: 24
89.116.232.0/24 maxlen: 24
89.116.235.0/24 maxlen: 24
89.116.238.0/24 maxlen: 24
89.116.240.0/24 maxlen: 24
89.116.245.0/24 maxlen: 24
89.116.249.0/24 maxlen: 24
89.116.251.0/24 maxlen: 24
89.116.254.0/24 maxlen: 24
89.117.10.0/24 maxlen: 24
89.117.14.0/24 maxlen: 24
89.117.69.0/24 maxlen: 24
89.117.92.0/24 maxlen: 24
89.117.93.0/24 maxlen: 24
89.117.125.0/24 maxlen: 24
89.117.127.0/24 maxlen: 24
89.117.138.0/24 maxlen: 24
89.117.141.0/24 maxlen: 24
89.117.156.0/24 maxlen: 24
89.117.165.0/24 maxlen: 24
89.117.220.0/24 maxlen: 24
89.117.221.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.225.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
89.117.247.0/24 maxlen: 24
89.117.248.0/23 maxlen: 24
89.117.255.0/24 maxlen: 24
185.189.154.0/24 maxlen: 24
213.226.128.0/18 maxlen: 24
213.226.161.0/24 maxlen: 24
213.252.192.0/20 maxlen: 20
213.252.220.0/24 maxlen: 24
213.252.223.0/24 maxlen: 24
213.252.224.0/22 maxlen: 22
213.252.234.0/23 maxlen: 23
213.252.236.0/23 maxlen: 23
213.252.252.0/24 maxlen: 24
213.252.254.0/24 maxlen: 24
217.9.248.0/23 maxlen: 23
2a00:f500::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Mar 2024 11:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:80:bf:d3:38:3d:b5:b8:80:45:9e:d6:40:88:29:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Feb 28 11:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95be0580b9a13756cc686582881e7a1e669e9ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3f:cb:87:05:a6:d1:9f:bf:e5:57:03:1a:2f:
03:c7:03:0a:1f:9c:1c:eb:33:5f:d1:44:c8:db:a6:
af:e6:af:d7:6a:12:10:6d:11:89:73:03:a8:63:0d:
7c:66:cd:b0:16:a3:da:78:42:e9:8c:a7:61:c7:35:
d2:55:6f:07:35:36:09:d2:c7:7e:5b:d8:26:a1:aa:
f6:a6:39:70:c4:9b:78:45:61:01:16:fb:4d:1c:1f:
77:77:01:a3:e7:61:02:bb:06:f9:6b:24:4a:3e:03:
0d:e3:5c:bc:88:0f:6a:6b:64:b8:72:82:53:d2:ef:
d5:65:72:7c:3f:69:98:38:39:94:eb:68:d0:1b:ed:
0f:ca:34:9f:c0:45:9c:a4:6b:fc:57:71:ac:79:70:
55:f8:87:d7:be:31:4e:46:5e:99:44:42:12:c1:ae:
28:8a:fb:58:97:64:a5:c9:4a:21:7d:f9:05:57:e2:
8c:89:ff:b7:9e:19:ef:25:81:55:4d:5f:9d:03:be:
cf:4d:56:72:71:b6:43:a9:6d:bc:b3:ac:59:bf:1a:
da:cc:4e:a9:41:ca:83:b8:17:fd:f1:fa:2f:7a:c3:
b3:40:0f:33:1a:4e:94:ff:b1:79:60:52:9e:0f:ff:
1a:a9:20:c1:08:74:fa:a5:77:ba:5f:1b:ee:13:ec:
20:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BE:05:80:B9:A1:37:56:CC:68:65:82:88:1E:7A:1E:66:9E:9C:CB
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/lb4FgLmhN1bMaGWCiB56HmaenMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.129.0/24
84.15.0.0/16
84.46.139.0/24
84.46.204.0/24
84.46.207.0/24
86.38.1.0/24
86.38.34.0/24
86.38.41.0/24
86.38.52.0/24
86.38.62.0/24
86.38.64.0/18
86.38.152.0/23
86.38.215.0/24
86.38.228.0/24
86.38.230.0/24
86.38.237.0/24
86.38.245.0/24
89.116.124.0/24
89.116.129.0/24
89.116.143.0/24
89.116.151.0/24
89.116.155.0/24
89.116.160.0/24
89.116.162.0/24
89.116.174.0/24
89.116.176.0/24
89.116.178.0/24
89.116.232.0/24
89.116.235.0/24
89.116.238.0/24
89.116.240.0/24
89.116.245.0/24
89.116.249.0/24
89.116.251.0/24
89.116.254.0/24
89.117.10.0/24
89.117.14.0/24
89.117.69.0/24
89.117.92.0/23
89.117.125.0/24
89.117.127.0/24
89.117.138.0/24
89.117.141.0/24
89.117.156.0/24
89.117.165.0/24
89.117.220.0/23
89.117.223.0/24
89.117.225.0/24
89.117.243.0/24
89.117.247.0-89.117.249.255
89.117.255.0/24
185.189.154.0/24
213.226.128.0/18
213.252.192.0/20
213.252.220.0/24
213.252.223.0-213.252.227.255
213.252.234.0-213.252.237.255
213.252.252.0/24
213.252.254.0/24
217.9.248.0/23
IPv6:
2a00:f500::/29
Signature Algorithm: sha256WithRSAEncryption
a2:32:a9:54:7d:fd:4c:d7:c0:4b:9e:22:77:9f:62:4a:7c:03:
6c:ed:97:e7:14:4c:25:33:2c:79:ff:15:9a:68:5f:d2:50:cc:
be:b7:dc:b2:8f:b1:f0:08:85:a5:5a:b1:7c:49:4c:81:00:48:
f9:f1:db:4d:3b:ec:f8:96:51:4d:7e:b5:fb:6d:97:1b:b3:fc:
57:d3:43:4f:78:5b:33:5d:63:19:10:e3:73:07:16:35:17:f7:
1a:f5:04:bd:7e:b9:a0:20:60:97:bd:bf:f1:e1:df:e0:58:39:
fb:00:94:e2:db:62:f7:32:46:31:4c:6f:d2:b2:27:48:ff:14:
0c:ca:a3:0b:58:05:6c:41:c2:8f:c2:bd:cd:5e:31:3a:c0:07:
71:19:05:28:9e:5e:cb:4d:95:6a:49:ec:76:a8:e9:9e:e1:aa:
5a:57:cc:0f:fa:94:55:f3:59:91:09:8f:c0:8b:2c:b4:eb:87:
05:1d:59:1f:71:a6:66:d8:b3:ed:4c:0c:e6:b3:30:43:3b:10:
f4:f8:37:ac:dc:f5:5d:0c:d2:ae:c9:3a:f8:36:fb:a7:c9:e7:
95:3a:4f:6d:ef:88:86:9b:d3:c0:84:b1:6e:ff:16:a1:ae:87:
f4:09:ad:17:65:44:89:7a:6c:dc:ab:88:7b:91:4c:a5:1b:4b:
12:c5:fd:6b
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgISAY3vgL/TOD21uIBFntZAiCnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMjI4MTEzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJlMDU4MGI5YTEzNzU2Y2M2ODY1ODI4ODFlN2ExZTY2OWU5Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT/LhwWm0Z+/5VcDGi8DxwMKH5wc
6zNf0UTI26av5q/XahIQbRGJcwOoYw18Zs2wFqPaeELpjKdhxzXSVW8HNTYJ0sd+
W9gmoar2pjlwxJt4RWEBFvtNHB93dwGj52ECuwb5ayRKPgMN41y8iA9qa2S4coJT
0u/VZXJ8P2mYODmU62jQG+0PyjSfwEWcpGv8V3GseXBV+IfXvjFORl6ZREISwa4o
ivtYl2SlyUohffkFV+KMif+3nhnvJYFVTV+dA77PTVZycbZDqW28s6xZvxrazE6p
QcqDuBf98fovesOzQA8zGk6U/7F5YFKeD/8aqSDBCHT6pXe6XxvuE+wgPQIDAQAB
o4IDmzCCA5cwHQYDVR0OBBYEFJW+BYC5oTdWzGhlgogeeh5mnpzLMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvbGI0RmdMbWhOMWJNYUdXQ2lCNTZIbWFlbk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrwYIKwYBBQUHAQcBAf8EggGeMIIBmjCCAYcEAgABMIIB
fwMEAFKMgQMDAFQPAwQAVC6LAwQAVC7MAwQAVC7PAwQAViYBAwQAViYiAwQAViYp
AwQAViY0AwQAViY+AwQGViZAAwQBViaYAwQAVibXAwQAVibkAwQAVibmAwQAVibt
AwQAVib1AwQAWXR8AwQAWXSBAwQAWXSPAwQAWXSXAwQAWXSbAwQAWXSgAwQAWXSi
AwQAWXSuAwQAWXSwAwQAWXSyAwQAWXToAwQAWXTrAwQAWXTuAwQAWXTwAwQAWXT1
AwQAWXT5AwQAWXT7AwQAWXT+AwQAWXUKAwQAWXUOAwQAWXVFAwQBWXVcAwQAWXV9
AwQAWXV/AwQAWXWKAwQAWXWNAwQAWXWcAwQAWXWlAwQBWXXcAwQAWXXfAwQAWXXh
AwQAWXXzMAwDBABZdfcDBAFZdfgDBABZdf8DBAC5vZoDBAbV4oADBATV/MADBADV
/NwwDAMEANX83wMEAtX84DAMAwQB1fzqAwQB1fzsAwQA1fz8AwQA1fz+AwQB2Qn4
MA0EAgACMAcDBQMqAPUAMA0GCSqGSIb3DQEBCwUAA4IBAQCiMqlUff1M18BLniJ3
n2JKfANs7ZfnFEwlMyx5/xWaaF/SUMy+t9yyj7HwCIWlWrF8SUyBAEj58dtNO+z4
llFNfrX7bZcbs/xX00NPeFszXWMZEONzBxY1F/ca9QS9frmgIGCXvb/x4d/gWDn7
AJTi22L3MkYxTG/SsidI/xQMyqMLWAVsQcKPwr3NXjE6wAdxGQUonl7LTZVqSex2
qOme4apaV8wP+pRV81mRCY/Aiyy064cFHVkfcaZm2LPtTAzmszBDOxD0+Des3PVd
DNKuyTr4NvunyeeVOk9t74iGm9PAhLFu/xahrof0Ca0XZUSJemzcq4h7kUylG0sS
xf1r
-----END CERTIFICATE-----
Generated at Wed Mar 13 16:50:37 2024 by rpki-client on console-fra.rpki-client.org