Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/lfLYrkapNEEkD7r0AaGOqyMz-4c.roa
File: lfLYrkapNEEkD7r0AaGOqyMz-4c.roa (raw, json)
Hash identifier: bCKOSJPbDofpg9B5RagkKx/tuH2IGwFEUFXvZi3IPIM=
Subject key identifier: 95:F2:D8:AE:46:A9:34:41:24:0F:BA:F4:01:A1:8E:AB:23:33:FB:87
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 018AB15FA54FE67E59336F7D09371EDCC92F
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/lfLYrkapNEEkD7r0AaGOqyMz-4c.roa
Signing time: Wed 20 Sep 2023 06:55:50 +0000
ROA not before: Wed 20 Sep 2023 06:55:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31673
IP address blocks: 185.111.120.0/22 maxlen: 24
185.2.24.0/22 maxlen: 24
80.247.160.0/20 maxlen: 24
193.239.88.0/22 maxlen: 24
185.139.148.0/22 maxlen: 24
85.255.208.0/20 maxlen: 24
81.26.208.0/20 maxlen: 24
87.237.96.0/21 maxlen: 24
94.126.64.0/21 maxlen: 24
62.148.160.0/19 maxlen: 24
81.93.48.0/20 maxlen: 24
2a02:728::/32 maxlen: 48
2a06:5dc0::/29 maxlen: 48
2001:16e8::/32 maxlen: 48
2a00:f80::/32 maxlen: 48
2a02:4640::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:5f:a5:4f:e6:7e:59:33:6f:7d:09:37:1e:dc:c9:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Sep 20 06:55:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f2d8ae46a93441240fbaf401a18eab2333fb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:89:4a:74:5d:a5:b1:4c:c7:85:24:08:47:d7:
cc:c0:78:44:71:9a:78:ae:5a:9b:e5:eb:ca:92:8d:
69:af:cc:df:d5:2c:20:f9:22:43:93:3e:9d:89:97:
7c:21:e5:bd:46:2d:b9:7d:9b:01:0a:ea:d8:ef:30:
90:90:38:7f:cf:c1:2e:bf:8b:1c:99:05:03:2d:8b:
f1:22:02:c5:9b:0f:83:4d:f1:1f:b3:e3:2a:6b:0d:
23:79:d2:dc:77:4c:8a:fb:55:e6:c8:95:d5:07:5c:
2e:01:10:6f:ce:03:65:48:6f:cd:e5:87:39:01:ea:
fd:55:21:67:89:c6:e2:1e:b0:3c:d3:f9:6c:5b:e8:
ef:1f:8a:7b:27:25:65:72:42:be:2a:fa:52:94:52:
e9:79:c4:98:91:32:2b:b5:ad:f7:26:c3:02:69:f7:
95:ee:7c:e1:8a:8b:81:65:2a:9b:d5:47:c8:1d:fa:
60:3d:4c:5f:01:98:7c:17:3f:84:9a:bf:39:31:c8:
00:c9:d5:9f:22:48:e9:18:d9:eb:bd:88:e6:f3:c8:
4b:df:29:69:4d:a7:07:a8:4e:c1:96:98:f6:12:2f:
bb:53:d0:44:28:7e:b8:1f:ce:58:e0:0e:54:95:ed:
d7:c5:59:28:5b:0a:56:36:43:57:81:a8:77:67:d8:
bd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F2:D8:AE:46:A9:34:41:24:0F:BA:F4:01:A1:8E:AB:23:33:FB:87
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/lfLYrkapNEEkD7r0AaGOqyMz-4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.160.0/19
80.247.160.0/20
81.26.208.0/20
81.93.48.0/20
85.255.208.0/20
87.237.96.0/21
94.126.64.0/21
185.2.24.0/22
185.111.120.0/22
185.139.148.0/22
193.239.88.0/22
IPv6:
2001:16e8::/32
2a00:f80::/32
2a02:728::/32
2a02:4640::/32
2a06:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:6d:59:e3:14:f1:61:c9:d1:81:7d:59:75:66:b0:ac:74:ef:
f3:b8:4a:e1:4f:e3:3b:45:4f:20:6d:40:d1:2e:96:68:61:cd:
a7:8a:21:ed:47:9b:73:70:d2:64:ce:e8:1e:21:65:02:9a:6c:
fc:69:cd:5b:6c:d5:e3:77:c0:0b:ce:61:ea:93:e8:a7:74:ed:
01:18:72:e8:d9:52:c7:76:b0:42:6a:ba:95:fb:b7:f9:ad:72:
c2:d0:87:3e:5e:0c:88:ae:73:83:7e:c7:13:de:91:60:f7:92:
7b:c2:5b:22:8a:c8:46:62:cf:32:8b:45:87:a8:b1:9a:68:96:
01:62:3a:b7:15:4f:a8:ff:47:d0:f0:cc:cc:75:16:34:2f:48:
5e:c4:d6:14:6e:db:34:f5:f6:cb:66:87:0b:b7:bc:ee:11:d8:
24:fb:e3:85:ab:3e:4f:24:1c:a7:c1:9f:21:58:ae:5d:d4:ab:
f8:7a:43:1e:dd:a0:e7:bb:62:01:5d:08:75:c4:95:3f:a3:fe:
d2:35:37:68:33:26:e0:39:ef:e1:c8:cf:62:58:62:a9:ae:cd:
48:08:23:7b:af:3a:02:e1:1b:3d:df:4a:d9:60:7a:be:bd:da:
7e:c8:6f:4b:95:45:48:32:3f:ee:11:50:0c:0b:0c:1d:ce:48:
9e:19:49:d7
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYqxX6VP5n5ZM299CTce3MkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjY3MTMxZDc2MGI1ZGIxZGU5OGVhMjBjMGY4MmZjMDFj
OWYxZDkwHhcNMjMwOTIwMDY1NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYyZDhhZTQ2YTkzNDQxMjQwZmJhZjQwMWExOGVhYjIzMzNmYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYlKdF2lsUzHhSQIR9fMwHhEcZp4
rlqb5evKko1pr8zf1Swg+SJDkz6diZd8IeW9Ri25fZsBCurY7zCQkDh/z8Euv4sc
mQUDLYvxIgLFmw+DTfEfs+Mqaw0jedLcd0yK+1XmyJXVB1wuARBvzgNlSG/N5Yc5
Aer9VSFnicbiHrA80/lsW+jvH4p7JyVlckK+KvpSlFLpecSYkTIrta33JsMCafeV
7nzhiouBZSqb1UfIHfpgPUxfAZh8Fz+Emr85McgAydWfIkjpGNnrvYjm88hL3ylp
TacHqE7Blpj2Ei+7U9BEKH64H85Y4A5Ule3XxVkoWwpWNkNXgah3Z9i9SwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFJXy2K5GqTRBJA+69AGhjqsjM/uHMB8GA1UdIwQY
MBaAFFhmcTHXYLXbHemOogwPgvwByfHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQt
MjQ4MTEwNmY4YjI1LzEvbGZMWXJrYXBORUVrRDdyMEFhR09xeU16LTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQtMjQ4MTEwNmY4YjI1
LzEvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwSAQCAAEwQgMEBT6UoAME
BFD3oAMEBFEa0AMEBFFdMAMEBFX/0AMEA1ftYAMEA15+QAMEArkCGAMEArlveAME
ArmLlAMEAsHvWDApBAIAAjAjAwUAIAEW6AMFACoAD4ADBQAqAgcoAwUAKgJGQAMF
AyoGXcAwDQYJKoZIhvcNAQELBQADggEBAF1tWeMU8WHJ0YF9WXVmsKx07/O4SuFP
4ztFTyBtQNEulmhhzaeKIe1Hm3Nw0mTO6B4hZQKabPxpzVts1eN3wAvOYeqT6Kd0
7QEYcujZUsd2sEJqupX7t/mtcsLQhz5eDIiuc4N+xxPekWD3knvCWyKKyEZizzKL
RYeosZpolgFiOrcVT6j/R9DwzMx1FjQvSF7E1hRu2zT19stmhwu3vO4R2CT744Wr
Pk8kHKfBnyFYrl3Uq/h6Qx7doOe7YgFdCHXElT+j/tI1N2gzJuA57+HIz2JYYqmu
zUgII3uvOgLhGz3fStlger692n7Ib0uVRUgyP+4RUAwLDB3OSJ4ZSdc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:47 2024 by rpki-client on console-ams.rpki-client.org