Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/lkBwOFWy2tM3hF99BcsdmonfENE.roa
File: lkBwOFWy2tM3hF99BcsdmonfENE.roa (raw, json)
Hash identifier: xmGnml6lritodtppT57gJLFtb32Bq2D8T7bxwTVeokI=
Subject key identifier: 96:40:70:38:55:B2:DA:D3:37:84:5F:7D:05:CB:1D:9A:89:DF:10:D1
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018992268D5FFC5FCF8F52BDEB04765CB10C
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/lkBwOFWy2tM3hF99BcsdmonfENE.roa
Signing time: Wed 26 Jul 2023 12:22:27 +0000
ROA not before: Wed 26 Jul 2023 12:22:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Jul 2023 13:14:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:26:8d:5f:fc:5f:cf:8f:52:bd:eb:04:76:5c:b1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jul 26 12:22:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9640703855b2dad337845f7d05cb1d9a89df10d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a1:f8:f0:31:ad:29:f3:76:67:ad:09:77:ef:
dd:d0:a0:5d:7d:16:e2:6c:54:4f:f7:fc:80:b8:b3:
ec:9b:c0:fc:62:7c:16:2b:14:7a:a1:85:cd:9a:c3:
6d:95:6c:89:68:4e:fa:50:bf:af:a8:68:c2:7e:e8:
37:f6:fb:87:40:ee:62:2b:c3:2d:5d:ac:2f:08:43:
f0:4c:fd:a9:b7:4c:05:a1:84:66:b4:d7:b0:1d:72:
f5:bd:28:7f:f2:a7:ff:0c:ad:1b:31:3b:b4:16:88:
55:68:63:1f:83:8c:59:a7:b0:a2:23:5c:07:cb:a0:
da:a6:0b:10:76:5f:2e:fb:ff:76:69:f7:09:5d:28:
fb:18:17:de:46:30:45:3a:78:45:45:92:55:f7:6f:
7b:5d:06:e7:f8:86:94:7f:09:aa:98:3f:52:b1:ab:
c9:d7:83:52:b5:67:5b:0e:c8:ba:67:63:c4:ef:7d:
2d:a3:04:63:3f:d9:d6:1f:57:98:96:34:2f:39:69:
0a:11:ab:f6:91:8b:bb:67:53:40:f9:e1:54:c0:24:
cf:52:ce:af:fc:83:3c:b1:7b:e5:eb:25:ba:70:f4:
60:95:a8:6a:ba:34:d3:09:d0:fc:85:24:47:1a:d8:
ac:38:72:c2:5c:5c:f6:c3:5d:5f:d4:ce:5c:b3:77:
29:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:40:70:38:55:B2:DA:D3:37:84:5F:7D:05:CB:1D:9A:89:DF:10:D1
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/lkBwOFWy2tM3hF99BcsdmonfENE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
13:27:39:5f:08:c1:79:d6:ae:3b:33:d3:7b:f1:d0:19:29:c4:
e0:8b:46:63:e8:b0:e7:b3:5e:ed:2f:82:10:ac:74:fc:1c:0e:
1b:b6:09:84:31:cf:53:a4:f7:ba:cb:3e:5d:2d:a1:c9:de:25:
fa:b5:df:45:d9:60:ab:d4:85:4a:3d:a8:f7:97:e3:89:73:69:
bc:53:bf:f3:37:ef:fc:1e:a7:65:11:bd:58:b5:4a:83:3c:cb:
ce:95:ed:32:a1:8b:4a:34:3c:62:d6:a6:00:f0:23:e4:91:c2:
8b:33:98:ed:9c:08:3f:61:7a:c2:57:f3:c7:dd:26:f2:ae:be:
66:6c:79:c2:a3:ed:a1:4f:eb:3b:d9:ff:19:7a:14:0b:da:61:
80:45:e9:95:a0:4f:39:45:de:bf:5b:8b:32:17:76:80:5a:72:
48:37:b1:58:0c:bd:88:61:d4:56:ce:a6:02:bf:2f:9d:77:e5:
af:96:1c:21:1a:e8:3f:f0:1c:16:6c:63:9a:96:ea:9f:e7:18:
67:99:b7:dc:7c:d0:16:c5:31:db:29:ce:64:92:e5:53:48:96:
12:25:91:6f:8a:e0:af:cc:88:a1:06:54:2e:2b:e0:59:ab:b2:
df:83:97:69:82:cf:22:63:5b:a2:a9:66:84:9b:d6:eb:3b:32:
14:8a:17:9c
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYmSJo1f/F/Pj1K96wR2XLEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwNzI2MTIyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQwNzAzODU1YjJkYWQzMzc4NDVmN2QwNWNiMWQ5YTg5ZGYxMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaH48DGtKfN2Z60Jd+/d0KBdfRbi
bFRP9/yAuLPsm8D8YnwWKxR6oYXNmsNtlWyJaE76UL+vqGjCfug39vuHQO5iK8Mt
XawvCEPwTP2pt0wFoYRmtNewHXL1vSh/8qf/DK0bMTu0FohVaGMfg4xZp7CiI1wH
y6DapgsQdl8u+/92afcJXSj7GBfeRjBFOnhFRZJV9297XQbn+IaUfwmqmD9SsavJ
14NStWdbDsi6Z2PE730towRjP9nWH1eYljQvOWkKEav2kYu7Z1NA+eFUwCTPUs6v
/IM8sXvl6yW6cPRglahqujTTCdD8hSRHGtisOHLCXFz2w11f1M5cs3cpmQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFJZAcDhVstrTN4RffQXLHZqJ3xDRMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvbGtCd09GV3kydE0zaEY5OUJjc2Rtb25mRU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBkQQCAAEwgYowDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAMAwDBABeEH0DBABeEH4DBAaQ
0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5UdEDBAK5dGADBAK5
5JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZkgAwFAQCAAIwDgMF
ACoAEcADBQAqAa6gMA0GCSqGSIb3DQEBCwUAA4IBAQATJzlfCMF51q47M9N78dAZ
KcTgi0Zj6LDns17tL4IQrHT8HA4btgmEMc9TpPe6yz5dLaHJ3iX6td9F2WCr1IVK
Paj3l+OJc2m8U7/zN+/8HqdlEb1YtUqDPMvOle0yoYtKNDxi1qYA8CPkkcKLM5jt
nAg/YXrCV/PH3Sbyrr5mbHnCo+2hT+s72f8ZehQL2mGARemVoE85Rd6/W4syF3aA
WnJIN7FYDL2IYdRWzqYCvy+dd+WvlhwhGug/8BwWbGOaluqf5xhnmbfcfNAWxTHb
Kc5kkuVTSJYSJZFviuCvzIihBlQuK+BZq7Lfg5dpgs8iY1uiqWaEm9brOzIUihec
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:51 2024 by rpki-client on console-ams.rpki-client.org