Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/LctshZLT8w6WCG8AJI8mlcxunYU.roa
File: LctshZLT8w6WCG8AJI8mlcxunYU.roa (raw, json)
Hash identifier: qovBzAMJ9Op7irlyKTRi8eIHxi3usppxCrT6lB5intI=
Subject key identifier: 2D:CB:6C:85:92:D3:F3:0E:96:08:6F:00:24:8F:26:95:CC:6E:9D:85
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 01857039B2B963EEC239893BCF9F3EAEA2C0
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/LctshZLT8w6WCG8AJI8mlcxunYU.roa
Signing time: Mon 02 Jan 2023 02:05:07 +0000
ROA not before: Mon 02 Jan 2023 02:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42925
IP address blocks: 37.60.44.0/22 maxlen: 24
37.60.40.0/21 maxlen: 24
37.60.40.0/22 maxlen: 24
213.151.32.0/19 maxlen: 24
213.151.32.0/24 maxlen: 24
147.236.212.0/22 maxlen: 24
213.151.48.0/20 maxlen: 24
95.86.64.0/19 maxlen: 24
164.138.112.0/21 maxlen: 24
164.138.112.0/20 maxlen: 24
164.138.120.0/21 maxlen: 24
95.86.64.0/18 maxlen: 24
185.10.64.0/22 maxlen: 24
212.76.112.0/20 maxlen: 24
31.44.128.0/21 maxlen: 24
31.44.128.0/20 maxlen: 24
31.44.136.0/21 maxlen: 24
95.86.96.0/19 maxlen: 24
212.76.96.0/20 maxlen: 24
212.76.96.0/19 maxlen: 24
2a01:6507::/32 maxlen: 32
2a01:6502:a58::/46 maxlen: 46
2a01:6500::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6500:a040::/46 maxlen: 46
2a01:6505::/32 maxlen: 32
2a01:6500:a044::/46 maxlen: 46
2a01:6502::/32 maxlen: 32
2a01:6502:a54::/46 maxlen: 46
2a01:6500:a058::/46 maxlen: 46
2a01:6503::/32 maxlen: 32
2a01:6500::/29 maxlen: 29
2a01:6500:a050::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6500:a054::/46 maxlen: 46
2a01:6504::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a048::/46 maxlen: 46
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:b2:b9:63:ee:c2:39:89:3b:cf:9f:3e:ae:a2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: Jan 2 02:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dcb6c8592d3f30e96086f00248f2695cc6e9d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:c1:de:54:81:b1:32:a9:9b:1e:93:69:ec:
99:d0:0a:dd:0d:e4:47:a2:a5:3a:a5:72:3b:69:88:
f4:e9:e9:5a:53:1f:c9:95:cc:43:4e:b4:77:88:9f:
a3:ee:ba:74:36:29:11:eb:4c:51:1d:c6:76:e8:8e:
98:9c:ad:10:db:4a:22:e9:99:db:91:ba:4e:89:9a:
20:ac:2c:82:25:63:18:10:d9:a5:be:2b:de:77:f0:
5b:0f:70:98:d3:cd:60:12:61:ce:7c:01:73:d6:51:
5c:e2:a9:46:c3:a9:9c:df:4f:47:ab:39:85:23:c5:
af:20:42:35:d7:d4:c2:8b:a2:c8:3c:c1:8b:48:86:
ef:2c:c8:e8:2f:94:9b:37:c3:8b:67:86:74:6a:f5:
9b:27:71:e7:88:c4:26:99:21:92:cb:e1:1a:de:f3:
fd:3b:36:76:d5:34:bb:be:59:e3:c8:69:a7:b5:1b:
0a:21:16:c4:9d:45:49:74:2f:fc:fd:3c:8b:ac:84:
91:ad:43:68:df:46:12:b4:42:1e:4e:de:2b:25:af:
45:92:4e:b6:13:1d:61:ac:b7:5e:4a:6b:13:35:e4:
0f:b7:bf:09:a2:a2:2f:bd:74:52:05:8d:30:c2:f9:
26:d0:e1:17:dc:31:80:fe:ea:11:21:96:82:48:aa:
71:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CB:6C:85:92:D3:F3:0E:96:08:6F:00:24:8F:26:95:CC:6E:9D:85
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/LctshZLT8w6WCG8AJI8mlcxunYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.212.0/22
164.138.112.0/20
185.10.64.0/22
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
5d:58:47:69:14:c1:af:e8:3a:20:4e:1a:df:df:7c:be:0b:51:
1a:03:77:2e:01:13:b7:a8:e0:a1:35:87:bc:d9:14:ca:2b:e0:
dc:ef:ff:23:f0:75:27:0e:a3:4a:b7:61:37:6b:1e:ca:3c:04:
af:95:51:f4:bc:80:22:33:5a:cc:f7:e4:d9:4e:4a:e2:50:83:
81:29:d9:f2:eb:22:a2:6e:9e:06:4e:c9:b8:4b:08:47:8f:08:
25:6b:c3:f6:a2:31:a5:5c:35:ed:15:b9:68:73:83:63:04:98:
aa:5f:8d:b9:e1:64:c1:5c:dd:5a:4f:1c:07:12:0b:95:36:8c:
a0:7d:7b:1b:56:07:04:c9:28:91:aa:8f:27:a2:99:e2:c3:14:
19:b0:a0:ac:1c:2e:24:2c:a1:35:5e:2e:26:ff:65:d3:5c:ae:
65:13:e0:f9:45:5c:64:24:3c:e8:e6:20:be:de:87:9e:4b:0d:
fd:8d:19:d8:86:77:60:77:82:eb:1f:3a:8e:73:d4:86:42:46:
9d:78:96:76:32:80:81:43:16:d0:b3:7a:ff:f6:19:3f:02:fb:
ab:44:dc:82:5d:c4:14:a1:1c:94:79:53:34:08:49:24:4b:6f:
02:8e:3f:50:3a:0e:2c:4c:4b:66:11:42:d1:70:dd:35:43:be:
bd:bf:d5:45
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVwObK5Y+7COYk7z58+rqLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2QwY2FjZmFmYTJlMGQzMTQ5NWRkOTUwZjc2YWY1Zjk4
YmE1ZDcwHhcNMjMwMTAyMDIwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNiNmM4NTkyZDNmMzBlOTYwODZmMDAyNDhmMjY5NWNjNmU5ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwejB3lSBsTKpmx6TaeyZ0ArdDeRH
oqU6pXI7aYj06elaUx/JlcxDTrR3iJ+j7rp0NikR60xRHcZ26I6YnK0Q20oi6Znb
kbpOiZogrCyCJWMYENmlvived/BbD3CY081gEmHOfAFz1lFc4qlGw6mc309HqzmF
I8WvIEI119TCi6LIPMGLSIbvLMjoL5SbN8OLZ4Z0avWbJ3HniMQmmSGSy+Ea3vP9
OzZ21TS7vlnjyGmntRsKIRbEnUVJdC/8/TyLrISRrUNo30YStEIeTt4rJa9Fkk62
Ex1hrLdeSmsTNeQPt78JoqIvvXRSBY0wwvkm0OEX3DGA/uoRIZaCSKpxPQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFC3LbIWS0/MOlghvACSPJpXMbp2FMB8GA1UdIwQY
MBaAFHzNDKz6+i4NMUld2VD3avX5i6XXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUt
NDM5ZmM4ZjliMzg2LzEvTGN0c2haTFQ4dzZXQ0c4QUpJOG1sY3h1bllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUtNDM5ZmM4ZjliMzg2
LzEvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEHyyAAwQD
JTwoAwQGX1ZAAwQCk+zUAwQEpIpwAwQCuQpAAwQF1ExgAwQF1ZcgMA0EAgACMAcD
BQMqAWUAMA0GCSqGSIb3DQEBCwUAA4IBAQBdWEdpFMGv6DogThrf33y+C1EaA3cu
ARO3qOChNYe82RTKK+Dc7/8j8HUnDqNKt2E3ax7KPASvlVH0vIAiM1rM9+TZTkri
UIOBKdny6yKibp4GTsm4SwhHjwgla8P2ojGlXDXtFbloc4NjBJiqX4254WTBXN1a
TxwHEguVNoygfXsbVgcEySiRqo8nopniwxQZsKCsHC4kLKE1Xi4m/2XTXK5lE+D5
RVxkJDzo5iC+3oeeSw39jRnYhndgd4LrHzqOc9SGQkadeJZ2MoCBQxbQs3r/9hk/
AvurRNyCXcQUoRyUeVM0CEkkS28Cjj9QOg4sTEtmEULRcN01Q769v9VF
-----END CERTIFICATE-----
Generated at Wed Aug 9 08:36:27 2023 by rpki-client on console-fra.rpki-client.org