Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/LhFZ9hkguNalBweLXC9O-bSSIRk.roa
File: LhFZ9hkguNalBweLXC9O-bSSIRk.roa (raw, json)
Hash identifier: qxcjCVAkYebkwMs6ujn9AP3pigxGM3ym71hOfUu8Llk=
Subject key identifier: 2E:11:59:F6:19:20:B8:D6:A5:07:07:8B:5C:2F:4E:F9:B4:92:21:19
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0186A86C6282B6BC953CCBD0864BB7983F12
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/LhFZ9hkguNalBweLXC9O-bSSIRk.roa
Signing time: Fri 03 Mar 2023 17:02:00 +0000
ROA not before: Fri 03 Mar 2023 17:02:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 185.177.238.0/24 maxlen: 24
185.112.59.0/24 maxlen: 24
185.58.114.0/24 maxlen: 24
185.111.25.0/24 maxlen: 24
185.24.109.0/24 maxlen: 24
185.97.79.0/24 maxlen: 24
77.83.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Mar 2023 17:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a8:6c:62:82:b6:bc:95:3c:cb:d0:86:4b:b7:98:3f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Mar 3 17:02:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e1159f61920b8d6a507078b5c2f4ef9b4922119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5c:b6:8d:a6:22:cb:8d:9b:ff:0b:b5:9b:b3:
af:0e:8d:a4:02:25:2b:4e:de:b8:0e:74:17:bf:6e:
01:de:d0:cc:d1:de:02:cc:20:94:17:2d:e4:f7:ab:
df:36:50:11:33:65:1c:1c:46:c2:af:08:de:cb:19:
8c:65:2b:26:a1:a1:15:f9:3d:73:50:c7:b9:61:46:
fe:f3:1b:c4:ea:2c:bb:93:f1:ff:c1:93:8a:be:10:
cd:94:f6:8d:52:47:37:d8:e7:52:94:36:1b:ea:fe:
80:d4:af:d2:68:06:e1:2f:ea:24:cf:18:30:42:b9:
de:e4:e3:d0:83:67:4a:57:3d:08:da:52:62:ca:b3:
7d:48:15:ab:28:5f:91:f7:37:de:d4:7f:23:c8:62:
08:31:fa:50:cb:05:ef:07:a8:07:9f:9c:8f:b0:c0:
69:1c:97:4a:ed:08:9c:2b:e2:9b:ca:4d:35:c0:93:
5e:1a:e5:d9:6d:4e:6b:3d:8e:74:6a:37:f7:ab:4a:
9f:66:1a:5c:1e:cb:c4:aa:33:3d:f7:f7:d0:e8:5a:
1c:0d:4e:ae:88:2a:40:a7:c3:df:ef:ce:b4:ee:72:
a3:a2:94:3a:10:b0:3d:38:7c:4a:3f:0b:c6:11:ec:
3a:7f:fc:77:02:ca:e0:3b:53:69:e1:f2:1d:1f:be:
ba:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:11:59:F6:19:20:B8:D6:A5:07:07:8B:5C:2F:4E:F9:B4:92:21:19
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/LhFZ9hkguNalBweLXC9O-bSSIRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.245.0/24
185.24.109.0/24
185.58.114.0/24
185.97.79.0/24
185.111.25.0/24
185.112.59.0/24
185.177.238.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:7f:4c:d6:27:22:9a:45:57:a9:44:04:37:ba:5b:4e:cf:b0:
a3:3a:35:35:51:b6:49:9f:f9:da:2f:b3:bc:b8:f3:99:c6:9f:
90:06:c3:5b:4e:78:0b:a6:19:31:76:ec:c6:69:18:17:55:b0:
b7:97:e6:9a:1a:1f:f0:64:39:7d:67:3e:52:9f:e6:3a:79:10:
11:d6:37:91:9b:4e:b0:3a:74:37:a5:34:d6:db:e4:e7:b0:61:
75:d4:f6:0d:71:43:53:6b:f5:9b:c1:be:a9:8b:45:6a:29:cf:
b6:35:ee:2b:a3:2f:ce:af:0e:29:62:3d:17:2a:59:c7:0a:6b:
b0:69:6b:c0:05:d1:4f:a4:74:a7:3e:07:9e:11:19:c4:3a:ed:
70:2e:be:94:7d:81:32:34:2e:99:f3:df:ad:26:68:e4:d9:e8:
5a:96:81:29:7f:3f:17:f1:a0:98:d5:b1:13:f2:57:97:dc:5d:
96:a9:2f:07:0c:ea:ca:b8:f9:47:64:92:b4:69:1e:71:d4:41:
d4:05:8f:9a:9a:01:6b:90:f5:59:3d:a1:0c:a0:1d:8a:8b:f4:
99:c3:1c:a4:bc:9a:38:50:e9:c1:51:ba:e9:2c:cd:37:68:da:
08:39:60:4b:8c:3f:42:3e:f7:5f:6f:46:73:67:36:d8:e2:70:
cb:47:09:1e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYaobGKCtryVPMvQhku3mD8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMzAzMTcwMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTExNTlmNjE5MjBiOGQ2YTUwNzA3OGI1YzJmNGVmOWI0OTIyMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtly2jaYiy42b/wu1m7OvDo2kAiUr
Tt64DnQXv24B3tDM0d4CzCCUFy3k96vfNlARM2UcHEbCrwjeyxmMZSsmoaEV+T1z
UMe5YUb+8xvE6iy7k/H/wZOKvhDNlPaNUkc32OdSlDYb6v6A1K/SaAbhL+okzxgw
Qrne5OPQg2dKVz0I2lJiyrN9SBWrKF+R9zfe1H8jyGIIMfpQywXvB6gHn5yPsMBp
HJdK7QicK+Kbyk01wJNeGuXZbU5rPY50ajf3q0qfZhpcHsvEqjM99/fQ6FocDU6u
iCpAp8Pf78607nKjopQ6ELA9OHxKPwvGEew6f/x3AsrgO1Np4fIdH766zwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC4RWfYZILjWpQcHi1wvTvm0kiEZMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvTGhGWjloa2d1TmFsQndlTFhDOU8tYlNTSVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATVP1AwQA
uRhtAwQAuTpyAwQAuWFPAwQAuW8ZAwQAuXA7AwQAubHuMA0GCSqGSIb3DQEBCwUA
A4IBAQAMf0zWJyKaRVepRAQ3ultOz7CjOjU1UbZJn/naL7O8uPOZxp+QBsNbTngL
phkxduzGaRgXVbC3l+aaGh/wZDl9Zz5Sn+Y6eRAR1jeRm06wOnQ3pTTW2+TnsGF1
1PYNcUNTa/Wbwb6pi0VqKc+2Ne4roy/Orw4pYj0XKlnHCmuwaWvABdFPpHSnPgee
ERnEOu1wLr6UfYEyNC6Z89+tJmjk2ehaloEpfz8X8aCY1bET8leX3F2WqS8HDOrK
uPlHZJK0aR5x1EHUBY+amgFrkPVZPaEMoB2Ki/SZwxykvJo4UOnBUbrpLM03aNoI
OWBLjD9CPvdfb0ZzZzbY4nDLRwke
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org