Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/lFLQTaEHbcXb8mzkOfsRiOLqf7o.roa
File: lFLQTaEHbcXb8mzkOfsRiOLqf7o.roa (raw, json)
Hash identifier: ISYsiZyj1CVW+OkZm/WBMl0UCw7DXIrNfpFU8xYJjqg=
Subject key identifier: 94:52:D0:4D:A1:07:6D:C5:DB:F2:6C:E4:39:FB:11:88:E2:EA:7F:BA
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 019257AC16D58F316B87565964D710C9C76A
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/lFLQTaEHbcXb8mzkOfsRiOLqf7o.roa
Signing time: Fri 04 Oct 2024 13:15:48 +0000
ROA not before: Fri 04 Oct 2024 13:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 23
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 23
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 24
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0::/48 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
2a02:45c0:20::/48 maxlen: 48
2a02:45c0:fffe::/48 maxlen: 48
2a02:45c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 10 Oct 2024 15:51:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:57:ac:16:d5:8f:31:6b:87:56:59:64:d7:10:c9:c7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Oct 4 13:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9452d04da1076dc5dbf26ce439fb1188e2ea7fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cf:00:59:ca:c7:30:91:68:96:7d:d1:7e:e7:
9e:54:7f:3b:43:50:d8:11:50:4c:9a:73:5b:47:ab:
a6:f8:77:ff:5c:ec:33:d2:36:84:6b:b2:f7:b2:26:
0f:06:d5:3b:83:93:12:44:47:87:73:89:f7:b2:b5:
70:67:00:1c:27:30:ac:83:40:64:c2:3a:4e:23:7a:
1e:b0:d6:3e:c3:16:2d:f1:72:70:c7:b2:c9:43:e0:
4e:9d:29:81:5d:b2:0d:e9:9e:2a:73:fe:da:f2:6c:
34:d2:7e:d8:be:28:c6:5b:26:e9:d6:e1:60:97:82:
b2:c1:5c:85:01:25:83:03:43:b5:2c:fc:02:56:84:
e9:03:0f:dc:37:6f:51:54:79:d9:70:5e:55:fe:07:
6c:62:c6:c3:41:3e:a8:31:01:b0:5b:83:49:f5:98:
3f:11:bb:fe:ac:90:31:c4:4e:f8:1c:30:85:7b:27:
55:37:65:25:8a:b9:96:38:bd:8f:6d:63:a6:ac:39:
56:d0:75:70:14:55:ef:d8:f0:af:5f:8f:bc:5f:10:
fa:fc:16:6f:f7:7f:3c:15:96:a1:79:60:94:83:ac:
d4:4c:25:65:e4:05:37:2e:54:f3:fc:b1:97:33:cc:
11:23:77:b1:81:ac:bd:83:f2:8d:d5:82:5d:b5:e7:
60:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:52:D0:4D:A1:07:6D:C5:DB:F2:6C:E4:39:FB:11:88:E2:EA:7F:BA
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/lFLQTaEHbcXb8mzkOfsRiOLqf7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
69:e8:5e:34:b3:6a:bf:18:7e:65:4c:e2:1f:4d:63:54:b4:9e:
8a:f5:a3:f3:dd:12:b9:93:c4:8b:a1:4f:a2:b0:0c:37:e1:8b:
7d:82:f8:c7:a5:dc:ea:12:71:f0:41:77:94:13:f1:96:5a:07:
bd:95:c5:c7:13:56:83:e9:0d:b2:dd:9f:99:65:09:4e:ac:a9:
e4:e1:f5:7c:62:ae:66:e8:6e:f1:ae:c7:c5:4a:04:b6:ae:2d:
e3:ae:65:4f:e8:c4:e4:07:32:0d:06:00:ee:92:71:e2:bd:81:
52:90:cf:0e:c5:c8:d4:96:52:a6:1d:f9:74:dd:45:93:cd:b2:
ee:45:b6:79:8f:6d:ee:78:ff:66:4a:2a:1a:60:9f:7f:d9:b0:
4e:fd:27:2b:b2:1d:9b:f2:3d:98:17:f6:e0:92:0b:dc:d1:9e:
a6:d4:30:d8:68:37:ba:73:15:4a:66:a4:c4:15:bd:11:46:32:
c1:a2:7f:7d:ae:0e:dd:c6:76:a1:5f:fd:8c:23:78:a6:b8:bc:
1d:11:11:8d:d4:94:18:d3:1b:6f:18:ca:b6:8f:9d:8d:1d:44:
25:4b:e4:1c:3a:1c:50:70:eb:81:e3:c0:0f:10:9f:7f:c7:fd:
12:3a:ad:73:23:29:21:77:58:97:50:a6:8a:05:b1:6a:97:05:
d1:2d:9e:58
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZJXrBbVjzFrh1ZZZNcQycdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjQxMDA0MTMxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUyZDA0ZGExMDc2ZGM1ZGJmMjZjZTQzOWZiMTE4OGUyZWE3ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc8AWcrHMJFoln3RfueeVH87Q1DY
EVBMmnNbR6um+Hf/XOwz0jaEa7L3siYPBtU7g5MSREeHc4n3srVwZwAcJzCsg0Bk
wjpOI3oesNY+wxYt8XJwx7LJQ+BOnSmBXbIN6Z4qc/7a8mw00n7YvijGWybp1uFg
l4KywVyFASWDA0O1LPwCVoTpAw/cN29RVHnZcF5V/gdsYsbDQT6oMQGwW4NJ9Zg/
Ebv+rJAxxE74HDCFeydVN2UlirmWOL2PbWOmrDlW0HVwFFXv2PCvX4+8XxD6/BZv
9388FZaheWCUg6zUTCVl5AU3LlTz/LGXM8wRI3exgay9g/KN1YJdtedgXQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFJRS0E2hB23F2/Js5Dn7EYji6n+6MB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvbEZMUVRhRUhiY1hiOG16a09mc1JpT0xxZjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAaeheNLNqvxh+ZUziH01jVLSeivWj890SuZPEi6FP
orAMN+GLfYL4x6Xc6hJx8EF3lBPxlloHvZXFxxNWg+kNst2fmWUJTqyp5OH1fGKu
Zuhu8a7HxUoEtq4t465lT+jE5AcyDQYA7pJx4r2BUpDPDsXI1JZSph35dN1Fk82y
7kW2eY9t7nj/ZkoqGmCff9mwTv0nK7Idm/I9mBf24JIL3NGeptQw2Gg3unMVSmak
xBW9EUYywaJ/fa4O3cZ2oV/9jCN4pri8HRERjdSUGNMbbxjKto+djR1EJUvkHDoc
UHDrgePADxCff8f9EjqtcyMpIXdYl1CmigWxapcF0S2eWA==
-----END CERTIFICATE-----
Generated at Thu Oct 10 19:31:45 2024 by rpki-client on console-fra.rpki-client.org