Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lBR9jt8vaoChXGiZNYEREHBie-s.roa
File: lBR9jt8vaoChXGiZNYEREHBie-s.roa (raw, json)
Hash identifier: GqsYwCU9L0CrPn8QQgG2tyNCXlVaQMHJy2v6E2Y8gHY=
Subject key identifier: 94:14:7D:8E:DF:2F:6A:80:A1:5C:68:99:35:81:11:10:70:62:7B:EB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F858DF780404EF0C5BD293FC2E71410D3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lBR9jt8vaoChXGiZNYEREHBie-s.roa
Signing time: Fri 17 May 2024 07:57:04 +0000
ROA not before: Fri 17 May 2024 07:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 37.252.27.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
81.168.67.0/24 maxlen: 24
82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.152.12.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.105.0/24 maxlen: 24
82.152.140.0/24 maxlen: 24
82.152.142.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.35.0/24 maxlen: 24
82.153.135.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.159.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.202.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
82.153.226.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.84.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.58.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 07:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:8d:f7:80:40:4e:f0:c5:bd:29:3f:c2:e7:14:10:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 17 07:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94147d8edf2f6a80a15c68993581111070627beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:08:56:4a:de:ab:48:fe:5e:a5:d1:b8:cc:58:
04:8e:8c:ee:bb:36:ef:65:00:24:20:85:d6:b1:43:
2c:f5:23:38:2b:4e:c0:44:1a:d2:02:b3:09:17:d3:
47:b8:c2:c4:c9:99:ad:bc:a2:77:c3:79:4c:84:6f:
b6:c1:0c:32:7d:a6:a4:24:ef:ca:d0:7d:2b:92:ed:
6b:b0:f8:97:7b:06:b1:08:e7:68:30:18:e4:57:43:
d3:8d:39:70:e1:72:7b:53:db:04:db:da:04:86:b1:
f5:4c:f7:40:9f:fc:12:e2:ce:ae:20:77:48:8f:a1:
d5:7b:50:f8:97:bc:df:df:ee:7d:56:06:71:86:94:
a4:2e:c4:e1:28:fb:f1:2f:01:ff:bc:a1:cf:88:08:
62:b1:93:a2:57:df:df:95:d3:0f:45:97:8f:1c:9b:
11:69:0f:e7:6b:d7:52:67:73:d4:e2:4e:4c:7e:17:
f3:2f:2e:d9:c2:c1:54:29:62:fd:c3:e4:77:ce:d9:
86:8d:79:e2:a3:c9:48:d6:fb:af:62:b0:b6:77:52:
9c:5f:eb:4f:41:87:91:4d:26:a2:ca:f3:01:b4:06:
3e:cf:59:e8:f4:a3:c2:0c:a2:fd:65:ad:a5:44:24:
0b:a7:25:0e:8f:a8:a5:0d:2e:40:54:8d:02:89:1c:
16:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:14:7D:8E:DF:2F:6A:80:A1:5C:68:99:35:81:11:10:70:62:7B:EB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lBR9jt8vaoChXGiZNYEREHBie-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
79.99.76.0/24
81.168.50.0/24
81.168.67.0/24
82.152.4.0/23
82.152.12.0/24
82.152.98.0/24
82.152.105.0/24
82.152.140.0/24
82.152.142.0/24
82.153.34.0/23
82.153.135.0/24
82.153.153.0/24
82.153.156.0/24
82.153.159.0/24
82.153.200.0-82.153.202.255
82.153.205.0/24
82.153.207.0/24
82.153.226.0/24
82.163.0.0/24
82.163.15.0/24
109.176.193.0/24
109.176.202.0/24
109.176.244.0/24
212.38.79.0/24
212.38.84.0/24
213.130.150.0/23
213.210.58.0/24
213.210.63.0/24
213.218.211.0/24
213.218.233.0/24
Signature Algorithm: sha256WithRSAEncryption
61:4c:7f:fb:fd:40:c2:31:bb:05:1a:db:d4:7f:b2:52:2d:8a:
4c:ae:c9:eb:40:37:51:ef:6e:71:89:eb:35:40:9e:c2:22:f2:
3d:b3:f3:7d:8c:5b:bc:7b:0b:2b:e6:3a:25:87:10:e9:0a:75:
be:a4:a2:46:f5:85:98:c4:b6:5e:5d:28:6b:c0:82:df:e8:dd:
f6:83:7c:7a:45:a8:1e:4b:2c:1d:44:ec:f4:36:23:c7:04:e2:
19:c4:9b:7c:92:59:fa:4a:a8:bc:a1:4b:b1:db:1e:95:f9:b8:
78:2d:07:1e:fe:42:ed:f7:a0:11:3e:a0:a5:fa:a8:57:fd:e5:
52:c1:7b:11:9f:1d:f8:ea:5f:b8:4b:a0:e8:49:27:9e:3e:a3:
76:02:3c:e3:35:3d:a6:55:76:03:64:eb:83:5a:30:ea:42:cf:
c2:3e:39:f1:7d:81:da:6c:09:c5:73:0a:1e:a1:b4:be:db:3f:
fa:53:fa:43:db:01:f8:8e:da:2e:4a:53:e6:f5:9d:19:f2:72:
1e:d3:15:51:4d:25:3a:31:70:49:09:d4:c6:00:8b:46:f7:c9:
7c:22:98:81:aa:a0:83:fc:21:45:04:9b:fd:4d:70:69:cb:80:
bc:28:fe:46:0b:62:1f:6b:b6:c7:10:9c:23:e0:c7:12:16:79:
24:e5:e6:50
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY+FjfeAQE7wxb0pP8LnFBDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE3MDc1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE0N2Q4ZWRmMmY2YTgwYTE1YzY4OTkzNTgxMTExMDcwNjI3YmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQhWSt6rSP5epdG4zFgEjozuuzbv
ZQAkIIXWsUMs9SM4K07ARBrSArMJF9NHuMLEyZmtvKJ3w3lMhG+2wQwyfaakJO/K
0H0rku1rsPiXewaxCOdoMBjkV0PTjTlw4XJ7U9sE29oEhrH1TPdAn/wS4s6uIHdI
j6HVe1D4l7zf3+59VgZxhpSkLsThKPvxLwH/vKHPiAhisZOiV9/fldMPRZePHJsR
aQ/na9dSZ3PU4k5MfhfzLy7ZwsFUKWL9w+R3ztmGjXnio8lI1vuvYrC2d1KcX+tP
QYeRTSaiyvMBtAY+z1no9KPCDKL9Za2lRCQLpyUOj6ilDS5AVI0CiRwWEQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFJQUfY7fL2qAoVxomTWBERBwYnvrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbEJSOWp0OHZhb0NoWEdpWk5ZRVJFSEJpZS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAAl
/BsDBABPY0wDBABRqDIDBABRqEMDBAFSmAQDBABSmAwDBABSmGIDBABSmGkDBABS
mIwDBABSmI4DBAFSmSIDBABSmYcDBABSmZkDBABSmZwDBABSmZ8wDAMEA1KZyAME
AFKZygMEAFKZzQMEAFKZzwMEAFKZ4gMEAFKjAAMEAFKjDwMEAG2wwQMEAG2wygME
AG2w9AMEANQmTwMEANQmVAMEAdWClgMEANXSOgMEANXSPwMEANXa0wMEANXa6TAN
BgkqhkiG9w0BAQsFAAOCAQEAYUx/+/1AwjG7BRrb1H+yUi2KTK7J60A3Ue9ucYnr
NUCewiLyPbPzfYxbvHsLK+Y6JYcQ6Qp1vqSiRvWFmMS2Xl0oa8CC3+jd9oN8ekWo
HkssHUTs9DYjxwTiGcSbfJJZ+kqovKFLsdselfm4eC0HHv5C7fegET6gpfqoV/3l
UsF7EZ8d+OpfuEug6Eknnj6jdgI84zU9plV2A2Trg1ow6kLPwj458X2B2mwJxXMK
HqG0vts/+lP6Q9sB+I7aLkpT5vWdGfJyHtMVUU0lOjFwSQnUxgCLRvfJfCKYgaqg
g/whRQSb/U1wacuAvCj+RgtiH2u2xxCcI+DHEhZ5JOXmUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org