Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/luC_FeML3X8MjTwRfCSVkmAKDd8.roa
File: luC_FeML3X8MjTwRfCSVkmAKDd8.roa (raw, json)
Hash identifier: spEdDRWdrFFG7dn5WJktakHvHP5TuO9tvppgqen03U0=
Subject key identifier: 96:E0:BF:15:E3:0B:DD:7F:0C:8D:3C:11:7C:24:95:92:60:0A:0D:DF
Certificate issuer: /CN=0d814a5f08fb47711d7160b027f996dfb612f045
Certificate serial: 01857002882D8CC44117E7DECDD35AD36427
Authority key identifier: 0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/luC_FeML3X8MjTwRfCSVkmAKDd8.roa
Signing time: Mon 02 Jan 2023 01:04:52 +0000
ROA not before: Mon 02 Jan 2023 01:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35132
IP address blocks: 178.249.120.0/21 maxlen: 21
185.243.176.0/22 maxlen: 22
217.149.112.0/20 maxlen: 20
185.186.132.0/22 maxlen: 22
109.122.48.0/21 maxlen: 21
62.50.160.0/19 maxlen: 19
185.141.156.0/22 maxlen: 22
185.214.16.0/22 maxlen: 22
37.32.48.0/21 maxlen: 21
89.20.224.0/19 maxlen: 19
93.89.32.0/20 maxlen: 20
185.197.220.0/22 maxlen: 22
95.111.160.0/19 maxlen: 19
2a02:1660::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Nov 2023 09:45:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:88:2d:8c:c4:41:17:e7:de:cd:d3:5a:d3:64:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d814a5f08fb47711d7160b027f996dfb612f045
Validity
Not Before: Jan 2 01:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96e0bf15e30bdd7f0c8d3c117c249592600a0ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ae:1f:ed:e7:ef:3a:4f:52:a7:69:15:89:37:
21:78:55:59:51:51:6f:84:89:03:38:c6:7e:a6:00:
c2:3d:20:2b:65:f8:a0:3e:86:79:df:0e:02:e4:f0:
3b:01:e4:16:de:e3:c7:86:cb:17:e3:95:57:8f:5e:
21:7b:4a:58:f1:ca:94:8d:89:04:2c:4b:39:67:4f:
b2:c2:23:f7:16:6a:b6:94:e9:04:3e:e6:39:de:e1:
08:ca:e4:3a:a0:0c:65:67:2e:3d:74:03:df:ed:75:
51:e7:df:91:81:01:c6:25:3b:9a:92:c1:c0:f5:ab:
fc:05:79:e9:41:a5:44:80:ee:b8:24:97:82:2b:43:
28:56:5a:4e:f4:66:68:90:8c:c2:74:5a:64:71:74:
46:34:81:a6:53:5d:b0:6a:a6:3d:58:14:f4:e6:cd:
11:40:0b:88:eb:e8:9a:1f:da:9d:ef:9c:cd:ec:5c:
f8:b0:8f:a5:be:19:d8:fb:79:61:70:1d:08:b3:82:
cf:ca:c7:2a:ce:08:4c:15:56:99:3a:0e:5f:3e:0a:
53:48:25:98:2b:c0:45:61:1b:08:e9:38:9e:16:67:
ab:92:99:c6:ae:a5:24:7b:99:7f:51:49:c3:62:bd:
22:b2:16:95:14:9d:96:98:d2:db:5c:49:c2:eb:9e:
d6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E0:BF:15:E3:0B:DD:7F:0C:8D:3C:11:7C:24:95:92:60:0A:0D:DF
X509v3 Authority Key Identifier:
keyid:0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/luC_FeML3X8MjTwRfCSVkmAKDd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.48.0/21
62.50.160.0/19
89.20.224.0/19
93.89.32.0/20
95.111.160.0/19
109.122.48.0/21
178.249.120.0/21
185.141.156.0/22
185.186.132.0/22
185.197.220.0/22
185.214.16.0/22
185.243.176.0/22
217.149.112.0/20
IPv6:
2a02:1660::/32
Signature Algorithm: sha256WithRSAEncryption
89:db:5a:dc:64:8e:fd:ac:8e:dd:25:8d:87:3a:67:c6:c1:06:
3b:36:66:8b:ea:75:a6:39:be:8e:23:13:52:9b:06:28:1f:6d:
25:27:cb:aa:60:ad:b2:9c:7c:2d:40:8e:fd:0e:e3:32:5f:c0:
4e:54:5b:ba:4d:ab:2e:6f:bd:c1:ae:7d:4c:46:99:75:12:88:
82:5b:82:83:47:89:a5:83:d2:67:5d:ec:49:cd:56:65:f5:d1:
ec:22:c5:8d:53:f2:09:6c:a3:5a:39:3b:21:eb:f6:1d:da:8c:
ed:91:94:09:15:66:c3:ae:15:0c:cf:2f:c7:48:50:7a:f6:77:
84:c4:92:ee:48:ff:0c:85:17:a7:16:dd:ed:23:a6:cd:01:b9:
01:f2:a8:d5:73:2f:bc:8d:23:b1:f9:ad:4c:30:00:44:58:cd:
44:bf:c4:30:fe:7d:0b:14:2c:4d:55:66:f7:4a:90:6b:1f:33:
ee:9c:b4:80:6a:ab:5a:02:25:8c:47:40:ec:30:b3:a7:dd:f2:
d8:73:ce:42:5e:82:d1:21:07:a9:50:48:7d:17:d6:28:af:d0:
b4:c0:2c:a9:d8:90:9c:84:7f:11:0c:23:57:1b:b2:fb:c5:ad:
8b:23:18:02:8f:87:b6:f7:1a:ec:74:bb:13:fa:5c:5b:6d:81:
d8:b8:64:b9
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYVwAogtjMRBF+fezdNa02QnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODE0YTVmMDhmYjQ3NzExZDcxNjBiMDI3Zjk5NmRmYjYx
MmYwNDUwHhcNMjMwMTAyMDEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmUwYmYxNWUzMGJkZDdmMGM4ZDNjMTE3YzI0OTU5MjYwMGEwZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn64f7efvOk9Sp2kViTcheFVZUVFv
hIkDOMZ+pgDCPSArZfigPoZ53w4C5PA7AeQW3uPHhssX45VXj14he0pY8cqUjYkE
LEs5Z0+ywiP3Fmq2lOkEPuY53uEIyuQ6oAxlZy49dAPf7XVR59+RgQHGJTuaksHA
9av8BXnpQaVEgO64JJeCK0MoVlpO9GZokIzCdFpkcXRGNIGmU12waqY9WBT05s0R
QAuI6+iaH9qd75zN7Fz4sI+lvhnY+3lhcB0Is4LPyscqzghMFVaZOg5fPgpTSCWY
K8BFYRsI6TieFmerkpnGrqUke5l/UUnDYr0ishaVFJ2WmNLbXEnC657WPwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFJbgvxXjC91/DI08EXwklZJgCg3fMB8GA1UdIwQY
MBaAFA2BSl8I+0dxHXFgsCf5lt+2EvBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYt
Y2U3OTg1YjU2MDkzLzEvbHVDX0ZlTUwzWDhNalR3UmZDU1ZrbUFLRGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYtY2U3OTg1YjU2MDkz
LzEvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDJSAwAwQF
PjKgAwQFWRTgAwQEXVkgAwQFX2+gAwQDbXowAwQDsvl4AwQCuY2cAwQCubqEAwQC
ucXcAwQCudYQAwQCufOwAwQE2ZVwMA0EAgACMAcDBQAqAhZgMA0GCSqGSIb3DQEB
CwUAA4IBAQCJ21rcZI79rI7dJY2HOmfGwQY7NmaL6nWmOb6OIxNSmwYoH20lJ8uq
YK2ynHwtQI79DuMyX8BOVFu6Tasub73Brn1MRpl1EoiCW4KDR4mlg9JnXexJzVZl
9dHsIsWNU/IJbKNaOTsh6/Yd2oztkZQJFWbDrhUMzy/HSFB69neExJLuSP8MhRen
Ft3tI6bNAbkB8qjVcy+8jSOx+a1MMABEWM1Ev8Qw/n0LFCxNVWb3SpBrHzPunLSA
aqtaAiWMR0DsMLOn3fLYc85CXoLRIQepUEh9F9Yor9C0wCyp2JCchH8RDCNXG7L7
xa2LIxgCj4e29xrsdLsT+lxbbYHYuGS5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:49 2024 by rpki-client on console-ams.rpki-client.org