Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/lxhAMCN7Tc6JBW6qOGZ5IPbFy1o.roa
File: lxhAMCN7Tc6JBW6qOGZ5IPbFy1o.roa (raw, json)
Hash identifier: tu9kaFd5b3eLXxp+nUchkH3iLsP6nGZK3xQFLUBlfHQ=
Subject key identifier: 97:18:40:30:23:7B:4D:CE:89:05:6E:AA:38:66:79:20:F6:C5:CB:5A
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 01885D8CBD6FE278C17E36F08994F7232CAC
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/lxhAMCN7Tc6JBW6qOGZ5IPbFy1o.roa
Signing time: Sat 27 May 2023 14:11:24 +0000
ROA not before: Sat 27 May 2023 14:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.133.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
185.187.239.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.12.205.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
185.126.139.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
45.144.240.0/24 maxlen: 24
45.144.241.0/24 maxlen: 24
185.160.25.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.119.0/24 maxlen: 24
5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
185.120.19.0/24 maxlen: 24
152.89.208.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
2a0c:8a40:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Jun 2023 16:28:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5d:8c:bd:6f:e2:78:c1:7e:36:f0:89:94:f7:23:2c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 27 14:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97184030237b4dce89056eaa38667920f6c5cb5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1f:66:9e:80:fa:20:a3:ec:e9:97:fa:82:6f:
be:c1:7a:3b:2b:93:19:17:46:b6:19:22:66:ac:f1:
ef:5b:3a:4b:38:da:f4:0e:a6:65:bb:8b:78:46:67:
75:36:90:ea:a1:27:58:fa:fd:91:d2:f5:5a:15:9c:
2a:68:5a:44:a4:b5:38:f3:5d:2a:47:12:49:88:69:
73:5f:9f:df:aa:64:28:65:a9:d1:8b:7b:98:b5:3e:
a1:bc:6f:b0:af:0b:38:41:1e:bd:8d:93:a4:bd:a2:
76:63:6b:c0:d1:f7:71:87:98:4a:7b:68:d8:e8:ab:
a2:93:b5:bb:c3:92:a1:1c:f4:86:5b:a5:b2:9b:dc:
a6:46:16:f6:bd:59:42:74:0c:05:77:a5:2e:f5:c4:
90:0e:80:0a:e1:b7:43:78:44:27:e2:67:57:92:56:
d7:16:73:1e:14:d7:86:68:0e:8e:91:b7:53:a6:40:
ac:b0:e5:00:1e:2e:21:df:df:bf:39:92:d3:fa:bb:
fd:82:b0:8f:53:e0:c6:f9:a5:6e:1f:c1:b2:b0:f2:
06:a7:8a:ca:c3:36:09:86:57:67:f6:a9:88:d5:93:
93:13:1e:06:d6:1a:b8:db:01:dc:23:9c:a1:81:48:
4e:71:20:01:20:59:c0:e7:f1:36:38:72:d5:23:56:
98:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:18:40:30:23:7B:4D:CE:89:05:6E:AA:38:66:79:20:F6:C5:CB:5A
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/lxhAMCN7Tc6JBW6qOGZ5IPbFy1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/23
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
45.144.240.0/23
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.208.0/23
185.105.189.0-185.105.190.255
185.120.18.0/23
185.126.69.0-185.126.71.255
185.126.118.0/23
185.126.138.0/23
185.159.68.0-185.159.70.255
185.160.25.0/24
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.239.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
IPv6:
2a0c:8a40:1::/48
Signature Algorithm: sha256WithRSAEncryption
11:d0:72:99:01:85:40:aa:74:f1:a3:7f:34:e0:77:c7:b1:d1:
4c:0e:f8:f0:10:63:9c:72:06:c9:69:8f:b2:3e:47:5a:8e:da:
b7:c6:90:f1:4c:ae:5e:ff:7c:6e:1c:e1:52:91:1a:1e:26:4a:
65:dd:86:97:d9:4a:39:e7:77:1a:75:5c:c8:7a:49:03:d1:73:
a5:71:7e:8c:78:da:9c:90:dc:2b:31:45:56:e3:66:71:2d:75:
83:33:bc:0e:49:2b:8c:08:03:54:a5:16:15:9b:2b:54:36:13:
51:5e:e5:03:d4:29:e4:85:4e:81:fb:87:e1:84:00:8d:73:f7:
0b:5a:07:9d:84:60:7f:03:98:cb:2e:51:e1:5f:2e:44:8d:92:
12:60:d2:6e:cb:6f:0e:27:03:a9:38:e4:54:e1:48:25:4a:9f:
58:3b:0c:54:93:d7:8f:ed:1d:97:ca:99:af:96:5e:ba:4f:95:
cc:38:0d:b9:c9:e9:fd:63:3b:98:a8:29:4d:60:6f:7d:fb:a4:
01:b8:a9:e3:93:95:d1:36:3f:ab:f1:82:dd:d4:fc:a0:c9:03:
e2:01:c2:a3:45:5d:cb:16:55:77:fd:d6:61:20:da:b1:dd:a6:
e5:9d:98:44:c1:f1:b0:77:a5:1e:b3:28:4f:db:c9:aa:ff:a4:
b0:0a:0c:9d
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYhdjL1v4njBfjbwiZT3IyysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNTI3MTQxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE4NDAzMDIzN2I0ZGNlODkwNTZlYWEzODY2NzkyMGY2YzVjYjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR9mnoD6IKPs6Zf6gm++wXo7K5MZ
F0a2GSJmrPHvWzpLONr0DqZlu4t4Rmd1NpDqoSdY+v2R0vVaFZwqaFpEpLU4810q
RxJJiGlzX5/fqmQoZanRi3uYtT6hvG+wrws4QR69jZOkvaJ2Y2vA0fdxh5hKe2jY
6Kuik7W7w5KhHPSGW6Wym9ymRhb2vVlCdAwFd6Uu9cSQDoAK4bdDeEQn4mdXklbX
FnMeFNeGaA6OkbdTpkCssOUAHi4h39+/OZLT+rv9grCPU+DG+aVuH8GysPIGp4rK
wzYJhldn9qmI1ZOTEx4G1hq42wHcI5yhgUhOcSABIFnA5/E2OHLVI1aYhwIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFJcYQDAje03OiQVuqjhmeSD2xctaMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvbHhoQU1DTjdUYzZKQlc2cU9HWjVJUGJGeTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAEtkPADBABR
Wr8DBAFb2XgDBACTTg8DBAGYWdAwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA8EAgACMAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBABHQcpkB
hUCqdPGjfzTgd8ex0UwO+PAQY5xyBslpj7I+R1qO2rfGkPFMrl7/fG4c4VKRGh4m
SmXdhpfZSjnndxp1XMh6SQPRc6Vxfox42pyQ3CsxRVbjZnEtdYMzvA5JK4wIA1Sl
FhWbK1Q2E1Fe5QPUKeSFToH7h+GEAI1z9wtaB52EYH8DmMsuUeFfLkSNkhJg0m7L
bw4nA6k45FThSCVKn1g7DFST14/tHZfKma+WXrpPlcw4DbnJ6f1jO5ioKU1gb337
pAG4qeOTldE2P6vxgt3U/KDJA+IBwqNFXcsWVXf91mEg2rHdpuWdmETB8bB3pR6z
KE/byar/pLAKDJ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org