Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/LbYZIknpFVb89eVgElby64WHccw.roa
File: LbYZIknpFVb89eVgElby64WHccw.roa (raw, json)
Hash identifier: NdjZJsVwkqjxqk58TKBMKn/A7HDrJvuXwS9p38xyYPk=
Subject key identifier: 2D:B6:19:22:49:E9:15:56:FC:F5:E5:60:12:56:F2:EB:85:87:71:CC
Certificate issuer: /CN=73e373fee780eeab2a90422d0ad514e084a8d611
Certificate serial: 01946E4E6C3FB941A9803BB8565D4367EF1E
Authority key identifier: 73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/LbYZIknpFVb89eVgElby64WHccw.roa
Signing time: Thu 16 Jan 2025 08:50:20 +0000
ROA not before: Thu 16 Jan 2025 08:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 88.83.96.0/24 maxlen: 24
88.83.104.0/24 maxlen: 24
88.83.106.0/24 maxlen: 24
195.80.1.0/24 maxlen: 24
195.80.2.0/24 maxlen: 24
195.80.5.0/24 maxlen: 24
195.80.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 08:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:4e:6c:3f:b9:41:a9:80:3b:b8:56:5d:43:67:ef:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e373fee780eeab2a90422d0ad514e084a8d611
Validity
Not Before: Jan 16 08:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2db6192249e91556fcf5e5601256f2eb858771cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:75:40:05:a1:a3:1a:1d:55:af:ec:2b:e5:9a:
46:ca:a9:e3:ee:d4:47:8a:a1:e7:bf:64:4d:3f:15:
e9:12:69:04:26:a8:bb:20:57:29:60:78:d5:6b:cc:
e8:16:94:74:55:bb:df:19:14:0c:1b:5b:f1:a6:11:
86:13:2a:4f:6f:b3:5d:1c:96:f3:a1:b0:69:fd:03:
00:51:cc:08:da:53:80:21:1d:2d:d9:09:83:ec:a4:
f0:75:07:b4:9f:9c:7b:54:82:ef:d8:6e:64:1e:1b:
a2:ae:a0:c9:d8:91:b4:4b:96:42:31:e4:76:c7:f4:
87:40:ba:45:98:61:85:2f:5e:1a:4c:06:1f:1d:19:
b0:b0:9f:0a:15:67:7a:a3:96:e4:78:1c:69:82:53:
a4:86:5b:7e:6c:69:05:6f:b8:fb:6b:0e:95:58:a7:
84:ac:bb:3c:59:d1:6f:fd:3e:fe:5c:a0:b9:0b:48:
e4:7f:6b:bc:11:9a:7d:9f:8d:ba:89:94:09:e8:55:
6d:87:42:02:b8:0b:40:bb:63:e1:b0:e8:57:d5:0b:
d2:92:e8:c8:ad:81:99:f3:86:8d:6a:ae:eb:05:5b:
48:73:27:5f:6c:33:38:2c:35:42:9f:0b:3e:a5:f4:
b6:ce:dd:bc:c0:53:a5:de:bc:4f:01:1c:90:3c:ca:
66:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B6:19:22:49:E9:15:56:FC:F5:E5:60:12:56:F2:EB:85:87:71:CC
X509v3 Authority Key Identifier:
keyid:73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/LbYZIknpFVb89eVgElby64WHccw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.83.96.0/24
88.83.104.0/24
88.83.106.0/24
195.80.1.0-195.80.2.255
195.80.5.0-195.80.6.255
Signature Algorithm: sha256WithRSAEncryption
23:75:c0:92:62:96:36:9d:a2:e4:7e:cb:fc:43:34:8c:85:aa:
c0:ce:9d:29:c1:77:f3:35:04:70:b3:61:89:b3:76:e3:46:b0:
03:ba:4f:d0:4a:9b:52:88:2c:ff:c6:af:28:55:ef:4b:3d:eb:
1a:c7:8e:70:b6:cd:4a:2f:60:f9:6d:08:57:64:1c:d6:6c:61:
1e:4b:5e:63:25:71:1b:cb:c2:c7:1c:36:e3:7a:f5:33:31:24:
b5:07:84:ba:45:2b:6c:df:dc:1c:47:19:54:5e:ec:99:32:87:
dd:0a:2d:99:9d:e4:6d:17:db:e1:f4:e1:bd:1f:1e:bd:97:d3:
5c:67:13:70:b7:27:6c:b4:97:c3:f9:87:64:ee:44:83:19:9c:
a2:75:06:35:4c:e7:63:3b:51:77:0b:0d:c0:cf:96:7b:e4:9c:
80:60:eb:ab:76:00:e3:ba:d7:8c:0d:96:8c:52:7a:80:44:dd:
85:78:2c:81:f3:80:66:3e:8b:fd:20:34:0e:cf:44:40:5a:d1:
c6:f2:cf:b3:bb:32:4c:40:f3:f5:94:b3:dc:cb:74:b7:39:07:
33:45:55:00:dd:89:f0:14:f0:7c:3a:fb:ce:d5:f1:92:3e:24:
bc:f3:7f:65:77:e5:88:59:b8:8b:06:a8:be:bf:c1:d4:9d:51:
b1:e3:a9:af
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZRuTmw/uUGpgDu4Vl1DZ+8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTM3M2ZlZTc4MGVlYWIyYTkwNDIyZDBhZDUxNGUwODRh
OGQ2MTEwHhcNMjUwMTE2MDg1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGI2MTkyMjQ5ZTkxNTU2ZmNmNWU1NjAxMjU2ZjJlYjg1ODc3MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3VABaGjGh1Vr+wr5ZpGyqnj7tRH
iqHnv2RNPxXpEmkEJqi7IFcpYHjVa8zoFpR0VbvfGRQMG1vxphGGEypPb7NdHJbz
obBp/QMAUcwI2lOAIR0t2QmD7KTwdQe0n5x7VILv2G5kHhuirqDJ2JG0S5ZCMeR2
x/SHQLpFmGGFL14aTAYfHRmwsJ8KFWd6o5bkeBxpglOkhlt+bGkFb7j7aw6VWKeE
rLs8WdFv/T7+XKC5C0jkf2u8EZp9n426iZQJ6FVth0ICuAtAu2PhsOhX1QvSkujI
rYGZ84aNaq7rBVtIcydfbDM4LDVCnws+pfS2zt28wFOl3rxPARyQPMpmeQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFC22GSJJ6RVW/PXlYBJW8uuFh3HMMB8GA1UdIwQY
MBaAFHPjc/7ngO6rKpBCLQrVFOCEqNYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTIt
MDQxZmQ0YzZmZmQ0LzEvTGJZWklrbnBGVmI4OWVWZ0VsYnk2NFdIY2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTItMDQxZmQ0YzZmZmQ0
LzEvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAWFNgAwQA
WFNoAwQAWFNqMAwDBADDUAEDBADDUAIwDAMEAMNQBQMEAMNQBjANBgkqhkiG9w0B
AQsFAAOCAQEAI3XAkmKWNp2i5H7L/EM0jIWqwM6dKcF38zUEcLNhibN240awA7pP
0EqbUogs/8avKFXvSz3rGseOcLbNSi9g+W0IV2Qc1mxhHkteYyVxG8vCxxw243r1
MzEktQeEukUrbN/cHEcZVF7smTKH3QotmZ3kbRfb4fThvR8evZfTXGcTcLcnbLSX
w/mHZO5EgxmconUGNUznYztRdwsNwM+We+ScgGDrq3YA47rXjA2WjFJ6gETdhXgs
gfOAZj6L/SA0Ds9EQFrRxvLPs7syTEDz9ZSz3Mt0tzkHM0VVAN2J8BTwfDr7ztXx
kj4kvPN/ZXfliFm4iwaovr/B1J1RseOprw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:10:43 2025 by rpki-client