Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/Lw3-7d483zEO7lZnEuEPRzkN5H0.roa
File: Lw3-7d483zEO7lZnEuEPRzkN5H0.roa (raw, json)
Hash identifier: npZoeAy6h0ghjHe4BqZDumSvBSSJpjIrbsxVB+y9EQA=
Subject key identifier: 2F:0D:FE:ED:DE:3C:DF:31:0E:EE:56:67:12:E1:0F:47:39:0D:E4:7D
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018AC5073065AC93EED5550B5B3D0D668495
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/Lw3-7d483zEO7lZnEuEPRzkN5H0.roa
Signing time: Sun 24 Sep 2023 02:31:37 +0000
ROA not before: Sun 24 Sep 2023 02:31:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50131
IP address blocks: 178.22.30.0/24 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
45.150.226.0/23 maxlen: 32
193.218.200.0/23 maxlen: 32
45.154.212.0/22 maxlen: 32
193.221.94.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.151.132.0/22 maxlen: 32
45.145.74.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c5:07:30:65:ac:93:ee:d5:55:0b:5b:3d:0d:66:84:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Sep 24 02:31:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f0dfeedde3cdf310eee566712e10f47390de47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c5:71:2e:b0:aa:60:0a:e3:5a:f3:0d:6e:e2:
b8:57:08:d3:d4:a9:96:da:d8:c9:ac:fc:1a:3b:74:
9c:03:d0:41:2b:24:0b:9c:30:f7:b4:6d:a8:cc:e0:
63:f8:80:e8:cb:0c:68:59:ac:6a:34:96:98:20:02:
0c:21:4b:0f:70:56:ae:3b:1c:93:2d:df:30:5a:04:
19:05:00:ec:e0:4b:6b:ad:41:dd:c9:66:61:2c:8d:
e3:8f:39:8f:92:fc:26:2b:1d:a0:40:54:a9:43:e5:
aa:29:08:2b:e9:6e:62:16:c4:18:f2:09:4c:61:70:
46:28:6c:c4:f1:5a:e8:69:f0:d1:aa:7a:7a:81:ff:
09:3f:34:00:55:f9:0f:58:bb:92:29:0a:88:ba:6a:
f2:a6:5d:7e:74:f8:94:96:fc:7d:38:8a:40:5d:b1:
40:24:27:c9:81:98:06:bb:51:04:7c:2a:a3:91:0d:
ac:9d:19:e3:4d:68:e3:99:0f:08:b2:7d:3d:b2:29:
08:db:05:cb:75:e4:56:5b:cc:45:96:46:55:d4:6e:
a8:81:d3:82:6f:d2:2e:db:de:6b:9b:cb:12:e2:5a:
36:ca:37:f1:d2:96:47:b7:42:0c:5e:05:2c:36:e2:
ac:c9:dc:62:28:34:97:57:fe:0f:64:5b:08:9e:8b:
b3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:0D:FE:ED:DE:3C:DF:31:0E:EE:56:67:12:E1:0F:47:39:0D:E4:7D
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/Lw3-7d483zEO7lZnEuEPRzkN5H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
178.22.30.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
50:33:b2:42:87:3c:34:78:d7:af:49:47:e1:00:bd:f4:e8:1b:
99:a5:e7:e2:de:82:62:11:69:8e:80:fa:24:60:80:59:14:96:
15:b2:1a:ac:01:f7:ea:c6:2a:0b:ff:48:c6:5f:d9:3c:0e:c0:
62:f5:e2:f1:36:de:ac:a7:86:18:62:76:c5:92:e7:f0:f4:54:
13:8f:65:f0:0c:49:06:7f:39:68:1c:8f:72:09:38:e6:3b:4a:
a4:8f:05:eb:59:3c:4b:64:55:11:b9:1f:64:d1:09:00:dc:b4:
29:7c:33:40:30:ca:51:dc:71:f9:57:fe:9b:64:3f:d2:69:7d:
5f:25:aa:3c:23:04:73:32:46:9d:00:a0:0f:41:46:40:0f:f9:
a9:e3:fc:ed:88:f0:65:93:74:cf:ea:4b:d2:2d:a2:bb:c4:15:
3d:5a:c4:03:07:54:28:ec:0f:23:8a:17:66:66:ac:fc:ef:28:
52:8e:dd:08:c1:46:0c:e9:23:cc:12:ad:99:f0:a9:ef:f5:3b:
f3:a0:6d:c4:54:cf:b1:f2:b7:cf:da:c8:a4:37:64:5c:de:22:
61:ba:8e:4f:b8:ff:50:d5:0f:b7:10:19:5b:a4:24:00:3f:7b:
7e:ca:46:96:d7:8c:bb:90:4c:14:cc:58:5b:a7:d4:29:65:82:
8c:74:df:e0
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYrFBzBlrJPu1VULWz0NZoSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjMwOTI0MDIzMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjBkZmVlZGRlM2NkZjMxMGVlZTU2NjcxMmUxMGY0NzM5MGRlNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMVxLrCqYArjWvMNbuK4VwjT1KmW
2tjJrPwaO3ScA9BBKyQLnDD3tG2ozOBj+IDoywxoWaxqNJaYIAIMIUsPcFauOxyT
Ld8wWgQZBQDs4EtrrUHdyWZhLI3jjzmPkvwmKx2gQFSpQ+WqKQgr6W5iFsQY8glM
YXBGKGzE8VroafDRqnp6gf8JPzQAVfkPWLuSKQqIumrypl1+dPiUlvx9OIpAXbFA
JCfJgZgGu1EEfCqjkQ2snRnjTWjjmQ8Isn09sikI2wXLdeRWW8xFlkZV1G6ogdOC
b9Iu295rm8sS4lo2yjfx0pZHt0IMXgUsNuKsydxiKDSXV/4PZFsInouzNwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFC8N/u3ePN8xDu5WZxLhD0c5DeR9MB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvTHczLTdkNDgzekVPN2xabkV1RVBSemtONUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBWBAIAATBQAwQCLY6cAwQC
LZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQAshYeAwQBwdrIAwQBwd1eAwQB
wnzaAwQBwnzgMAwDBAHCk2IDBAHCk2QwDgQCAAIwCAMGBioO2kBAMA0GCSqGSIb3
DQEBCwUAA4IBAQBQM7JChzw0eNevSUfhAL306BuZpefi3oJiEWmOgPokYIBZFJYV
shqsAffqxioL/0jGX9k8DsBi9eLxNt6sp4YYYnbFkufw9FQTj2XwDEkGfzloHI9y
CTjmO0qkjwXrWTxLZFURuR9k0QkA3LQpfDNAMMpR3HH5V/6bZD/SaX1fJao8IwRz
MkadAKAPQUZAD/mp4/ztiPBlk3TP6kvSLaK7xBU9WsQDB1Qo7A8jihdmZqz87yhS
jt0IwUYM6SPMEq2Z8Knv9TvzoG3EVM+x8rfP2sikN2Rc3iJhuo5PuP9Q1Q+3EBlb
pCQAP3t+ykaW14y7kEwUzFhbp9QpZYKMdN/g
-----END CERTIFICATE-----
Generated at Thu Sep 28 22:14:40 2023 by rpki-client on console-ams.rpki-client.org