Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/LA3M6vYJjsm8w89qd-aKYHnMVDI.roa
File: LA3M6vYJjsm8w89qd-aKYHnMVDI.roa (raw, json)
Hash identifier: +gli0Zvk9bNHfq/QspqKcI22SdTDDj0K/8cQOottk5w=
Subject key identifier: 2C:0D:CC:EA:F6:09:8E:C9:BC:C3:CF:6A:77:E6:8A:60:79:CC:54:32
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018CF34390F829AB2DE9ED569FEBBB348230
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/LA3M6vYJjsm8w89qd-aKYHnMVDI.roa
Signing time: Wed 10 Jan 2024 12:05:40 +0000
ROA not before: Wed 10 Jan 2024 12:05:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Mar 2024 12:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:43:90:f8:29:ab:2d:e9:ed:56:9f:eb:bb:34:82:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 10 12:05:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c0dcceaf6098ec9bcc3cf6a77e68a6079cc5432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ac:60:d6:d2:66:a0:b1:06:03:19:b3:5d:36:
f1:8e:8a:66:3a:eb:de:63:e5:0d:a9:fb:37:bf:26:
a8:61:7b:8d:92:3f:ff:e9:24:77:f7:7c:bb:fb:fd:
6d:d7:31:11:23:98:eb:18:81:09:2f:be:34:b3:e1:
32:3d:9a:77:8d:15:29:6a:77:c4:7b:d7:b7:4e:07:
f0:55:75:9c:28:e5:0b:66:48:6c:75:b6:d8:3a:94:
c6:9f:5e:5a:d8:88:ea:c9:66:3a:e1:37:3a:54:92:
e7:56:5d:11:55:42:af:1e:83:71:58:c3:f9:08:a0:
23:15:3e:5d:80:cc:8c:d0:d3:59:c4:1a:2a:ad:f7:
8c:18:25:da:52:42:08:87:ee:68:43:50:52:92:4f:
ff:ec:6d:66:37:7f:78:65:a6:b0:03:7d:4c:cd:68:
4b:64:05:07:6b:39:00:d8:29:e4:97:5c:aa:ab:a4:
b4:81:f5:7d:f3:ff:03:3e:9b:02:b1:ad:29:d3:7a:
56:6c:c6:cd:29:ee:69:68:98:f8:8e:29:8f:aa:00:
1f:32:05:2c:8a:95:32:bd:19:63:32:91:71:bb:29:
72:52:fa:bd:d4:db:7a:d6:3e:7f:8f:3d:82:74:1e:
7d:14:09:83:5e:ba:51:44:53:0e:cb:1f:dd:95:7a:
e6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0D:CC:EA:F6:09:8E:C9:BC:C3:CF:6A:77:E6:8A:60:79:CC:54:32
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/LA3M6vYJjsm8w89qd-aKYHnMVDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/48
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
Signature Algorithm: sha256WithRSAEncryption
9b:e7:71:86:cc:55:40:a1:ed:d3:eb:17:e5:b3:5c:8e:32:c2:
42:03:a5:70:88:d9:cc:87:1e:ba:b5:d1:30:8f:c6:53:f0:0b:
b8:47:b5:62:dd:05:c8:9e:b5:07:ed:f3:f6:f2:fb:9e:a4:38:
1a:28:6f:42:16:aa:e6:2b:72:86:b8:2d:58:72:8c:b6:d8:41:
49:d9:d9:a5:d5:d6:6d:a8:45:3e:92:31:25:84:e6:19:5d:ba:
38:b9:85:b6:50:ec:77:17:a3:c3:35:a4:fd:98:90:61:c7:9e:
e6:51:e1:76:72:e3:82:44:9c:39:d9:45:d8:ea:96:fd:b4:5c:
bc:a7:35:ea:2d:ca:39:7c:56:96:7c:40:62:57:9c:8f:65:0b:
e3:f5:81:69:63:ea:ff:03:20:68:4a:17:c2:e8:a7:ac:85:89:
4b:b5:36:7c:e0:45:71:bb:29:46:69:84:65:52:8f:6c:e8:1d:
54:d4:b9:10:c9:36:f4:45:fd:f1:73:ab:c4:a8:9d:2e:07:63:
2e:be:e0:dc:21:75:fa:7e:6c:b8:7d:ba:7e:46:30:85:8c:25:
05:c1:53:1e:48:b6:50:12:4b:96:0c:08:eb:4d:1b:b7:e5:5a:
ca:a5:0e:ee:0a:cb:3b:51:04:ba:03:1d:48:ca:10:9e:ec:25:
1d:d7:30:b1
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzzQ5D4Kast6e1Wn+u7NIIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMTEwMTIwNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzBkY2NlYWY2MDk4ZWM5YmNjM2NmNmE3N2U2OGE2MDc5Y2M1NDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6xg1tJmoLEGAxmzXTbxjopmOuve
Y+UNqfs3vyaoYXuNkj//6SR393y7+/1t1zERI5jrGIEJL740s+EyPZp3jRUpanfE
e9e3TgfwVXWcKOULZkhsdbbYOpTGn15a2IjqyWY64Tc6VJLnVl0RVUKvHoNxWMP5
CKAjFT5dgMyM0NNZxBoqrfeMGCXaUkIIh+5oQ1BSkk//7G1mN394ZaawA31MzWhL
ZAUHazkA2Cnkl1yqq6S0gfV98/8DPpsCsa0p03pWbMbNKe5paJj4jimPqgAfMgUs
ipUyvRljMpFxuylyUvq91Nt61j5/jz2CdB59FAmDXrpRRFMOyx/dlXrmzQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFCwNzOr2CY7JvMPPanfmimB5zFQyMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTEEzTTZ2WUpqc204dzg5cWQtYUtZSG5NVkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTAkBAIAATAeAwQBbWiY
AwQAbWibAwQCk04AAwQBuX7uAwQAudUXMIGYBAIAAjCBkTASAwcBKhEIQAAGAwcA
KhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoRCEAAGAMH
ACoRCEAAIDASAwcCKhEIQAAkAwcAKhEIQAAmAwcAKhEIQAAwAwcAKhEIQAAzAwcB
KhEIQABAMBIDBwAqEQhAAEcDBwAqEQhAAEgDBwAqEQhAAFQwDQYJKoZIhvcNAQEL
BQADggEBAJvncYbMVUCh7dPrF+WzXI4ywkIDpXCI2cyHHrq10TCPxlPwC7hHtWLd
BcietQft8/by+56kOBoob0IWquYrcoa4LVhyjLbYQUnZ2aXV1m2oRT6SMSWE5hld
uji5hbZQ7HcXo8M1pP2YkGHHnuZR4XZy44JEnDnZRdjqlv20XLynNeotyjl8VpZ8
QGJXnI9lC+P1gWlj6v8DIGhKF8Lop6yFiUu1NnzgRXG7KUZphGVSj2zoHVTUuRDJ
NvRF/fFzq8SonS4HYy6+4Nwhdfp+bLh9un5GMIWMJQXBUx5ItlASS5YMCOtNG7fl
WsqlDu4KyztRBLoDHUjKEJ7sJR3XMLE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org