Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/LTmXYCDb_Nc0nfdglFiWDb-iuLg.roa
File: LTmXYCDb_Nc0nfdglFiWDb-iuLg.roa (raw, json)
Hash identifier: RZTtDgBkVeT9pL1MglTtNyJBR2Ngv6Mkoy0TsVf2P8Y=
Subject key identifier: 2D:39:97:60:20:DB:FC:D7:34:9D:F7:60:94:58:96:0D:BF:A2:B8:B8
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0187E6F3395043B3D6785BFBB8FE836ECBB2
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/LTmXYCDb_Nc0nfdglFiWDb-iuLg.roa
Signing time: Thu 04 May 2023 13:28:32 +0000
ROA not before: Thu 04 May 2023 13:28:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 May 2023 14:12:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:f3:39:50:43:b3:d6:78:5b:fb:b8:fe:83:6e:cb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: May 4 13:28:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d39976020dbfcd7349df7609458960dbfa2b8b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d0:8d:ab:6f:7b:ef:6c:85:43:f9:7d:25:3d:
6d:29:d9:72:3c:61:b1:7b:80:09:dd:6e:ed:a2:c6:
b0:e6:53:dc:57:f8:56:44:f5:4e:2e:ce:7d:93:fd:
0a:9c:e1:c1:04:9d:8d:3e:44:cd:4b:2c:cd:7f:2d:
6a:89:ec:2d:88:b6:ff:d6:3f:30:73:bf:c6:99:9e:
bf:7c:8c:ab:e1:60:fc:54:d7:fe:8f:78:15:7a:35:
60:17:d3:59:b6:50:8e:96:5e:e5:cb:b1:06:f7:77:
d9:b6:18:1c:60:8e:ea:fc:18:0e:3c:e6:56:15:21:
de:c6:75:d8:79:f2:19:c7:5d:e0:c0:d2:be:0d:34:
8c:49:36:92:77:c4:c7:d2:b8:75:6e:67:53:df:62:
a0:e3:82:89:dd:57:e7:e1:cc:5a:73:37:5d:80:a4:
35:73:35:d9:07:c0:75:b1:44:f4:03:0d:06:cf:ff:
47:60:a8:29:40:0f:44:1c:ab:10:20:1c:e1:95:e9:
09:36:72:96:c1:20:ae:88:4e:05:32:13:7c:e2:be:
ef:19:02:f6:81:df:34:8e:6f:37:65:4e:29:45:60:
d2:f7:fb:51:f7:f7:c4:90:dd:55:97:a3:e9:02:fa:
74:9e:0a:65:df:96:01:eb:66:0c:2b:30:e2:9e:09:
e2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:39:97:60:20:DB:FC:D7:34:9D:F7:60:94:58:96:0D:BF:A2:B8:B8
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/LTmXYCDb_Nc0nfdglFiWDb-iuLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
147.78.0.0/23
185.126.239.0/24
185.213.23.0/24
IPv6:
2a11:840:7::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:40::/47
2a11:840:47::/48
Signature Algorithm: sha256WithRSAEncryption
76:ba:63:f1:02:ae:b6:ab:d3:9d:6b:1f:b9:ad:33:13:a4:40:
44:7b:16:90:d2:03:ff:78:dc:df:c0:d5:7b:94:e5:bf:36:5e:
7f:aa:4d:0d:e3:15:5e:0b:d6:df:e1:1f:11:02:18:3d:c3:e9:
ac:da:78:7f:f8:21:4d:e4:7b:59:1d:8b:67:3a:38:e8:ce:77:
a3:a0:18:f5:76:bf:87:33:a9:1d:1d:ae:47:e8:0c:4f:32:86:
c6:27:c5:07:8b:3e:79:0b:36:fa:6e:9c:4f:c3:d7:93:8a:52:
4a:d7:bf:b0:05:e5:7d:d2:77:b5:9a:26:6c:b7:be:e7:e1:5b:
99:67:2b:25:73:f2:c3:b1:51:11:f5:e2:fd:78:94:26:1f:2e:
99:46:57:eb:bd:16:9c:1e:c6:f8:cc:e6:26:ee:5f:e1:a1:d8:
5e:d2:c7:cb:90:d1:c4:1c:8f:11:a0:74:ae:97:50:38:b8:89:
41:f8:25:44:d2:5f:8f:de:d6:e0:c8:7a:18:9c:c6:52:e7:60:
75:41:82:de:19:38:03:26:dd:ab:c1:24:51:ef:af:4b:89:7a:
8c:d6:3a:ec:2c:22:88:1e:92:11:92:8f:cb:1f:c6:47:22:8b:
16:54:5d:5e:2b:60:de:6c:03:50:b7:c7:16:8d:0e:fa:58:81:
c2:1f:10:a7
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYfm8zlQQ7PWeFv7uP6DbsuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwNTA0MTMyODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDM5OTc2MDIwZGJmY2Q3MzQ5ZGY3NjA5NDU4OTYwZGJmYTJiOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNCNq29772yFQ/l9JT1tKdlyPGGx
e4AJ3W7tosaw5lPcV/hWRPVOLs59k/0KnOHBBJ2NPkTNSyzNfy1qiewtiLb/1j8w
c7/GmZ6/fIyr4WD8VNf+j3gVejVgF9NZtlCOll7ly7EG93fZthgcYI7q/BgOPOZW
FSHexnXYefIZx13gwNK+DTSMSTaSd8TH0rh1bmdT32Kg44KJ3Vfn4cxaczddgKQ1
czXZB8B1sUT0Aw0Gz/9HYKgpQA9EHKsQIBzhlekJNnKWwSCuiE4FMhN84r7vGQL2
gd80jm83ZU4pRWDS9/tR9/fEkN1Vl6PpAvp0ngpl35YB62YMKzDingnibwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFC05l2Ag2/zXNJ33YJRYlg2/ori4MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTFRtWFlDRGJfTmMwbmZkZ2xGaVdEYi1pdUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwHgQCAAEwGAMEAW1omAME
AZNOAAMEALl+7wMEALnVFzBUBAIAAjBOMBIDBwAqEQhAAAcDBwAqEQhAAAgwEgMH
BCoRCEAAEAMHACoRCEAAFDASAwcAKhEIQAAXAwcBKhEIQAAYAwcBKhEIQABAAwcA
KhEIQABHMA0GCSqGSIb3DQEBCwUAA4IBAQB2umPxAq62q9Odax+5rTMTpEBEexaQ
0gP/eNzfwNV7lOW/Nl5/qk0N4xVeC9bf4R8RAhg9w+ms2nh/+CFN5HtZHYtnOjjo
znejoBj1dr+HM6kdHa5H6AxPMobGJ8UHiz55Czb6bpxPw9eTilJK17+wBeV90ne1
miZst77n4VuZZyslc/LDsVER9eL9eJQmHy6ZRlfrvRacHsb4zOYm7l/hodhe0sfL
kNHEHI8RoHSul1A4uIlB+CVE0l+P3tbgyHoYnMZS52B1QYLeGTgDJt2rwSRR769L
iXqM1jrsLCKIHpIRko/LH8ZHIosWVF1eK2DebANQt8cWjQ76WIHCHxCn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org