Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/Lqxz-ffc7uyr__1900aLZlLumbI.roa
File: Lqxz-ffc7uyr__1900aLZlLumbI.roa (raw, json)
Hash identifier: Lyvo6zprqdmJscxmvW5QCRNGFmgL0n4a5s/O6fgWubo=
Subject key identifier: 2E:AC:73:F9:F7:DC:EE:EC:AB:FF:FD:7D:D3:46:8B:66:52:EE:99:B2
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 018BAE90E3CBC397131E1D5458C5723FE4E8
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/Lqxz-ffc7uyr__1900aLZlLumbI.roa
Signing time: Wed 08 Nov 2023 10:53:32 +0000
ROA not before: Wed 08 Nov 2023 10:53:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44922
IP address blocks: 93.89.16.0/24 maxlen: 24
93.89.17.0/24 maxlen: 24
93.89.21.0/24 maxlen: 24
93.89.22.0/24 maxlen: 24
93.89.20.0/24 maxlen: 24
93.89.18.0/24 maxlen: 24
93.89.19.0/24 maxlen: 24
93.89.25.0/24 maxlen: 24
93.89.26.0/24 maxlen: 24
93.89.28.0/24 maxlen: 24
93.89.29.0/24 maxlen: 24
93.89.27.0/24 maxlen: 24
93.89.30.0/24 maxlen: 24
93.89.31.0/24 maxlen: 24
185.7.82.0/24 maxlen: 24
185.7.83.0/24 maxlen: 24
2a03:403::/32 maxlen: 32
2a03:400::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 11 Nov 2023 08:14:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:90:e3:cb:c3:97:13:1e:1d:54:58:c5:72:3f:e4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Nov 8 10:53:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eac73f9f7dceeecabfffd7dd3468b6652ee99b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:29:af:25:06:0c:07:21:92:6b:2d:21:80:8f:
09:24:2a:f2:ca:e6:0d:cd:95:42:3a:04:95:e7:bb:
6f:a3:65:09:80:97:bc:a1:c5:10:c6:cc:31:70:7d:
ff:a3:7a:b3:6d:97:20:c2:34:68:e1:9b:d9:dc:9f:
bd:74:c2:d9:f2:21:4a:96:e6:1a:c9:ab:8f:aa:0f:
d3:a6:c8:58:0b:49:cc:e1:65:c2:5c:05:ea:40:38:
2f:6a:6b:a9:9b:36:d5:eb:32:57:79:22:00:89:36:
0b:53:1c:d1:d1:94:d6:1d:82:0a:ce:66:57:d9:ea:
f2:e2:52:50:12:93:99:99:62:68:07:a9:cc:fd:1f:
5a:da:bf:cd:75:c6:d5:56:bc:73:d5:ab:74:68:ec:
f5:e2:0e:b0:0b:d3:e7:9b:10:44:c8:b3:e8:98:61:
42:c8:2f:e2:0d:01:33:fb:91:48:76:70:b3:0c:8d:
4e:c8:a2:f7:62:2b:28:b5:dd:ba:ed:57:95:4d:2a:
d9:69:13:30:94:a1:35:d8:cf:66:3b:9f:05:19:1c:
36:37:9f:4e:1b:60:77:12:74:cc:a2:51:93:79:4c:
f0:15:89:06:6d:0c:58:a3:03:11:76:4a:19:39:07:
63:27:a4:9d:29:a5:b0:01:5e:da:b2:a2:64:f2:ab:
1e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AC:73:F9:F7:DC:EE:EC:AB:FF:FD:7D:D3:46:8B:66:52:EE:99:B2
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/Lqxz-ffc7uyr__1900aLZlLumbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.16.0-93.89.22.255
93.89.25.0-93.89.31.255
185.7.82.0/23
IPv6:
2a03:400::/32
2a03:403::/32
Signature Algorithm: sha256WithRSAEncryption
76:62:e6:77:28:50:cc:37:3a:ea:6d:61:17:f9:36:84:69:3e:
ad:6c:5b:4b:f9:39:59:20:03:5e:db:76:e0:8e:15:9e:76:70:
a0:80:09:23:66:5b:c8:8e:04:79:f6:0f:c0:b6:b7:94:78:87:
6e:71:04:6d:1c:87:7a:ce:bc:96:04:61:6c:4c:16:c3:b9:8f:
bd:ff:6d:49:93:a4:fd:59:5a:64:59:63:ea:b7:d6:64:00:9b:
e6:3c:07:88:ec:3b:0b:7d:46:78:f4:e5:5f:cb:70:14:6b:9e:
21:a2:33:ff:66:10:1d:1f:45:a4:06:96:77:cc:f5:78:ae:f4:
0b:13:fb:8a:8f:aa:be:66:ce:e5:45:6d:44:1e:22:da:e3:43:
ca:9e:d3:f6:ce:ec:bb:fd:c1:dc:31:df:c4:2b:09:ed:9d:6e:
6c:f0:76:7c:ef:9e:f9:c5:bf:c3:9d:e6:48:3b:67:da:dd:f3:
01:e1:b4:93:1a:7d:5c:d3:3c:fa:7a:34:01:10:2f:8d:c1:ba:
97:87:26:5b:b3:0e:03:47:a6:54:af:34:3b:1d:95:63:59:88:
9b:b6:66:65:88:28:d4:28:2e:58:39:71:75:e5:9e:8d:cd:e8:
bc:79:e4:63:78:cc:be:db:c8:11:20:01:58:49:de:d6:7f:4d:
ef:94:69:f9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYuukOPLw5cTHh1UWMVyP+ToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjMxMTA4MTA1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWFjNzNmOWY3ZGNlZWVjYWJmZmZkN2RkMzQ2OGI2NjUyZWU5OWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSmvJQYMByGSay0hgI8JJCryyuYN
zZVCOgSV57tvo2UJgJe8ocUQxswxcH3/o3qzbZcgwjRo4ZvZ3J+9dMLZ8iFKluYa
yauPqg/TpshYC0nM4WXCXAXqQDgvamupmzbV6zJXeSIAiTYLUxzR0ZTWHYIKzmZX
2ery4lJQEpOZmWJoB6nM/R9a2r/NdcbVVrxz1at0aOz14g6wC9PnmxBEyLPomGFC
yC/iDQEz+5FIdnCzDI1OyKL3Yisotd267VeVTSrZaRMwlKE12M9mO58FGRw2N59O
G2B3EnTMolGTeUzwFYkGbQxYowMRdkoZOQdjJ6SdKaWwAV7asqJk8qseuQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFC6sc/n33O7sq//9fdNGi2ZS7pmyMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvTHF4ei1mZmM3dXlyX18xOTAwYUxabEx1bWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAoBAIAATAiMAwDBARdWRAD
BABdWRYwDAMEAF1ZGQMEBV1ZAAMEAbkHUjAUBAIAAjAOAwUAKgMEAAMFACoDBAMw
DQYJKoZIhvcNAQELBQADggEBAHZi5ncoUMw3OuptYRf5NoRpPq1sW0v5OVkgA17b
duCOFZ52cKCACSNmW8iOBHn2D8C2t5R4h25xBG0ch3rOvJYEYWxMFsO5j73/bUmT
pP1ZWmRZY+q31mQAm+Y8B4jsOwt9Rnj05V/LcBRrniGiM/9mEB0fRaQGlnfM9Xiu
9AsT+4qPqr5mzuVFbUQeItrjQ8qe0/bO7Lv9wdwx38QrCe2dbmzwdnzvnvnFv8Od
5kg7Z9rd8wHhtJMafVzTPPp6NAEQL43BupeHJluzDgNHplSvNDsdlWNZiJu2ZmWI
KNQoLlg5cXXlno3N6Lx55GN4zL7byBEgAVhJ3tZ/Te+Uafk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:39 2024 by rpki-client on console-fra.rpki-client.org