Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/LRB1GTz3ovAUmBuFxszkba7fks0.roa
File: LRB1GTz3ovAUmBuFxszkba7fks0.roa (raw, json)
Hash identifier: +2jxLUXaAW0mFgMmalmVa9xLgr3woM24HjgoznVUyDE=
Subject key identifier: 2D:10:75:19:3C:F7:A2:F0:14:98:1B:85:C6:CC:E4:6D:AE:DF:92:CD
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 01886B7386C82F5108F123247CD61AB14AA5
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/LRB1GTz3ovAUmBuFxszkba7fks0.roa
Signing time: Tue 30 May 2023 06:58:33 +0000
ROA not before: Tue 30 May 2023 06:58:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29422
IP address blocks: 194.29.192.0/21 maxlen: 21
77.91.212.0/22 maxlen: 22
81.17.192.0/21 maxlen: 21
83.145.192.0/18 maxlen: 18
217.149.48.0/20 maxlen: 20
194.79.16.0/22 maxlen: 22
94.101.0.0/20 maxlen: 20
193.104.38.0/24 maxlen: 24
84.239.128.0/17 maxlen: 17
217.30.176.0/20 maxlen: 20
83.150.64.0/18 maxlen: 18
109.75.224.0/21 maxlen: 21
84.239.208.0/20 maxlen: 20
188.117.0.0/18 maxlen: 18
185.123.116.0/22 maxlen: 22
80.69.160.0/21 maxlen: 21
77.86.128.0/17 maxlen: 17
213.157.64.0/19 maxlen: 19
80.69.168.0/22 maxlen: 22
2001:67c:70::/48 maxlen: 48
2a01:51c0::/29 maxlen: 29
2001:1bc8::/32 maxlen: 32
2a01:51c1::/32 maxlen: 32
2001:1bc8::/29 maxlen: 29
2a01:51c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 May 2023 08:11:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:73:86:c8:2f:51:08:f1:23:24:7c:d6:1a:b1:4a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: May 30 06:58:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d1075193cf7a2f014981b85c6cce46daedf92cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:00:5a:ed:44:d1:25:53:74:70:d1:6e:52:67:
37:97:e6:46:e1:8b:eb:7f:74:73:ff:f1:cc:3a:a8:
ae:ac:10:6c:47:60:7a:09:a3:c0:0f:a5:a0:fb:4c:
b3:ef:85:f0:b6:44:0a:36:d8:83:90:4a:86:ce:06:
96:d9:38:fe:9d:7e:5d:a9:f2:00:a5:c0:12:e5:5c:
e1:36:ec:0e:aa:aa:80:d0:05:fb:94:81:05:24:89:
cc:8f:12:90:4e:b3:6c:1e:32:41:d6:f3:3a:51:41:
81:9c:ba:52:4d:0a:b1:14:71:a5:f6:6f:f6:6f:9c:
d1:92:98:4a:a7:e5:d6:17:88:4d:7e:4d:09:c3:1c:
c5:b8:74:0c:5d:75:fc:d4:4b:89:47:9a:23:2a:c2:
b6:bd:ab:e1:76:ae:1b:b8:79:7d:66:fd:0d:30:8b:
08:6e:08:fa:74:80:13:14:af:55:c6:44:2c:b9:51:
13:1d:b7:c4:c6:eb:00:9a:75:cd:e8:b7:25:66:a5:
63:14:e1:d5:10:d1:38:37:17:d8:bb:40:ae:7f:6b:
5b:9c:3f:77:87:2c:8f:af:11:9a:ce:b7:6e:88:30:
76:24:31:77:f4:b3:2b:1e:a2:27:67:b4:76:47:52:
a1:50:a5:34:9b:bf:41:ec:5a:39:f3:10:50:83:27:
fb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:10:75:19:3C:F7:A2:F0:14:98:1B:85:C6:CC:E4:6D:AE:DF:92:CD
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/LRB1GTz3ovAUmBuFxszkba7fks0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.86.128.0/17
77.91.212.0/22
80.69.160.0-80.69.171.255
81.17.192.0/21
83.145.192.0/18
83.150.64.0/18
84.239.128.0/17
94.101.0.0/20
109.75.224.0/21
185.123.116.0/22
188.117.0.0/18
193.104.38.0/24
194.29.192.0/21
194.79.16.0/22
213.157.64.0/19
217.30.176.0/20
217.149.48.0/20
IPv6:
2001:67c:70::/48
2001:1bc8::/29
2a01:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:32:61:a7:b1:ae:c5:e9:c9:88:d4:9a:31:8a:07:11:c6:e4:
c2:c8:69:61:ef:ad:10:7f:b2:34:d4:33:82:88:d5:9e:b0:f9:
bb:84:af:19:6e:30:d4:ee:6e:e3:b7:bc:27:19:fb:f6:cb:e0:
67:b0:d6:bb:af:c4:05:55:14:00:17:97:1d:fd:db:b9:30:09:
57:c8:44:22:23:5a:66:85:57:51:67:66:6c:8d:14:11:bc:91:
ab:16:77:3a:8d:a0:02:7f:88:70:7c:02:65:ee:bc:2e:87:88:
ee:16:bf:bb:6b:b7:e4:de:03:09:dd:dc:e0:94:86:40:f5:92:
2d:68:e0:2a:ab:52:13:9a:02:f7:d7:16:8e:77:00:22:3b:31:
61:61:cd:f2:6a:95:80:61:43:03:a1:f2:a2:e0:3e:8c:5f:00:
e6:ca:e5:f6:0d:e4:cb:2f:37:f7:cf:2d:ad:73:36:25:f6:eb:
3a:bb:bf:22:90:d1:43:ec:38:a3:1b:2f:28:d3:53:ee:e1:f0:
57:0b:60:9f:64:e7:10:f6:d8:67:aa:77:f0:f7:77:c6:b5:96:
10:0e:29:27:b2:a3:11:b0:b4:58:6e:88:78:9e:1d:76:bc:25:
0e:aa:c8:a4:fc:e8:6c:4b:5f:08:e9:5c:9f:df:ed:d6:33:d9:
72:4f:a2:96
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYhrc4bIL1EI8SMkfNYasUqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjMwNTMwMDY1ODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDEwNzUxOTNjZjdhMmYwMTQ5ODFiODVjNmNjZTQ2ZGFlZGY5MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgBa7UTRJVN0cNFuUmc3l+ZG4Yvr
f3Rz//HMOqiurBBsR2B6CaPAD6Wg+0yz74XwtkQKNtiDkEqGzgaW2Tj+nX5dqfIA
pcAS5VzhNuwOqqqA0AX7lIEFJInMjxKQTrNsHjJB1vM6UUGBnLpSTQqxFHGl9m/2
b5zRkphKp+XWF4hNfk0JwxzFuHQMXXX81EuJR5ojKsK2vavhdq4buHl9Zv0NMIsI
bgj6dIATFK9VxkQsuVETHbfExusAmnXN6LclZqVjFOHVENE4NxfYu0Cuf2tbnD93
hyyPrxGazrduiDB2JDF39LMrHqInZ7R2R1KhUKU0m79B7Fo58xBQgyf7SQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFC0QdRk896LwFJgbhcbM5G2u35LNMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvTFJCMUdUejNvdkFVbUJ1RnhzemtiYTdma3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTB0BAIAATBuAwQHTVaA
AwQCTVvUMAwDBAVQRaADBAJQRagDBANREcADBAZTkcADBAZTlkADBAdU74ADBARe
ZQADBANtS+ADBAK5e3QDBAa8dQADBADBaCYDBAPCHcADBALCTxADBAXVnUADBATZ
HrADBATZlTAwHQQCAAIwFwMHACABBnwAcAMFAyABG8gDBQMqAVHAMA0GCSqGSIb3
DQEBCwUAA4IBAQBCMmGnsa7F6cmI1JoxigcRxuTCyGlh760Qf7I01DOCiNWesPm7
hK8ZbjDU7m7jt7wnGfv2y+BnsNa7r8QFVRQAF5cd/du5MAlXyEQiI1pmhVdRZ2Zs
jRQRvJGrFnc6jaACf4hwfAJl7rwuh4juFr+7a7fk3gMJ3dzglIZA9ZItaOAqq1IT
mgL31xaOdwAiOzFhYc3yapWAYUMDofKi4D6MXwDmyuX2DeTLLzf3zy2tczYl9us6
u78ikNFD7DijGy8o01Pu4fBXC2CfZOcQ9thnqnfw93fGtZYQDiknsqMRsLRYboh4
nh12vCUOqsik/OhsS18I6Vyf3+3WM9lyT6KW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:49 2024 by rpki-client on console-fra.rpki-client.org