Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/lpGBtXJSDVPf3Mz1K_Sbzs20IUo.roa
File: lpGBtXJSDVPf3Mz1K_Sbzs20IUo.roa (raw, json)
Hash identifier: 126BUgUND3Nuyu2dIqzmzz8pSofn+4J6R9IeZVeRpeM=
Subject key identifier: 96:91:81:B5:72:52:0D:53:DF:DC:CC:F5:2B:F4:9B:CE:CD:B4:21:4A
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 018852B04871FF46D03BBAA692A921FC63D6
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/lpGBtXJSDVPf3Mz1K_Sbzs20IUo.roa
Signing time: Thu 25 May 2023 11:34:24 +0000
ROA not before: Thu 25 May 2023 11:34:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29422
IP address blocks: 194.29.192.0/21 maxlen: 21
77.91.212.0/22 maxlen: 22
81.17.192.0/21 maxlen: 21
109.75.224.0/21 maxlen: 21
194.79.16.0/22 maxlen: 22
94.101.0.0/20 maxlen: 20
185.123.116.0/22 maxlen: 22
193.104.38.0/24 maxlen: 24
80.69.160.0/21 maxlen: 21
80.69.168.0/22 maxlen: 22
2a01:51c0::/29 maxlen: 29
2001:1bc8::/32 maxlen: 32
2a01:51c1::/32 maxlen: 32
2001:1bc8::/29 maxlen: 29
2a01:51c0::/32 maxlen: 32
2001:67c:70::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:b0:48:71:ff:46:d0:3b:ba:a6:92:a9:21:fc:63:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: May 25 11:34:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=969181b572520d53dfdcccf52bf49bcecdb4214a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e3:e8:07:5c:d8:c0:17:d9:33:8f:6a:3c:4e:
54:02:8e:a9:20:5f:30:38:16:3f:83:d3:7c:ca:fd:
fd:b2:8b:45:32:56:a5:fa:66:d2:4c:75:12:a6:75:
35:e6:5a:b3:27:2d:c8:a7:bb:6b:18:1e:dd:5b:c1:
6e:fe:b3:92:b9:29:83:b4:c2:c0:5e:29:13:cc:1b:
3a:05:f3:5d:f4:3f:3b:cd:ef:0a:cf:a0:71:6f:34:
f2:89:0a:17:93:42:59:6b:54:8b:ca:77:63:db:eb:
7b:da:53:a1:c7:d9:f7:76:22:d0:c3:19:76:d2:9b:
86:7d:1f:09:92:4d:b8:a3:2b:20:c5:c1:e2:0e:86:
7d:c6:97:ee:3d:ca:35:3e:3f:b4:11:b0:13:51:85:
3e:21:4a:e8:79:3c:4c:1c:84:30:a6:4c:ca:3e:be:
df:f4:aa:23:fc:80:a9:57:e9:bc:d1:6f:d0:8c:e7:
18:f2:fb:32:02:3b:86:6b:cb:ec:87:1c:71:41:3e:
85:e3:ac:f5:7e:60:ae:b8:fe:55:bb:90:bc:66:7e:
24:6b:6a:d1:81:c3:e3:59:34:5a:27:38:10:8d:0c:
69:c6:38:ff:6d:1e:95:c8:64:06:88:64:33:24:c5:
77:d8:46:3f:a8:59:35:0f:d9:9a:dc:08:52:b9:ba:
73:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:91:81:B5:72:52:0D:53:DF:DC:CC:F5:2B:F4:9B:CE:CD:B4:21:4A
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/lpGBtXJSDVPf3Mz1K_Sbzs20IUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.212.0/22
80.69.160.0-80.69.171.255
81.17.192.0/21
94.101.0.0/20
109.75.224.0/21
185.123.116.0/22
193.104.38.0/24
194.29.192.0/21
194.79.16.0/22
IPv6:
2001:67c:70::/48
2001:1bc8::/29
2a01:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:80:70:41:01:f8:62:b6:c5:7e:6d:5d:40:2e:c2:a1:f2:77:
d7:bf:95:15:ad:0c:cb:b8:67:51:ab:43:a2:d8:e0:0b:b9:ba:
65:4a:35:1e:bb:71:f1:84:06:38:69:7e:83:d1:dc:9f:63:6c:
41:10:af:d3:74:0d:1c:32:da:8b:69:ea:d0:40:89:9f:c6:3c:
cc:87:3d:96:c5:7e:c3:35:d4:85:8b:fb:65:8d:ca:60:db:e5:
47:92:4e:0d:e7:ac:9c:a2:3f:8a:08:5a:ba:0c:fe:cd:db:57:
02:c7:d8:91:60:ae:4b:6b:a6:78:8c:0d:13:cf:5f:c9:1e:a3:
5d:84:af:26:a7:16:bc:c8:fd:be:ec:7c:8b:5f:54:bc:87:db:
f7:e0:7e:13:b8:ab:13:a1:1f:ac:25:5b:c6:0f:c6:4a:0e:47:
2b:de:7b:1a:c7:22:91:e7:e2:d2:14:bf:d5:93:ae:05:78:59:
f5:9e:d6:64:85:b1:c9:33:20:0c:35:2d:f9:40:f9:73:11:f8:
16:eb:d2:17:dd:b0:09:e8:c2:d5:58:33:66:b1:5a:65:41:0e:
7b:3e:59:7b:7e:1d:a6:4c:cf:ca:40:bc:37:42:ee:28:12:1d:
68:c1:81:7e:63:ac:8e:84:7d:b6:ff:6f:65:fc:be:b8:de:a3:
95:7f:89:e8
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYhSsEhx/0bQO7qmkqkh/GPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjMwNTI1MTEzNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjkxODFiNTcyNTIwZDUzZGZkY2NjZjUyYmY0OWJjZWNkYjQyMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+PoB1zYwBfZM49qPE5UAo6pIF8w
OBY/g9N8yv39sotFMlal+mbSTHUSpnU15lqzJy3Ip7trGB7dW8Fu/rOSuSmDtMLA
XikTzBs6BfNd9D87ze8Kz6BxbzTyiQoXk0JZa1SLyndj2+t72lOhx9n3diLQwxl2
0puGfR8Jkk24oysgxcHiDoZ9xpfuPco1Pj+0EbATUYU+IUroeTxMHIQwpkzKPr7f
9Koj/ICpV+m80W/QjOcY8vsyAjuGa8vshxxxQT6F46z1fmCuuP5Vu5C8Zn4ka2rR
gcPjWTRaJzgQjQxpxjj/bR6VyGQGiGQzJMV32EY/qFk1D9ma3AhSubpzcwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFJaRgbVyUg1T39zM9Sv0m87NtCFKMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvbHBHQnRYSlNEVlBmM016MUtfU2J6czIwSVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBEBAIAATA+AwQCTVvUMAwD
BAVQRaADBAJQRagDBANREcADBAReZQADBANtS+ADBAK5e3QDBADBaCYDBAPCHcAD
BALCTxAwHQQCAAIwFwMHACABBnwAcAMFAyABG8gDBQMqAVHAMA0GCSqGSIb3DQEB
CwUAA4IBAQCLgHBBAfhitsV+bV1ALsKh8nfXv5UVrQzLuGdRq0Oi2OALubplSjUe
u3HxhAY4aX6D0dyfY2xBEK/TdA0cMtqLaerQQImfxjzMhz2WxX7DNdSFi/tljcpg
2+VHkk4N56ycoj+KCFq6DP7N21cCx9iRYK5La6Z4jA0Tz1/JHqNdhK8mpxa8yP2+
7HyLX1S8h9v34H4TuKsToR+sJVvGD8ZKDkcr3nsaxyKR5+LSFL/Vk64FeFn1ntZk
hbHJMyAMNS35QPlzEfgW69IX3bAJ6MLVWDNmsVplQQ57Pll7fh2mTM/KQLw3Qu4o
Eh1owYF+Y6yOhH22/29l/L643qOVf4no
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:12 2023 by rpki-client on console-fra.rpki-client.org