Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/lWyvLO7GQZTjf_IEpC8oMKqYvGA.roa
File: lWyvLO7GQZTjf_IEpC8oMKqYvGA.roa (raw, json)
Hash identifier: VQ/3CG3Ntqds6waR8+F2opTIihp+2glqdw8nEom4904=
Subject key identifier: 95:6C:AF:2C:EE:C6:41:94:E3:7F:F2:04:A4:2F:28:30:AA:98:BC:60
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01894BDB50AC95B650A68C75AC0FDC91CA69
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/lWyvLO7GQZTjf_IEpC8oMKqYvGA.roa
Signing time: Wed 12 Jul 2023 20:46:51 +0000
ROA not before: Wed 12 Jul 2023 20:46:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58305
IP address blocks: 198.105.124.0/23 maxlen: 24
45.43.64.0/19 maxlen: 24
45.43.74.0/23 maxlen: 24
45.43.80.0/22 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.116.0/23 maxlen: 24
155.254.32.0/22 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.48.0/23 maxlen: 23
155.254.63.0/24 maxlen: 24
155.254.61.0/24 maxlen: 24
107.161.160.0/24 maxlen: 24
107.161.161.0/24 maxlen: 24
107.161.162.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.168.0/24 maxlen: 24
107.161.169.0/24 maxlen: 24
107.161.170.0/24 maxlen: 24
107.161.171.0/24 maxlen: 24
107.181.128.0/19 maxlen: 24
162.220.240.0/24 maxlen: 24
162.220.242.0/24 maxlen: 24
162.220.240.0/21 maxlen: 24
162.220.241.0/24 maxlen: 24
113.20.156.0/22 maxlen: 24
107.161.173.0/24 maxlen: 24
107.161.174.0/23 maxlen: 24
162.217.248.0/24 maxlen: 24
162.217.249.0/24 maxlen: 24
162.217.250.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
2a05:9f40::/29 maxlen: 48
2a07:9944:20::/48 maxlen: 48
2a07:9942:39d7::/48 maxlen: 48
2a07:9944:2222::/48 maxlen: 48
2a07:9940::/29 maxlen: 48
2a07:9944:10::/48 maxlen: 48
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jul 2023 16:08:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4b:db:50:ac:95:b6:50:a6:8c:75:ac:0f:dc:91:ca:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 12 20:46:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956caf2ceec64194e37ff204a42f2830aa98bc60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b0:9b:60:5a:fa:77:e3:ed:27:1c:51:b3:37:
32:f8:5c:d7:8b:01:fc:1b:78:1f:63:23:bb:6a:9e:
cc:26:70:11:23:17:80:c2:a5:f4:95:99:a5:a0:21:
6d:39:0c:ea:b3:be:88:17:69:9b:0c:87:44:9f:d6:
e5:8e:4d:26:b0:c4:4f:b2:33:ed:fe:e4:11:9c:86:
fb:e7:dd:3a:81:6c:c5:b2:ad:cf:bc:8c:b3:81:3f:
8f:2d:a8:f4:5a:81:0c:e4:eb:37:ce:b1:4b:4b:a2:
4b:e3:ac:74:6c:e6:13:0d:ef:1a:c9:ae:c4:87:c4:
58:92:9e:68:d1:95:30:ff:43:75:94:8f:f5:b7:7b:
3d:18:e0:5e:d4:15:18:9f:52:63:b8:ce:62:68:36:
2e:6a:f0:d6:ed:73:b0:01:84:af:48:1b:01:2c:e5:
52:e3:4b:76:53:f1:bf:08:6c:66:77:9e:67:66:15:
9f:9a:25:ef:df:ff:6b:13:42:47:a1:5a:48:ac:91:
d0:fc:93:bb:d4:91:69:0f:19:74:28:05:e3:dd:2e:
c7:19:d0:27:dd:c7:54:97:6a:21:6d:e7:67:bd:4a:
4d:b0:e1:a4:3c:c5:51:1a:ce:fc:88:ff:02:d7:8f:
db:1f:36:74:25:77:a5:eb:a3:76:6d:0e:76:ec:9e:
49:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6C:AF:2C:EE:C6:41:94:E3:7F:F2:04:A4:2F:28:30:AA:98:BC:60
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/lWyvLO7GQZTjf_IEpC8oMKqYvGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.161.160.0-107.161.162.255
107.161.168.0/21
107.181.128.0/19
113.20.156.0/22
155.254.32.0/19
162.217.248.0/22
162.220.240.0/21
198.105.96.0/19
IPv6:
2a02:2ca0::/29
2a05:9f40::/29
2a07:9940::/29
Signature Algorithm: sha256WithRSAEncryption
2a:21:05:65:4a:f9:1a:20:fa:ec:9d:11:db:54:43:37:cb:98:
b0:a8:8c:3c:a4:d9:e9:dc:5e:71:12:58:32:87:96:63:ea:5d:
2b:5f:65:64:fb:14:36:da:6f:6b:4f:09:26:5c:35:92:20:b1:
5c:d7:42:ae:8c:38:fe:97:a6:0e:28:55:18:06:04:98:76:53:
6b:e6:d9:47:51:77:42:14:53:09:f5:ab:15:f2:71:ae:8e:6b:
26:c8:f4:80:07:8b:c7:75:93:4c:4e:fe:45:29:3b:e1:31:e3:
bb:59:23:bf:6a:7d:d5:a6:34:00:4d:a1:e8:49:4d:9f:ca:bb:
45:f3:53:f0:d2:59:d5:43:18:f1:fe:16:64:07:57:80:7c:5c:
c5:80:c1:75:67:f2:33:10:6f:fa:0a:21:49:76:c4:2f:f1:e3:
a3:36:4a:c3:a7:93:2b:28:d3:a2:e8:a5:b4:3c:25:79:70:a6:
14:f9:df:01:35:28:a5:b1:9b:1a:b6:ee:66:9a:cb:aa:cf:40:
21:a2:66:41:88:ed:fa:a3:9a:83:03:f8:ed:67:34:3b:08:65:
da:31:55:16:70:02:32:5e:6e:67:8b:28:96:11:db:56:43:a4:
b5:e5:65:92:be:65:75:8b:f9:1d:c8:6d:c6:05:f1:77:17:2a:
ec:8c:ba:f4
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYlL21CslbZQpox1rA/ckcppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNzEyMjA0NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZjYWYyY2VlYzY0MTk0ZTM3ZmYyMDRhNDJmMjgzMGFhOThiYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7CbYFr6d+PtJxxRszcy+FzXiwH8
G3gfYyO7ap7MJnARIxeAwqX0lZmloCFtOQzqs76IF2mbDIdEn9bljk0msMRPsjPt
/uQRnIb75906gWzFsq3PvIyzgT+PLaj0WoEM5Os3zrFLS6JL46x0bOYTDe8aya7E
h8RYkp5o0ZUw/0N1lI/1t3s9GOBe1BUYn1JjuM5iaDYuavDW7XOwAYSvSBsBLOVS
40t2U/G/CGxmd55nZhWfmiXv3/9rE0JHoVpIrJHQ/JO71JFpDxl0KAXj3S7HGdAn
3cdUl2ohbednvUpNsOGkPMVRGs78iP8C14/bHzZ0JXel66N2bQ527J5JJwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFJVsryzuxkGU43/yBKQvKDCqmLxgMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvbFd5dkxPN0dRWlRqZl9JRXBDOG9NS3FZdkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBEBAIAATA+AwQFLStAMAwD
BAVroaADBABroaIDBANroagDBAVrtYADBAJxFJwDBAWb/iADBAKi2fgDBAOi3PAD
BAXGaWAwGwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG9w0BAQsF
AAOCAQEAKiEFZUr5GiD67J0R21RDN8uYsKiMPKTZ6dxecRJYMoeWY+pdK19lZPsU
Ntpva08JJlw1kiCxXNdCrow4/pemDihVGAYEmHZTa+bZR1F3QhRTCfWrFfJxro5r
Jsj0gAeLx3WTTE7+RSk74THju1kjv2p91aY0AE2h6ElNn8q7RfNT8NJZ1UMY8f4W
ZAdXgHxcxYDBdWfyMxBv+gohSXbEL/HjozZKw6eTKyjTouiltDwleXCmFPnfATUo
pbGbGrbuZprLqs9AIaJmQYjt+qOagwP47Wc0Owhl2jFVFnACMl5uZ4solhHbVkOk
teVlkr5ldYv5HchtxgXxdxcq7Iy69A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org