Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/lEXLT765cEVJvhG0idX9CJJJLcs.roa
File: lEXLT765cEVJvhG0idX9CJJJLcs.roa (raw, json)
Hash identifier: CdUf8qGwDVdsVVNSRkh7Dt5Bj2smmXiLh5ifmsUwjmY=
Subject key identifier: 94:45:CB:4F:BE:B9:70:45:49:BE:11:B4:89:D5:FD:08:92:49:2D:CB
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018AF9583BCC6087BA4E3609C82BFFC1D158
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/lEXLT765cEVJvhG0idX9CJJJLcs.roa
Signing time: Wed 04 Oct 2023 06:20:23 +0000
ROA not before: Wed 04 Oct 2023 06:20:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4637
IP address blocks: 193.82.192.0/19 maxlen: 24
195.153.124.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
195.153.74.0/24 maxlen: 24
154.32.0.0/16 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.19.0/24 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
154.8.0.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 08:08:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:58:3b:cc:60:87:ba:4e:36:09:c8:2b:ff:c1:d1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Oct 4 06:20:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9445cb4fbeb9704549be11b489d5fd0892492dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:56:df:20:4f:40:2d:b5:dc:77:ea:68:d8:47:
69:b3:01:ef:7c:52:20:3c:e9:e9:7d:f2:4c:bb:2f:
dc:c3:84:bd:e5:92:a8:6f:bc:fc:be:85:e1:55:99:
72:0d:3a:80:72:ca:bf:fa:8f:e1:12:18:ea:67:a6:
f6:1c:67:a9:5e:82:7d:32:ad:6b:d7:84:66:cd:9a:
af:2d:df:6e:cb:04:ed:86:26:a0:2a:80:27:c6:5d:
67:4f:4e:7a:1e:b4:08:50:49:f1:23:39:67:91:4d:
9f:cd:6a:95:40:06:95:f7:a8:07:cf:cb:cc:93:f5:
42:61:a8:92:0e:bd:10:42:d4:49:da:b0:b6:3a:ef:
69:03:ff:4b:4b:6e:4d:ee:d8:60:e7:24:42:e4:31:
f1:99:a9:d9:12:9e:13:90:2a:8c:e9:cc:ae:6a:ae:
2e:07:6a:e5:42:03:fe:a1:c5:62:0b:0e:31:02:1c:
c2:a3:24:39:8f:e7:08:b4:72:0b:33:19:63:1e:30:
57:7a:35:28:c1:87:94:35:24:66:5b:3a:0c:9a:33:
9f:6d:43:4e:4a:ca:f4:63:ff:18:1b:33:b2:32:a2:
5b:f2:d7:16:7d:33:25:57:50:79:dd:29:78:d3:91:
2a:42:1e:9b:95:f2:75:85:eb:12:5d:14:3b:1b:70:
ae:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:45:CB:4F:BE:B9:70:45:49:BE:11:B4:89:D5:FD:08:92:49:2D:CB
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/lEXLT765cEVJvhG0idX9CJJJLcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
42:70:3f:55:c5:44:b2:dd:74:99:99:fa:17:38:80:44:19:3e:
1f:51:75:66:a5:13:2f:78:45:ee:01:99:27:fe:ce:04:19:0e:
d1:d1:73:23:1b:24:92:13:bd:92:ce:96:e5:ad:1e:75:52:72:
2d:84:ca:bd:51:d6:ea:cd:34:74:fd:91:e6:4e:29:08:fb:01:
97:13:7b:04:27:57:dd:3d:95:23:b3:35:88:23:90:f3:ca:10:
52:59:86:05:ae:e9:52:c0:9f:84:c5:53:f2:f7:12:8b:b8:4d:
13:10:60:81:fb:b3:53:09:7f:6b:ea:61:26:6f:d9:84:86:49:
de:95:af:67:38:53:66:b4:22:a3:9d:79:16:56:13:f1:1d:90:
13:ab:9a:1b:7d:40:7c:ce:05:a5:d2:6c:c6:92:82:75:44:3c:
0e:bc:0f:5d:19:5a:b8:0b:b1:19:b0:ab:7d:8f:d2:00:7d:8a:
31:8f:ab:b5:a7:da:b5:26:f1:10:01:d6:de:f9:e4:30:c8:ff:
a5:38:09:6b:6f:5b:d7:f9:22:97:f6:ab:e4:0e:ec:21:28:70:
85:f5:a1:fc:b2:f7:38:52:be:43:91:ec:63:bc:70:97:a9:38:
fe:88:c9:f6:b7:57:a8:0d:9c:54:f8:56:63:b3:57:5e:8b:5a:
18:f9:b4:f3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYr5WDvMYIe6TjYJyCv/wdFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMxMDA0MDYyMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ1Y2I0ZmJlYjk3MDQ1NDliZTExYjQ4OWQ1ZmQwODkyNDkyZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVbfIE9ALbXcd+po2EdpswHvfFIg
POnpffJMuy/cw4S95ZKob7z8voXhVZlyDTqAcsq/+o/hEhjqZ6b2HGepXoJ9Mq1r
14RmzZqvLd9uywTthiagKoAnxl1nT056HrQIUEnxIzlnkU2fzWqVQAaV96gHz8vM
k/VCYaiSDr0QQtRJ2rC2Ou9pA/9LS25N7thg5yRC5DHxmanZEp4TkCqM6cyuaq4u
B2rlQgP+ocViCw4xAhzCoyQ5j+cItHILMxljHjBXejUowYeUNSRmWzoMmjOfbUNO
Ssr0Y/8YGzOyMqJb8tcWfTMlV1B53Sl405EqQh6blfJ1hesSXRQ7G3Cu4QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJRFy0++uXBFSb4RtInV/QiSSS3LMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvbEVYTFQ3NjVjRVZKdmhHMGlkWDlDSkpKTGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMEAMOZEwME
AMOZSgMEAsOZbAMEAMOZfAMEAcOZ2AMEBNmXIDANBAIAAjAHAwUAKgIWIDANBgkq
hkiG9w0BAQsFAAOCAQEAQnA/VcVEst10mZn6FziARBk+H1F1ZqUTL3hF7gGZJ/7O
BBkO0dFzIxskkhO9ks6W5a0edVJyLYTKvVHW6s00dP2R5k4pCPsBlxN7BCdX3T2V
I7M1iCOQ88oQUlmGBa7pUsCfhMVT8vcSi7hNExBggfuzUwl/a+phJm/ZhIZJ3pWv
ZzhTZrQio515FlYT8R2QE6uaG31AfM4FpdJsxpKCdUQ8DrwPXRlauAuxGbCrfY/S
AH2KMY+rtafatSbxEAHW3vnkMMj/pTgJa29b1/kil/ar5A7sIShwhfWh/LL3OFK+
Q5HsY7xwl6k4/ojJ9rdXqA2cVPhWY7NXXotaGPm08w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org