Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/lelmz4tDk66rGuUBqsztLD-WeSA.roa
File: lelmz4tDk66rGuUBqsztLD-WeSA.roa (raw, json)
Hash identifier: 2LZ7H2RDPYdTwnMIkiSMcmg1KkKnLvU/LvHZyjrbD9w=
Subject key identifier: 95:E9:66:CF:8B:43:93:AE:AB:1A:E5:01:AA:CC:ED:2C:3F:96:79:20
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018ADC15F12188C4877F7314796108774898
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/lelmz4tDk66rGuUBqsztLD-WeSA.roa
Signing time: Thu 28 Sep 2023 13:59:00 +0000
ROA not before: Thu 28 Sep 2023 13:59:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.23.200.0/23 maxlen: 32
185.251.44.0/23 maxlen: 32
185.251.46.0/23 maxlen: 32
185.247.230.0/23 maxlen: 32
185.247.229.0/24 maxlen: 32
185.247.228.0/24 maxlen: 32
195.66.220.0/22 maxlen: 32
95.175.80.0/20 maxlen: 32
185.251.248.0/23 maxlen: 32
185.251.250.0/23 maxlen: 32
193.8.80.0/22 maxlen: 32
178.239.22.0/23 maxlen: 32
88.218.144.0/22 maxlen: 32
45.133.136.0/24 maxlen: 32
91.193.100.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 06 Oct 2023 06:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:15:f1:21:88:c4:87:7f:73:14:79:61:08:77:48:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Sep 28 13:59:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95e966cf8b4393aeab1ae501aacced2c3f967920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:60:cc:41:5b:88:e7:63:cb:ac:62:69:da:86:
6d:bf:ca:d2:9d:75:4a:3d:0b:2b:1f:53:51:42:64:
21:8b:f9:6a:ee:89:27:01:bb:5b:c0:5f:9d:72:29:
a5:0f:da:fb:13:75:63:8c:24:a4:87:f6:d1:28:dc:
b5:d4:4c:98:1f:e5:0e:14:66:3f:25:b1:5a:f0:ec:
c7:08:88:64:65:51:00:d6:fd:e2:1f:45:86:6f:a7:
0a:7a:47:55:4d:a5:84:66:fd:5c:83:a0:74:f8:21:
42:8b:da:55:84:45:00:ea:6e:a8:16:54:72:cb:dc:
0a:41:4f:66:fc:2d:d7:12:11:7d:3f:99:f5:97:33:
56:de:10:97:ba:8f:08:ac:f4:85:fc:9d:a1:2f:a3:
e4:ed:d6:4a:d0:2d:ad:e8:42:72:20:7c:e0:f7:ee:
bf:17:1b:fa:6c:ce:24:f0:b7:ba:34:14:e4:ea:ba:
a3:50:78:7f:4f:46:4e:00:e0:09:f6:2d:e7:96:80:
ff:af:32:53:0d:0c:29:86:db:62:03:56:4b:f4:1b:
2c:51:39:19:7c:4e:d4:c4:8f:f7:ee:df:b5:21:f8:
cc:75:bb:2a:e1:e6:6e:f7:ff:fe:97:98:74:ca:b0:
ac:dc:31:7e:74:5d:35:9f:69:d4:cb:2c:96:d2:38:
98:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E9:66:CF:8B:43:93:AE:AB:1A:E5:01:AA:CC:ED:2C:3F:96:79:20
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/lelmz4tDk66rGuUBqsztLD-WeSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.136.0/24
88.218.144.0/22
91.193.100.0/22
95.175.80.0/20
178.239.22.0/23
185.23.200.0/23
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
193.8.80.0/22
195.66.220.0/22
Signature Algorithm: sha256WithRSAEncryption
06:be:22:13:78:6a:1e:f0:0c:ef:36:ce:d2:a3:bf:de:d8:0a:
33:36:0c:28:2b:61:02:81:2d:28:c8:84:b5:30:f0:da:98:d0:
0c:db:ed:d7:aa:0e:6e:9d:5e:ae:d8:fb:96:54:25:ff:88:55:
f4:1e:ac:7f:71:56:9c:d3:e1:26:0a:4e:32:09:95:b9:6e:da:
61:fb:1b:12:16:d2:95:2b:a6:38:d1:1e:8a:70:d1:0b:7b:81:
75:21:21:c8:f6:19:40:51:ec:77:fe:41:44:17:fa:2d:6c:84:
b5:2e:77:83:12:16:88:a2:1a:1f:8a:f8:be:64:19:d6:7a:e4:
d2:0f:36:f0:a9:7a:6a:28:16:80:e6:1c:29:e8:df:31:cc:69:
f3:dc:88:a7:13:a6:e2:9e:6e:e4:e9:44:96:e7:63:f3:35:75:
e0:22:c7:d0:f4:32:c6:21:95:aa:d7:48:56:07:52:22:15:da:
cf:44:71:be:19:93:e2:8c:c6:70:10:55:4b:12:b4:87:d1:c8:
ba:03:b9:b7:af:98:c9:42:ec:22:33:2e:b0:51:48:aa:e6:1b:
85:94:00:ae:4e:ff:53:4c:8a:07:5c:9c:7b:a1:38:99:99:a3:
7c:7f:47:47:82:50:c9:bf:8e:6e:95:cd:a0:a8:3f:b2:04:b7:
bc:6d:d2:e4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYrcFfEhiMSHf3MUeWEId0iYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMwOTI4MTM1OTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWU5NjZjZjhiNDM5M2FlYWIxYWU1MDFhYWNjZWQyYzNmOTY3OTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WDMQVuI52PLrGJp2oZtv8rSnXVK
PQsrH1NRQmQhi/lq7oknAbtbwF+dcimlD9r7E3VjjCSkh/bRKNy11EyYH+UOFGY/
JbFa8OzHCIhkZVEA1v3iH0WGb6cKekdVTaWEZv1cg6B0+CFCi9pVhEUA6m6oFlRy
y9wKQU9m/C3XEhF9P5n1lzNW3hCXuo8IrPSF/J2hL6Pk7dZK0C2t6EJyIHzg9+6/
Fxv6bM4k8Le6NBTk6rqjUHh/T0ZOAOAJ9i3nloD/rzJTDQwphttiA1ZL9BssUTkZ
fE7UxI/37t+1IfjMdbsq4eZu9//+l5h0yrCs3DF+dF01n2nUyyyW0jiYPwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJXpZs+LQ5OuqxrlAarM7Sw/lnkgMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvbGVsbXo0dERrNjZyR3VVQnFzenRMRC1XZVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALYWIAwQC
WNqQAwQCW8FkAwQEX69QAwQBsu8WAwQBuRfIAwQCuffkAwQCufssAwQCufv4AwQC
wQhQAwQCw0LcMA0GCSqGSIb3DQEBCwUAA4IBAQAGviITeGoe8AzvNs7So7/e2Aoz
NgwoK2ECgS0oyIS1MPDamNAM2+3Xqg5unV6u2PuWVCX/iFX0Hqx/cVac0+EmCk4y
CZW5btph+xsSFtKVK6Y40R6KcNELe4F1ISHI9hlAUex3/kFEF/otbIS1LneDEhaI
ohofivi+ZBnWeuTSDzbwqXpqKBaA5hwp6N8xzGnz3IinE6binm7k6USW52PzNXXg
IsfQ9DLGIZWq10hWB1IiFdrPRHG+GZPijMZwEFVLErSH0ci6A7m3r5jJQuwiMy6w
UUiq5huFlACuTv9TTIoHXJx7oTiZmaN8f0dHglDJv45ulc2gqD+yBLe8bdLk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org