Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/LXIcO56snmBOivlVBEuOGfXseO4.roa
File: LXIcO56snmBOivlVBEuOGfXseO4.roa (raw, json)
Hash identifier: P+4SYhk0anKv+/joMRZtEEtyjQX5GQEhfKbM0Yja+Ok=
Subject key identifier: 2D:72:1C:3B:9E:AC:9E:60:4E:8A:F9:55:04:4B:8E:19:F5:EC:78:EE
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018B38066B434527BFB5CAC648DD18355C28
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/LXIcO56snmBOivlVBEuOGfXseO4.roa
Signing time: Mon 16 Oct 2023 10:27:06 +0000
ROA not before: Mon 16 Oct 2023 10:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204544
IP address blocks: 87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
62.220.126.0/23 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:06:6b:43:45:27:bf:b5:ca:c6:48:dd:18:35:5c:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 16 10:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d721c3b9eac9e604e8af955044b8e19f5ec78ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7d:84:ff:ea:78:f6:fc:60:3e:22:82:d9:92:
61:37:8c:de:c1:3c:18:44:b1:7c:06:38:9e:9b:1c:
e0:d8:d9:e7:60:7c:fb:79:e2:f3:a0:a5:71:a2:9f:
f3:c6:6d:bb:89:c7:07:f8:28:9e:f5:b7:2a:2b:9a:
5b:16:81:84:d9:b7:00:ab:85:e7:fc:31:1e:e1:5c:
9e:d4:a3:7e:90:19:f1:66:28:f6:8d:b8:50:77:2e:
49:47:b9:42:c9:52:0b:f5:c9:f6:a3:14:51:d5:aa:
9d:61:e9:92:5a:cb:11:c5:e1:ea:3a:a2:df:a3:f1:
d3:a3:84:18:5d:c1:1a:1f:9a:fb:10:0a:ec:0e:62:
93:06:c8:f6:ad:ef:6e:74:c2:ce:7a:ca:72:4d:2d:
9f:7d:f3:11:30:d1:ef:74:0a:a3:cd:5a:b2:2c:09:
e8:6b:ef:6c:ee:78:09:e3:d3:f7:91:10:67:18:c2:
d5:30:ad:f5:7c:2a:bb:12:0c:ce:6f:cf:1f:2b:84:
6f:81:6d:8d:b5:7b:46:38:f4:c8:c0:50:4f:75:1a:
3f:60:c0:19:49:48:2d:5c:f4:59:54:1f:78:47:0f:
b2:5c:d9:33:62:c1:35:7a:68:9d:2d:5b:29:55:f4:
5b:ee:3c:f3:c2:9c:f7:06:95:d4:05:f6:46:89:b4:
17:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:72:1C:3B:9E:AC:9E:60:4E:8A:F9:55:04:4B:8E:19:F5:EC:78:EE
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/LXIcO56snmBOivlVBEuOGfXseO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/22
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:89:e5:77:a2:d8:47:b9:14:43:5e:06:03:42:4d:44:59:28:
82:b5:dc:e1:cc:4f:20:9c:20:31:79:5d:07:c0:93:15:73:7f:
74:b6:cc:83:3b:cb:86:6c:a2:9b:93:ec:ed:32:15:3b:ca:66:
5d:d5:79:dd:05:c8:0e:10:b9:99:49:64:31:0f:57:c8:72:ec:
72:0b:2d:2e:2f:89:41:13:0b:1d:75:ee:76:4d:7c:df:45:2e:
77:7f:eb:09:7b:53:db:3c:54:81:11:47:15:ce:20:a4:b9:ef:
cf:ae:9b:0f:b5:1c:68:ac:1c:49:d4:f6:ca:4c:14:ab:a2:62:
6c:38:0c:be:1f:1a:be:4e:63:ae:23:55:c1:31:d6:54:61:ca:
89:c3:08:6b:bc:63:6b:10:00:aa:a3:12:28:df:e7:df:a5:6b:
e1:66:f1:11:53:d8:e1:5f:1f:14:f4:8f:5f:64:18:c2:61:ab:
73:aa:5b:a5:8e:cc:ba:64:13:9f:6a:a5:19:9b:a1:8e:81:df:
71:87:42:66:32:13:a4:28:1c:2c:4d:2a:5a:ef:03:3d:9c:b8:
1f:ea:d8:01:3a:e7:f1:da:c9:c5:39:50:5f:47:8c:14:70:7d:
77:20:c8:8d:ac:fc:af:d5:80:39:ea:b1:df:70:56:b5:17:5d:
87:cf:f8:1a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYs4BmtDRSe/tcrGSN0YNVwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMxMDE2MTAyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDcyMWMzYjllYWM5ZTYwNGU4YWY5NTUwNDRiOGUxOWY1ZWM3OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn2E/+p49vxgPiKC2ZJhN4zewTwY
RLF8Bjiemxzg2NnnYHz7eeLzoKVxop/zxm27iccH+Cie9bcqK5pbFoGE2bcAq4Xn
/DEe4Vye1KN+kBnxZij2jbhQdy5JR7lCyVIL9cn2oxRR1aqdYemSWssRxeHqOqLf
o/HTo4QYXcEaH5r7EArsDmKTBsj2re9udMLOespyTS2fffMRMNHvdAqjzVqyLAno
a+9s7ngJ49P3kRBnGMLVMK31fCq7EgzOb88fK4RvgW2NtXtGOPTIwFBPdRo/YMAZ
SUgtXPRZVB94Rw+yXNkzYsE1emidLVspVfRb7jzzwpz3BpXUBfZGibQX7wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC1yHDuerJ5gTor5VQRLjhn17HjuMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTFhJY081NnNubUJPaXZsVkJFdU9HZlhzZU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPtx+AwQC
UQwYAwQBUQweAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUA
A4IBAQCLieV3othHuRRDXgYDQk1EWSiCtdzhzE8gnCAxeV0HwJMVc390tsyDO8uG
bKKbk+ztMhU7ymZd1XndBcgOELmZSWQxD1fIcuxyCy0uL4lBEwsdde52TXzfRS53
f+sJe1PbPFSBEUcVziCkue/PrpsPtRxorBxJ1PbKTBSromJsOAy+Hxq+TmOuI1XB
MdZUYcqJwwhrvGNrEACqoxIo3+ffpWvhZvERU9jhXx8U9I9fZBjCYatzqluljsy6
ZBOfaqUZm6GOgd9xh0JmMhOkKBwsTSpa7wM9nLgf6tgBOufx2snFOVBfR4wUcH13
IMiNrPyv1YA56rHfcFa1F12Hz/ga
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:35 2024 by rpki-client on console-fra.rpki-client.org