Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/LBF3lFRqrAESwICCbBhEo1HqesE.roa
File: LBF3lFRqrAESwICCbBhEo1HqesE.roa (raw, json)
Hash identifier: 4OzNP+VWv9An/8BeJeXlnaUM9CMHyifhxkWYHknzaCk=
Subject key identifier: 2C:11:77:94:54:6A:AC:01:12:C0:80:82:6C:18:44:A3:51:EA:7A:C1
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01872654FC4C01D04E59159DA21336F46148
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/LBF3lFRqrAESwICCbBhEo1HqesE.roa
Signing time: Tue 28 Mar 2023 03:48:36 +0000
ROA not before: Tue 28 Mar 2023 03:48:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.12.0/23 maxlen: 24
83.147.216.0/23 maxlen: 24
83.147.217.0/24 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.222.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 08:31:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:26:54:fc:4c:01:d0:4e:59:15:9d:a2:13:36:f4:61:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 28 03:48:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c117794546aac0112c080826c1844a351ea7ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:df:30:7f:71:7c:d4:f3:f1:72:cd:d0:25:76:
a8:5c:ab:9a:39:07:aa:8e:4f:ef:ef:6d:59:ae:5a:
08:a7:7d:5b:57:d1:db:c4:e8:54:34:c5:9b:09:11:
72:02:74:0f:06:40:9a:d9:a6:f6:a0:e0:86:e2:5a:
52:8a:f8:de:6f:a0:27:21:7f:ad:a4:19:83:cc:7f:
07:5f:ce:2e:db:4d:2d:d9:1b:6f:1b:04:87:85:7f:
4f:43:fc:14:39:6e:d9:72:47:08:cf:2a:10:8c:15:
d3:05:0b:74:0e:77:b8:44:93:5d:0f:b0:6b:ad:c5:
ac:bb:a8:4a:64:6a:49:10:5d:3b:39:bf:68:6f:4a:
94:e7:f4:75:a2:15:2d:09:86:6d:f5:34:fe:76:03:
a9:0d:b5:ce:77:de:ee:ba:3c:48:4c:ae:d2:7f:ca:
8a:0d:06:6d:cc:d5:0e:1a:6b:bb:c8:40:c2:cd:2a:
da:8e:86:f0:36:f4:ca:89:0a:a2:91:34:05:84:64:
41:5b:b1:cb:7d:2a:a4:e4:70:e2:df:94:95:da:fc:
7e:2a:3f:f2:47:5a:ef:d3:22:36:fc:2b:2c:88:8e:
2b:3d:2c:71:48:e1:10:12:fe:09:2c:ee:39:96:11:
5f:5c:40:be:fe:e2:7d:ee:10:37:b0:81:84:c9:65:
b2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:11:77:94:54:6A:AC:01:12:C0:80:82:6C:18:44:A3:51:EA:7A:C1
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/LBF3lFRqrAESwICCbBhEo1HqesE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
94.241.168.0/21
178.253.12.0/23
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:a5:5b:a3:d8:98:b0:71:d7:16:93:f0:cf:a5:88:6a:fe:89:
c4:12:7d:f4:c3:c7:68:d7:c2:8f:2c:3a:8f:d6:1f:df:98:70:
86:30:fe:e7:81:64:28:23:ac:ae:7b:58:65:ba:ca:47:ff:aa:
6a:86:45:62:04:7e:9c:6d:11:6b:7c:51:9a:ea:57:04:6d:74:
01:2f:46:f5:66:73:83:11:91:10:f3:df:cd:3d:ce:38:d0:3b:
62:fe:b8:33:c6:84:58:9f:51:51:cf:f6:ab:52:70:23:d1:a7:
87:13:3d:79:24:b2:7d:a2:7a:df:d5:d0:26:18:56:c6:44:c6:
1c:cc:61:3a:57:66:ca:ad:ed:0f:c7:87:e0:8c:f6:93:1f:73:
d4:96:1b:71:19:59:96:b7:d4:e1:20:71:ef:f4:b9:b9:66:8b:
56:0f:ad:76:5d:7d:78:81:53:32:0c:69:d0:9c:61:61:1c:14:
f9:2d:0e:f0:7a:fb:5c:ec:59:76:0e:7a:40:73:6c:aa:9e:db:
dd:5e:a7:69:05:8b:a3:e9:1b:2a:5d:6f:e5:76:6d:1d:47:b4:
17:82:79:b3:38:39:b5:c4:72:34:11:c5:3a:64:c5:90:16:e3:
70:b9:a4:35:3e:46:51:18:12:14:2a:d5:23:cc:78:12:5a:48:
ef:5b:21:82
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYcmVPxMAdBOWRWdohM29GFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMzI4MDM0ODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzExNzc5NDU0NmFhYzAxMTJjMDgwODI2YzE4NDRhMzUxZWE3YWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd8wf3F81PPxcs3QJXaoXKuaOQeq
jk/v721ZrloIp31bV9HbxOhUNMWbCRFyAnQPBkCa2ab2oOCG4lpSivjeb6AnIX+t
pBmDzH8HX84u200t2RtvGwSHhX9PQ/wUOW7ZckcIzyoQjBXTBQt0Dne4RJNdD7Br
rcWsu6hKZGpJEF07Ob9ob0qU5/R1ohUtCYZt9TT+dgOpDbXOd97uujxITK7Sf8qK
DQZtzNUOGmu7yEDCzSrajobwNvTKiQqikTQFhGRBW7HLfSqk5HDi35SV2vx+Kj/y
R1rv0yI2/CssiI4rPSxxSOEQEv4JLO45lhFfXEC+/uJ97hA3sIGEyWWysQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCwRd5RUaqwBEsCAgmwYRKNR6nrBMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTEJGM2xGUnFyQUVTd0lDQ2JCaEVvMUhxZXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWAwQDXvGoAwQBsv0MAwQAsv0fAwQBsv00MA0G
CSqGSIb3DQEBCwUAA4IBAQBdpVuj2JiwcdcWk/DPpYhq/onEEn30w8do18KPLDqP
1h/fmHCGMP7ngWQoI6yue1hluspH/6pqhkViBH6cbRFrfFGa6lcEbXQBL0b1ZnOD
EZEQ89/NPc440Dti/rgzxoRYn1FRz/arUnAj0aeHEz15JLJ9onrf1dAmGFbGRMYc
zGE6V2bKre0Px4fgjPaTH3PUlhtxGVmWt9ThIHHv9Lm5ZotWD612XX14gVMyDGnQ
nGFhHBT5LQ7wevtc7Fl2DnpAc2yqntvdXqdpBYuj6RsqXW/ldm0dR7QXgnmzODm1
xHI0EcU6ZMWQFuNwuaQ1PkZRGBIUKtUjzHgSWkjvWyGC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org