Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Lgz-725eisfeu7ULWRqO0ixcjyw.roa
File: Lgz-725eisfeu7ULWRqO0ixcjyw.roa (raw, json)
Hash identifier: ++BH8LNPN1qgRZ2JC3P/Lk1Ee7T2seyr/fwpsUoXOnE=
Subject key identifier: 2E:0C:FE:EF:6E:5E:8A:C7:DE:BB:B5:0B:59:1A:8E:D2:2C:5C:8F:2C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B2DCA04007422764FBFD67648D6BD1A36
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Lgz-725eisfeu7ULWRqO0ixcjyw.roa
Signing time: Sat 14 Oct 2023 10:44:55 +0000
ROA not before: Sat 14 Oct 2023 10:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.240.68.0/24 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:ca:04:00:74:22:76:4f:bf:d6:76:48:d6:bd:1a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 14 10:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e0cfeef6e5e8ac7debbb50b591a8ed22c5c8f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:19:54:6f:76:af:fb:1b:c8:ab:65:96:eb:96:
6a:46:c5:42:e2:72:2e:a7:49:f6:50:1f:d5:66:ab:
28:a5:c9:db:f7:84:77:c9:cd:6c:f3:01:bf:18:4d:
b7:da:90:9d:6a:f7:00:99:42:b1:02:0d:aa:8b:62:
45:b7:1a:9f:b3:93:6c:d2:ca:09:ed:ae:79:46:e2:
f0:62:ab:c8:55:7d:5c:d9:35:61:fb:09:13:28:d1:
e2:c8:2b:83:fa:0f:de:02:6b:cc:74:6e:d3:dd:64:
45:01:2d:8f:b9:51:f6:0f:58:68:5e:0c:62:86:94:
ab:61:1d:ff:0d:67:2b:e7:6a:5a:a2:79:62:5a:ae:
e8:9e:65:f8:70:51:ce:aa:9b:e3:9e:77:52:c3:e8:
be:b0:dd:01:93:29:41:28:05:62:68:cb:5c:1b:29:
4d:37:79:a4:0b:c9:b6:72:35:3f:41:23:89:ed:b6:
a1:e6:a8:65:62:af:1b:84:3c:84:cc:18:95:67:e8:
85:9c:66:e4:bc:5b:0c:f1:fe:48:90:6b:96:71:36:
75:a4:2b:03:fa:9b:78:1d:5a:c9:dd:fe:f3:4d:66:
43:cc:9a:13:67:1f:2d:75:8a:0b:04:8b:df:93:3b:
f4:17:e7:c3:7d:36:9c:2d:f1:24:09:44:73:10:fe:
75:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0C:FE:EF:6E:5E:8A:C7:DE:BB:B5:0B:59:1A:8E:D2:2C:5C:8F:2C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Lgz-725eisfeu7ULWRqO0ixcjyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.159.0/24
188.213.202.0/23
188.214.209.0/24
188.240.68.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
58:75:f1:7e:df:9d:a8:c0:0e:5a:fc:2c:ff:df:26:4d:31:c1:
16:69:9d:a1:73:a6:0c:c1:83:5a:c7:46:d7:0d:99:ba:d6:99:
9c:40:3f:9d:c2:5a:7c:34:47:68:75:a2:c0:b8:13:be:6e:c8:
dc:21:1b:e9:95:9d:e5:b8:0a:ee:aa:c1:7d:c2:ab:63:bc:8c:
df:5f:cb:e1:25:82:ef:8c:c3:e4:72:17:e1:49:ec:ca:46:f7:
8f:b0:b2:f9:8a:5f:7a:67:83:db:53:b7:8e:ce:db:e0:2f:56:
ed:3b:41:4b:51:b4:7f:b0:b7:d7:c8:8e:b5:84:08:1c:af:46:
f7:1e:79:d0:fb:c7:b4:14:ab:fd:bd:7d:e1:5d:d3:bf:6d:71:
ef:fe:43:91:e8:e0:c4:bb:e3:86:1d:44:fc:a8:cf:a4:ef:b8:
f4:7b:dd:ab:3b:98:aa:86:06:45:06:60:1d:3d:6f:08:91:95:
12:3d:e4:f1:69:ce:69:bf:dd:4e:f8:b9:e5:ad:0f:1d:01:a4:
b1:2d:0e:55:19:61:d7:60:fc:22:43:77:9c:6f:73:f8:6e:d1:
e0:ff:66:5f:a3:6a:63:45:b9:7a:ec:ce:7e:1a:f9:b2:33:fe:
d3:7b:68:f6:90:7d:d4:d9:b4:c8:dd:6f:c8:2c:77:6c:63:84:
90:6d:a3:f8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYstygQAdCJ2T7/WdkjWvRo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDE0MTA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTBjZmVlZjZlNWU4YWM3ZGViYmI1MGI1OTFhOGVkMjJjNWM4ZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBlUb3av+xvIq2WW65ZqRsVC4nIu
p0n2UB/VZqsopcnb94R3yc1s8wG/GE232pCdavcAmUKxAg2qi2JFtxqfs5Ns0soJ
7a55RuLwYqvIVX1c2TVh+wkTKNHiyCuD+g/eAmvMdG7T3WRFAS2PuVH2D1hoXgxi
hpSrYR3/DWcr52paonliWq7onmX4cFHOqpvjnndSw+i+sN0BkylBKAViaMtcGylN
N3mkC8m2cjU/QSOJ7bah5qhlYq8bhDyEzBiVZ+iFnGbkvFsM8f5IkGuWcTZ1pCsD
+pt4HVrJ3f7zTWZDzJoTZx8tdYoLBIvfkzv0F+fDfTacLfEkCURzEP51CQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFC4M/u9uXorH3ru1C1kajtIsXI8sMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTGd6LTcyNWVpc2ZldTdVTFdScU8waXhjanl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC8
1JsDBAC81J8DBAG81coDBAC81tEDBAC88EQDBAG88OADBAC88OMDBAC88OkDBAG8
8fIDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBAFh18X7fnajADlr8LP/f
Jk0xwRZpnaFzpgzBg1rHRtcNmbrWmZxAP53CWnw0R2h1osC4E75uyNwhG+mVneW4
Cu6qwX3Cq2O8jN9fy+Elgu+Mw+RyF+FJ7MpG94+wsvmKX3png9tTt47O2+AvVu07
QUtRtH+wt9fIjrWECByvRvceedD7x7QUq/29feFd079tce/+Q5Ho4MS744YdRPyo
z6TvuPR73as7mKqGBkUGYB09bwiRlRI95PFpzmm/3U74ueWtDx0BpLEtDlUZYddg
/CJDd5xvc/hu0eD/Zl+jamNFuXrszn4a+bIz/tN7aPaQfdTZtMjdb8gsd2xjhJBt
o/g=
-----END CERTIFICATE-----
Generated at Mon Oct 16 16:57:51 2023 by rpki-client on console-ams.rpki-client.org