Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LqtxIN9-LSBD0A9ifQ6IaH2rbIc.roa
File: LqtxIN9-LSBD0A9ifQ6IaH2rbIc.roa (raw, json)
Hash identifier: d2zEP7z3l531oWPnjEkVB0bfpalu66a2D9U3ItcSSNk=
Subject key identifier: 2E:AB:71:20:DF:7E:2D:20:43:D0:0F:62:7D:0E:88:68:7D:AB:6C:87
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B89F1A2184D8D593884E04E9D279FACB0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LqtxIN9-LSBD0A9ifQ6IaH2rbIc.roa
Signing time: Wed 01 Nov 2023 08:13:16 +0000
ROA not before: Wed 01 Nov 2023 08:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:f1:a2:18:4d:8d:59:38:84:e0:4e:9d:27:9f:ac:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 1 08:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eab7120df7e2d2043d00f627d0e88687dab6c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4c:21:2d:4c:5c:dc:73:e9:db:c0:d1:37:1d:
5b:1e:a1:23:bb:b1:fb:2e:01:31:27:77:3b:ab:cd:
7c:90:a5:1f:58:fe:d3:0e:0e:ad:3f:cc:e5:6a:ac:
5c:27:ef:1a:82:f0:4f:04:1d:f3:bf:d3:66:86:45:
18:60:07:ea:8a:60:1a:d5:31:a5:c2:54:3e:e4:77:
61:7f:e4:79:26:71:93:49:56:c5:e0:3b:ec:ed:7b:
56:8e:42:c1:54:5d:83:06:95:2e:11:5c:9c:2e:2b:
f2:1f:13:6c:5e:bb:c8:12:5b:bb:10:05:6d:5e:62:
7e:93:44:03:73:2f:2f:99:4f:9b:79:74:2f:43:01:
2c:10:cc:d7:bc:80:43:12:8c:bc:87:f2:7a:1d:c6:
a3:80:db:f9:22:c2:80:6f:22:4d:b5:2b:7f:bf:60:
5a:9c:ba:31:07:bf:e9:50:85:45:ac:fc:c6:9b:99:
5c:3d:3e:3a:de:f0:a7:f1:d8:83:0c:44:c7:66:4d:
1d:4d:39:ee:45:3f:8e:c0:af:08:31:68:30:41:06:
95:a2:bb:00:aa:13:36:33:00:dc:1e:d0:6d:a2:6d:
4b:ef:97:ae:4f:5b:9b:5b:ad:17:fa:cf:a8:c6:11:
ba:0e:f2:c2:47:a5:b5:ed:37:70:09:6f:6d:5f:07:
92:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AB:71:20:DF:7E:2D:20:43:D0:0F:62:7D:0E:88:68:7D:AB:6C:87
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LqtxIN9-LSBD0A9ifQ6IaH2rbIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.159.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:cd:7e:39:fa:66:fa:72:c8:85:b1:30:cd:b6:12:5d:0c:75:
58:da:a9:8b:80:e4:8f:00:a9:91:1e:a7:3e:b4:60:5e:b5:6e:
91:3d:3f:35:17:fb:f1:8e:9f:05:eb:6c:c8:d5:50:43:e0:54:
77:03:b0:96:f9:6b:31:1d:7e:28:a4:e1:1f:18:4a:b2:05:87:
3b:2c:e4:91:5e:3c:3a:36:f3:dd:a1:1c:3f:40:d6:9c:95:f9:
7b:e5:18:eb:5e:e1:3f:02:01:4e:5d:f1:7a:0b:49:c4:d2:ef:
2c:bd:d6:05:ec:92:5b:fc:01:62:5f:9a:f4:2a:67:50:36:c5:
cd:f7:50:f8:7d:21:ff:d3:92:88:d0:aa:ef:bc:e0:88:72:4c:
38:6c:cb:ce:e1:a0:21:ba:aa:ed:1a:e8:90:fd:3a:04:f9:fe:
08:a6:5d:1b:30:43:df:a4:87:85:ba:be:33:2a:c0:f7:7d:31:
ab:92:18:6b:dd:54:43:d3:92:5c:e9:4c:18:f1:fc:5d:51:b9:
b8:eb:cd:d8:ef:d8:63:ed:b7:b9:93:8c:a1:6e:90:04:be:fc:
75:db:92:43:bc:e4:d5:6e:de:6f:11:bf:73:66:19:10:67:95:
4a:4c:7d:70:2c:f4:e3:76:c7:c6:a3:a6:f9:05:11:18:07:c0:
1e:c9:da:f8
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYuJ8aIYTY1ZOITgTp0nn6ywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAxMDgxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWFiNzEyMGRmN2UyZDIwNDNkMDBmNjI3ZDBlODg2ODdkYWI2Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0whLUxc3HPp28DRNx1bHqEju7H7
LgExJ3c7q818kKUfWP7TDg6tP8zlaqxcJ+8agvBPBB3zv9NmhkUYYAfqimAa1TGl
wlQ+5Hdhf+R5JnGTSVbF4Dvs7XtWjkLBVF2DBpUuEVycLivyHxNsXrvIElu7EAVt
XmJ+k0QDcy8vmU+beXQvQwEsEMzXvIBDEoy8h/J6HcajgNv5IsKAbyJNtSt/v2Ba
nLoxB7/pUIVFrPzGm5lcPT463vCn8diDDETHZk0dTTnuRT+OwK8IMWgwQQaVorsA
qhM2MwDcHtBtom1L75euT1ubW60X+s+oxhG6DvLCR6W17TdwCW9tXweSzwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFC6rcSDffi0gQ9APYn0OiGh9q2yHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTHF0eElOOS1MU0JEMEE5aWZRNklhSDJyYkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAG81IQDBAC81J8DBAC8
1tEDBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAF7Nfjn6ZvpyyIWxMM22El0MdVjaqYuA5I8AqZEepz60YF61bpE9
PzUX+/GOnwXrbMjVUEPgVHcDsJb5azEdfiik4R8YSrIFhzss5JFePDo2892hHD9A
1pyV+XvlGOte4T8CAU5d8XoLScTS7yy91gXsklv8AWJfmvQqZ1A2xc33UPh9If/T
kojQqu+84IhyTDhsy87hoCG6qu0a6JD9OgT5/gimXRswQ9+kh4W6vjMqwPd9MauS
GGvdVEPTklzpTBjx/F1Rubjrzdjv2GPtt7mTjKFukAS+/HXbkkO85NVu3m8Rv3Nm
GRBnlUpMfXAs9ON2x8ajpvkFERgHwB7J2vg=
-----END CERTIFICATE-----
Generated at Fri Nov 3 10:00:20 2023 by rpki-client on console-fra.rpki-client.org