Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ldzo69zqe8g18mTizo-BqDKomJw.roa
File: ldzo69zqe8g18mTizo-BqDKomJw.roa (raw, json)
Hash identifier: teQPh0g+K0HKpdLi5C86UaxWBcQ5uS8ai2KeODB3P28=
Subject key identifier: 95:DC:E8:EB:DC:EA:7B:C8:35:F2:64:E2:CE:8F:81:A8:32:A8:98:9C
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01864172CE02FBAF18640C73878B20DEC9D0
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ldzo69zqe8g18mTizo-BqDKomJw.roa
Signing time: Sat 11 Feb 2023 17:08:08 +0000
ROA not before: Sat 11 Feb 2023 17:08:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31102
IP address blocks: 89.44.108.0/24 maxlen: 24
86.107.52.0/24 maxlen: 24
188.241.134.0/23 maxlen: 23
89.42.9.0/24 maxlen: 24
188.240.202.0/23 maxlen: 23
89.47.255.0/24 maxlen: 24
92.114.39.0/24 maxlen: 24
92.114.52.0/24 maxlen: 24
188.215.70.0/23 maxlen: 23
86.107.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:41:72:ce:02:fb:af:18:64:0c:73:87:8b:20:de:c9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Feb 11 17:08:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95dce8ebdcea7bc835f264e2ce8f81a832a8989c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:27:3c:64:42:52:8c:61:46:a4:d5:dd:04:b4:
42:53:21:8b:30:13:2a:d8:48:d3:61:b9:57:8a:46:
3b:20:8e:a9:e7:f0:92:f5:6c:be:c6:e1:fe:ad:90:
0e:f2:51:b7:b4:a9:81:70:27:db:dd:e4:5a:30:8c:
08:01:c0:99:fc:55:03:a0:5f:1f:6c:a6:08:00:23:
9f:d8:99:d6:16:cb:ff:8f:49:9c:5c:ad:99:ec:ed:
47:89:f0:3c:01:2a:dd:cf:37:11:71:78:74:26:ee:
ac:67:52:13:da:91:d0:5a:05:27:d3:99:82:8b:eb:
19:e4:4a:46:5f:8b:5c:a8:75:8c:c8:48:b7:68:ff:
27:3f:4e:29:ec:f1:88:c8:cb:8a:6b:27:69:75:18:
07:42:52:b4:5b:3e:fc:31:3b:96:4b:46:36:23:02:
50:5b:1e:79:e9:99:94:1c:66:19:29:26:55:f8:1a:
40:fb:12:88:a3:8d:f1:74:47:96:0b:51:27:4c:84:
37:80:1b:c3:33:61:25:99:e4:52:e1:ec:07:93:c6:
93:a3:a6:8b:89:47:5e:d5:21:85:cc:57:74:5c:46:
b9:7b:9f:09:1f:42:99:23:1a:ac:b4:5b:f4:1c:32:
ec:ea:ff:11:41:97:c9:37:a3:6c:b8:a1:6d:ff:3f:
26:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DC:E8:EB:DC:EA:7B:C8:35:F2:64:E2:CE:8F:81:A8:32:A8:98:9C
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ldzo69zqe8g18mTizo-BqDKomJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.20.0/24
86.107.52.0/24
89.42.9.0/24
89.44.108.0/24
89.47.255.0/24
92.114.39.0/24
92.114.52.0/24
188.215.70.0/23
188.240.202.0/23
188.241.134.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:2d:b8:88:b3:05:3a:53:02:38:2d:02:c0:a1:44:2b:f2:29:
00:e2:57:b3:b2:24:75:7d:9c:36:b9:55:52:b2:c9:33:23:30:
3b:93:89:2d:be:3e:0e:39:7f:f5:68:a5:7b:9d:da:26:25:60:
5e:66:64:b0:71:15:0f:e9:db:8b:18:06:8d:ad:9a:ba:9e:3c:
4a:93:45:d2:85:cf:67:a3:0d:fc:b8:88:9f:39:e8:93:b9:8a:
f7:6e:45:02:ba:af:69:7f:70:41:4b:b7:11:f7:87:1f:e7:0a:
74:29:63:65:14:96:3e:f8:e8:f0:08:28:70:5f:29:c1:6d:96:
7e:f7:cb:13:44:40:2f:80:19:5d:9a:3b:43:9b:a1:d1:8b:b8:
55:d8:49:de:41:eb:6a:9a:f8:b8:47:9c:65:0f:53:4f:71:21:
aa:eb:5b:ce:0f:c0:07:2f:bc:12:97:c5:0e:16:81:4a:85:06:
9e:e3:a7:54:71:ee:17:1c:c7:13:f5:13:ff:7b:11:41:18:eb:
bf:37:5e:16:1a:cf:1b:4c:ab:67:16:8a:ab:33:92:84:3c:0b:
08:d1:30:57:53:ac:e7:d7:6d:f8:16:6e:3d:b8:28:27:71:70:
67:19:73:4f:04:47:e4:81:5f:fc:4e:b0:6a:de:9a:e7:a0:22:
01:35:50:0d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYZBcs4C+68YZAxzh4sg3snQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMjExMTcwODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRjZThlYmRjZWE3YmM4MzVmMjY0ZTJjZThmODFhODMyYTg5ODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyc8ZEJSjGFGpNXdBLRCUyGLMBMq
2EjTYblXikY7II6p5/CS9Wy+xuH+rZAO8lG3tKmBcCfb3eRaMIwIAcCZ/FUDoF8f
bKYIACOf2JnWFsv/j0mcXK2Z7O1HifA8ASrdzzcRcXh0Ju6sZ1IT2pHQWgUn05mC
i+sZ5EpGX4tcqHWMyEi3aP8nP04p7PGIyMuKaydpdRgHQlK0Wz78MTuWS0Y2IwJQ
Wx556ZmUHGYZKSZV+BpA+xKIo43xdEeWC1EnTIQ3gBvDM2ElmeRS4ewHk8aTo6aL
iUde1SGFzFd0XEa5e58JH0KZIxqstFv0HDLs6v8RQZfJN6NsuKFt/z8moQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJXc6Ovc6nvINfJk4s6PgagyqJicMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvbGR6bzY5enFlOGcxOG1UaXpvLUJxREtvbUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVmsUAwQA
Vms0AwQAWSoJAwQAWSxsAwQAWS//AwQAXHInAwQAXHI0AwQBvNdGAwQBvPDKAwQB
vPGGMA0GCSqGSIb3DQEBCwUAA4IBAQBbLbiIswU6UwI4LQLAoUQr8ikA4lezsiR1
fZw2uVVSsskzIzA7k4ktvj4OOX/1aKV7ndomJWBeZmSwcRUP6duLGAaNrZq6njxK
k0XShc9now38uIifOeiTuYr3bkUCuq9pf3BBS7cR94cf5wp0KWNlFJY++OjwCChw
XynBbZZ+98sTREAvgBldmjtDm6HRi7hV2EneQetqmvi4R5xlD1NPcSGq61vOD8AH
L7wSl8UOFoFKhQae46dUce4XHMcT9RP/exFBGOu/N14WGs8bTKtnFoqrM5KEPAsI
0TBXU6zn1234Fm49uCgncXBnGXNPBEfkgV/8TrBq3prnoCIBNVAN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:41 2024 by rpki-client on console-ams.rpki-client.org