Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/LNdWxHScrkdnCgcGTmrKnN65YqE.roa
File: LNdWxHScrkdnCgcGTmrKnN65YqE.roa (raw, json)
Hash identifier: LIdwn4ahw+wUol3L9dXmig6NzKoRSUOG77uBWbiTXWw=
Subject key identifier: 2C:D7:56:C4:74:9C:AE:47:67:0A:07:06:4E:6A:CA:9C:DE:B9:62:A1
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 0187938507458018AE8114939B8FBDA95100
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/LNdWxHScrkdnCgcGTmrKnN65YqE.roa
Signing time: Tue 18 Apr 2023 08:39:41 +0000
ROA not before: Tue 18 Apr 2023 08:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8784
IP address blocks: 194.117.211.0/24 maxlen: 24
194.117.208.0/24 maxlen: 24
194.117.208.0/20 maxlen: 20
194.117.219.0/24 maxlen: 24
194.117.216.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
195.46.198.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.193.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
194.153.214.0/24 maxlen: 24
83.169.120.0/24 maxlen: 24
83.169.120.0/22 maxlen: 22
83.169.119.0/24 maxlen: 24
83.169.125.0/24 maxlen: 24
83.169.124.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.70.0/23 maxlen: 23
83.169.70.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.67.0/24 maxlen: 24
83.169.66.0/24 maxlen: 24
83.169.64.0/18 maxlen: 18
83.169.73.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.83.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.89.0/24 maxlen: 24
83.169.92.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.100.0/24 maxlen: 24
83.169.100.0/22 maxlen: 22
83.169.118.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.116.0/22 maxlen: 22
83.169.116.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.114.0/23 maxlen: 23
83.169.114.0/24 maxlen: 24
213.139.96.0/19 maxlen: 19
213.139.112.0/24 maxlen: 24
213.139.111.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
212.37.192.0/19 maxlen: 19
83.169.64.0/23 maxlen: 23
2a02:d50::/32 maxlen: 32
2001:4b90::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:85:07:45:80:18:ae:81:14:93:9b:8f:bd:a9:51:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Apr 18 08:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cd756c4749cae47670a07064e6aca9cdeb962a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f0:7a:1e:3b:23:fe:68:0e:ba:08:e6:b1:6a:
98:06:ca:f7:9c:89:93:a9:68:7e:a5:8d:a9:3c:dd:
f9:58:90:8a:66:ac:db:f2:c1:0e:67:b6:a7:e4:de:
95:6d:61:e4:74:61:5d:8f:d4:a4:48:54:7a:dd:d0:
6a:5a:23:4a:06:e2:ca:0b:df:a7:02:4f:23:6f:25:
00:4a:64:11:f1:d9:e4:a3:98:0b:02:b4:78:60:82:
7d:55:5a:74:5a:2c:f3:ea:eb:77:7a:45:5b:2a:a0:
d6:cf:a3:da:83:86:c0:33:18:e1:1d:b0:61:f0:8b:
c8:6a:eb:73:8c:ca:75:9a:4d:0a:e8:f3:8e:d8:c0:
aa:61:e0:49:48:79:83:63:c0:aa:fc:c5:da:42:a8:
6d:10:6c:f2:98:32:11:e3:48:f6:16:c1:04:dc:6c:
5f:2c:a2:bd:37:fa:14:ed:35:38:12:8a:dd:5a:2e:
86:5c:7b:91:40:b6:02:d3:db:7e:e9:6b:0b:81:75:
9e:74:76:cb:73:f9:3e:c5:44:a0:86:77:67:aa:7b:
a0:82:c9:a2:1f:0d:a5:51:72:b0:c0:33:38:01:aa:
33:7c:cb:f4:0d:70:c9:d4:0e:99:cb:27:de:59:c3:
b4:c8:1f:60:4f:e9:11:fc:bc:cc:5d:ad:d4:01:58:
bb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D7:56:C4:74:9C:AE:47:67:0A:07:06:4E:6A:CA:9C:DE:B9:62:A1
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/LNdWxHScrkdnCgcGTmrKnN65YqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
6d:36:8d:82:67:be:60:b1:04:fa:89:bc:bf:60:87:80:93:7e:
b2:c7:df:c3:2f:55:94:94:ec:ac:3c:b3:53:8f:76:6c:26:74:
a7:0f:8b:d5:4d:82:44:e4:cb:0f:6f:95:71:96:cd:69:21:75:
04:39:db:c3:17:f8:77:75:21:c5:dd:eb:0e:ad:bd:39:5d:f2:
45:9a:15:96:28:d7:6c:eb:44:34:6a:cf:f0:b6:07:ed:96:03:
29:28:1a:da:a4:89:eb:62:79:ae:54:71:27:28:f5:b9:26:17:
04:37:14:7c:26:77:07:75:84:a9:30:d8:fa:70:b9:75:50:02:
d8:92:bb:d9:b8:ab:0b:f9:70:2a:40:b0:7a:fd:a6:51:36:6f:
4b:58:9c:05:58:b0:95:db:43:64:e8:62:32:05:b0:83:14:4c:
6e:54:03:8c:e5:cf:18:5b:c9:cb:d0:f0:6b:8e:f7:aa:ab:42:
75:64:47:f8:a1:9e:36:45:0e:81:15:29:81:b8:e5:65:7e:31:
e2:42:49:b5:a2:6a:2c:14:83:7a:da:0b:19:ad:f2:07:1a:be:
27:75:e5:2f:5e:60:13:ac:6e:3e:73:c0:1e:f4:b2:bf:58:be:
cc:5f:0d:fc:70:2c:52:d1:42:02:4b:9c:c1:7b:1c:87:8c:ee:
b2:e9:f0:53
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYeThQdFgBiugRSTm4+9qVEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjMwNDE4MDgzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q3NTZjNDc0OWNhZTQ3NjcwYTA3MDY0ZTZhY2E5Y2RlYjk2MmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvB6Hjsj/mgOugjmsWqYBsr3nImT
qWh+pY2pPN35WJCKZqzb8sEOZ7an5N6VbWHkdGFdj9SkSFR63dBqWiNKBuLKC9+n
Ak8jbyUASmQR8dnko5gLArR4YIJ9VVp0Wizz6ut3ekVbKqDWz6Pag4bAMxjhHbBh
8IvIautzjMp1mk0K6POO2MCqYeBJSHmDY8Cq/MXaQqhtEGzymDIR40j2FsEE3Gxf
LKK9N/oU7TU4EordWi6GXHuRQLYC09t+6WsLgXWedHbLc/k+xUSghndnqnuggsmi
Hw2lUXKwwDM4AaozfMv0DXDJ1A6ZyyfeWcO0yB9gT+kR/LzMXa3UAVi7JwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCzXVsR0nK5HZwoHBk5qypzeuWKhMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvTE5kV3hIU2Nya2RuQ2djR1RtcktuTjY1WXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEAbTaNgme+YLEE+om8v2CHgJN+ssff
wy9VlJTsrDyzU492bCZ0pw+L1U2CROTLD2+VcZbNaSF1BDnbwxf4d3Uhxd3rDq29
OV3yRZoVlijXbOtENGrP8LYH7ZYDKSga2qSJ62J5rlRxJyj1uSYXBDcUfCZ3B3WE
qTDY+nC5dVAC2JK72birC/lwKkCwev2mUTZvS1icBViwldtDZOhiMgWwgxRMblQD
jOXPGFvJy9Dwa473qqtCdWRH+KGeNkUOgRUpgbjlZX4x4kJJtaJqLBSDetoLGa3y
Bxq+J3XlL15gE6xuPnPAHvSyv1i+zF8N/HAsUtFCAkucwXsch4zusunwUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:40 2024 by rpki-client on console-fra.rpki-client.org