Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/lqAQFNFYOldMqytUlrnv3Wgngis.roa
File: lqAQFNFYOldMqytUlrnv3Wgngis.roa (raw, json)
Hash identifier: WPHqEvu58LFnAwm6iuFJZZUQ6PlIpeiVclBfjt5s3CU=
Subject key identifier: 96:A0:10:14:D1:58:3A:57:4C:AB:2B:54:96:B9:EF:DD:68:27:82:2B
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 018C1BA0A35ABDF6C9B1E8FDF2A4396420CB
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/lqAQFNFYOldMqytUlrnv3Wgngis.roa
Signing time: Wed 29 Nov 2023 15:09:21 +0000
ROA not before: Wed 29 Nov 2023 15:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44534
IP address blocks: 95.108.164.0/24 maxlen: 24
95.108.168.0/22 maxlen: 22
95.108.170.0/24 maxlen: 24
37.140.168.0/24 maxlen: 24
95.108.177.0/24 maxlen: 24
95.108.178.0/24 maxlen: 24
37.140.173.0/24 maxlen: 24
95.108.198.0/23 maxlen: 23
5.255.232.0/24 maxlen: 24
5.255.236.0/22 maxlen: 22
87.250.232.0/24 maxlen: 24
87.250.238.0/24 maxlen: 24
178.154.152.0/24 maxlen: 24
93.158.155.0/24 maxlen: 24
5.45.209.0/24 maxlen: 24
5.45.212.0/24 maxlen: 24
93.158.185.0/24 maxlen: 24
93.158.184.0/24 maxlen: 24
93.158.186.0/24 maxlen: 24
87.250.242.0/24 maxlen: 24
90.156.176.0/20 maxlen: 24
90.156.176.0/24 maxlen: 24
77.88.52.0/23 maxlen: 23
77.88.61.0/24 maxlen: 24
93.158.187.0/24 maxlen: 24
93.158.190.0/24 maxlen: 24
77.88.42.0/23 maxlen: 23
213.180.201.0/24 maxlen: 24
2a02:6bf:8004::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:a0:a3:5a:bd:f6:c9:b1:e8:fd:f2:a4:39:64:20:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Nov 29 15:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96a01014d1583a574cab2b5496b9efdd6827822b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:da:fa:c5:3c:d7:c5:2b:f0:9f:92:fb:d7:c0:
1c:2e:01:56:6b:e1:13:ba:75:ff:ac:c1:d3:ac:ed:
34:c0:17:81:8a:5d:54:02:9f:66:db:9b:e4:9e:57:
18:e2:79:68:04:e9:0b:46:c1:81:74:30:02:87:0a:
12:43:4f:9d:74:2b:2f:84:e2:fc:35:52:78:11:9e:
78:93:e9:c3:a2:39:44:0d:fa:03:f5:45:93:d6:33:
76:77:2d:01:db:34:7d:a8:50:e4:14:eb:d8:ac:2b:
56:96:a3:e4:b2:c0:42:54:d7:a2:cb:41:d0:08:1f:
d6:a1:9a:ef:b5:29:5f:ac:db:8f:56:dd:69:a6:4f:
70:54:db:5d:11:fe:b1:a5:33:c6:1c:fa:7e:37:66:
72:72:b0:e5:b7:80:b4:1b:8e:7e:a9:9a:f0:ea:e4:
b4:26:57:2e:cd:46:a6:8c:5f:a9:7b:f6:9d:3b:bf:
b3:89:c3:7b:cf:14:5d:1f:8e:e8:14:ef:3d:93:d2:
fc:34:86:5d:8d:9d:05:14:0a:06:9d:25:8f:3b:94:
db:b8:e7:ab:e9:c5:24:bc:c3:b1:44:9d:fe:1f:94:
11:a4:ff:99:20:ab:2c:33:e8:aa:b8:81:ed:80:7e:
72:30:f0:73:36:41:9a:42:2b:ff:f8:cc:27:5c:24:
31:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A0:10:14:D1:58:3A:57:4C:AB:2B:54:96:B9:EF:DD:68:27:82:2B
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/lqAQFNFYOldMqytUlrnv3Wgngis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.209.0/24
5.45.212.0/24
5.255.232.0/24
5.255.236.0/22
37.140.168.0/24
37.140.173.0/24
77.88.42.0/23
77.88.52.0/23
77.88.61.0/24
87.250.232.0/24
87.250.238.0/24
87.250.242.0/24
90.156.176.0/20
93.158.155.0/24
93.158.184.0/22
93.158.190.0/24
95.108.164.0/24
95.108.168.0/22
95.108.177.0-95.108.178.255
95.108.198.0/23
178.154.152.0/24
213.180.201.0/24
IPv6:
2a02:6bf:8004::/48
Signature Algorithm: sha256WithRSAEncryption
0d:85:88:07:26:29:ac:36:d9:8e:46:cb:dd:66:41:a2:77:4a:
ed:a4:f6:89:29:cd:f2:d9:f9:ee:18:a1:58:f2:02:c5:7d:aa:
92:6e:fb:7c:41:f1:38:e9:fb:38:aa:1e:14:9d:b8:55:52:0c:
31:46:93:36:8e:04:5f:bf:4c:10:c8:96:78:27:8d:bc:78:2b:
59:d3:67:7a:7b:3e:45:ac:44:e6:1d:07:8b:f2:fa:d3:84:5b:
35:a3:8d:2d:31:05:5f:78:13:c0:c8:82:96:4c:a2:ef:e3:a2:
dc:50:23:bb:25:69:e3:7c:f8:6e:c3:cd:af:c8:3f:20:c8:ca:
65:1e:19:a9:34:80:28:b6:11:28:68:d6:71:50:58:6e:a0:59:
b0:b3:b0:fe:d8:6a:9b:ce:76:6b:c4:b8:46:61:9a:6a:9a:46:
07:40:f9:5b:8f:52:a7:95:c0:9d:69:a8:f6:7e:d4:5e:74:fa:
f8:4a:71:75:c1:eb:30:59:e4:d5:d8:6a:00:99:11:2e:27:cf:
ae:76:b7:50:00:27:a3:b7:1d:c1:a4:0e:bb:35:09:70:d2:15:
57:79:78:61:f7:1c:70:cd:13:82:d6:fe:bf:f8:c1:35:88:43:
11:c0:6a:e1:f5:e2:c1:b3:c3:c1:8d:e5:d6:fe:ea:60:ab:e1:
06:84:9c:cf
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYwboKNavfbJsej98qQ5ZCDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjMxMTI5MTUwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmEwMTAxNGQxNTgzYTU3NGNhYjJiNTQ5NmI5ZWZkZDY4Mjc4MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNr6xTzXxSvwn5L718AcLgFWa+ET
unX/rMHTrO00wBeBil1UAp9m25vknlcY4nloBOkLRsGBdDAChwoSQ0+ddCsvhOL8
NVJ4EZ54k+nDojlEDfoD9UWT1jN2dy0B2zR9qFDkFOvYrCtWlqPkssBCVNeiy0HQ
CB/WoZrvtSlfrNuPVt1ppk9wVNtdEf6xpTPGHPp+N2ZycrDlt4C0G45+qZrw6uS0
JlcuzUamjF+pe/adO7+zicN7zxRdH47oFO89k9L8NIZdjZ0FFAoGnSWPO5TbuOer
6cUkvMOxRJ3+H5QRpP+ZIKssM+iquIHtgH5yMPBzNkGaQiv/+MwnXCQxbQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFJagEBTRWDpXTKsrVJa5791oJ4IrMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvbHFBUUZORllPbGRNcXl0VWxybnYzV2duZ2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBkwQCAAEwgYwDBAAF
LdEDBAAFLdQDBAAF/+gDBAIF/+wDBAAljKgDBAAljK0DBAFNWCoDBAFNWDQDBABN
WD0DBABX+ugDBABX+u4DBABX+vIDBARanLADBABdnpsDBAJdnrgDBABdnr4DBABf
bKQDBAJfbKgwDAMEAF9ssQMEAF9ssgMEAV9sxgMEALKamAMEANW0yTAPBAIAAjAJ
AwcAKgIGv4AEMA0GCSqGSIb3DQEBCwUAA4IBAQANhYgHJimsNtmORsvdZkGid0rt
pPaJKc3y2fnuGKFY8gLFfaqSbvt8QfE46fs4qh4UnbhVUgwxRpM2jgRfv0wQyJZ4
J428eCtZ02d6ez5FrETmHQeL8vrThFs1o40tMQVfeBPAyIKWTKLv46LcUCO7JWnj
fPhuw82vyD8gyMplHhmpNIAothEoaNZxUFhuoFmws7D+2GqbznZrxLhGYZpqmkYH
QPlbj1KnlcCdaaj2ftRedPr4SnF1weswWeTV2GoAmREuJ8+udrdQACejtx3BpA67
NQlw0hVXeXhh9xxwzROC1v6/+ME1iEMRwGrh9eLBs8PBjeXW/upgq+EGhJzP
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:20 2024 by rpki-client on console-fra.rpki-client.org