Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Lxv57NLxT8ugLT8FN9OjZbd5dMU.roa
File: Lxv57NLxT8ugLT8FN9OjZbd5dMU.roa (raw, json)
Hash identifier: EwPzgoGs19SWtvDJ+d2pjxpyCdG1ozSSkMehaKoff8A=
Subject key identifier: 2F:1B:F9:EC:D2:F1:4F:CB:A0:2D:3F:05:37:D3:A3:65:B7:79:74:C5
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01890694590C5E733A9DE515D6D903C7A556
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Lxv57NLxT8ugLT8FN9OjZbd5dMU.roa
Signing time: Thu 29 Jun 2023 09:55:32 +0000
ROA not before: Thu 29 Jun 2023 09:55:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31287
IP address blocks: 77.78.152.0/21 maxlen: 21
77.78.154.0/24 maxlen: 24
77.78.153.0/24 maxlen: 24
77.78.159.0/24 maxlen: 24
185.46.163.0/24 maxlen: 24
185.46.160.0/22 maxlen: 22
85.187.205.0/24 maxlen: 24
85.187.206.0/24 maxlen: 24
85.187.204.0/24 maxlen: 24
85.187.207.0/24 maxlen: 24
85.187.222.0/24 maxlen: 24
85.187.232.0/24 maxlen: 24
85.187.248.0/24 maxlen: 24
185.72.58.0/24 maxlen: 24
80.72.64.0/24 maxlen: 24
151.237.91.0/24 maxlen: 24
80.72.72.0/24 maxlen: 24
151.237.92.0/24 maxlen: 24
151.237.93.0/24 maxlen: 24
195.85.215.0/24 maxlen: 24
151.237.29.0/24 maxlen: 24
185.200.40.0/22 maxlen: 22
85.187.42.0/24 maxlen: 24
85.187.50.0/24 maxlen: 24
85.187.63.0/24 maxlen: 24
85.187.62.0/24 maxlen: 24
46.55.252.0/22 maxlen: 22
46.55.252.0/24 maxlen: 24
46.55.253.0/24 maxlen: 24
151.237.128.0/24 maxlen: 24
85.187.4.0/24 maxlen: 24
85.187.3.0/24 maxlen: 24
85.187.6.0/24 maxlen: 24
85.187.8.0/24 maxlen: 24
85.187.10.0/23 maxlen: 23
85.187.15.0/24 maxlen: 24
85.187.18.0/24 maxlen: 24
85.187.20.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
46.55.254.0/24 maxlen: 24
2a01:9e40::/32 maxlen: 32
2a03:b540::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 29 Sep 2023 19:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:94:59:0c:5e:73:3a:9d:e5:15:d6:d9:03:c7:a5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jun 29 09:55:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f1bf9ecd2f14fcba02d3f0537d3a365b77974c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:aa:68:2c:b7:7f:49:03:a6:c1:45:d7:80:65:
cb:c7:41:ee:c0:28:f6:b6:4c:40:c1:60:00:78:b4:
28:f7:9a:9c:78:ad:11:32:1d:ee:30:ad:92:22:91:
b2:be:88:05:c1:15:c7:86:1f:72:a9:47:4d:68:6f:
ea:83:0b:13:73:a1:fa:53:59:17:a0:50:26:4e:fd:
ce:b1:da:b1:52:12:80:ae:62:db:2a:1f:c1:7b:df:
58:42:26:96:97:b4:0c:1f:b1:23:2e:be:01:9d:6a:
29:e3:29:61:cb:e6:9d:d4:c3:dd:00:c3:67:8d:76:
1e:20:bf:d7:cf:b2:54:e2:79:b5:7f:18:d7:83:09:
5d:6c:e9:7f:9e:5c:41:fa:20:e0:da:4f:c0:90:6a:
2e:28:1f:90:66:2b:0a:41:0f:c5:72:c3:60:44:1e:
e6:58:c8:1e:b8:07:5e:bb:97:41:a8:4b:4e:58:7f:
35:0c:6a:52:b8:91:a4:f1:7b:6a:87:65:f2:79:e3:
b2:26:2b:43:d9:29:9a:f1:5b:c4:be:5d:cc:af:e3:
61:0c:15:b7:ff:4b:65:4f:0e:01:fb:75:7c:73:5f:
71:59:56:94:73:60:ce:86:c4:3c:4d:a6:39:89:fa:
9a:a7:b6:72:57:79:f3:e8:aa:dd:dc:ff:c5:fd:e4:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1B:F9:EC:D2:F1:4F:CB:A0:2D:3F:05:37:D3:A3:65:B7:79:74:C5
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Lxv57NLxT8ugLT8FN9OjZbd5dMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.55.252.0/22
77.78.152.0/21
80.72.64.0/24
80.72.72.0/24
85.187.3.0-85.187.4.255
85.187.6.0/24
85.187.8.0/24
85.187.10.0/23
85.187.15.0/24
85.187.18.0/24
85.187.20.0/24
85.187.42.0/24
85.187.50.0/24
85.187.62.0/23
85.187.184.0/23
85.187.204.0/22
85.187.222.0/24
85.187.232.0/24
85.187.248.0/24
151.237.29.0/24
151.237.91.0-151.237.93.255
151.237.128.0/24
185.46.160.0/22
185.72.58.0/24
185.200.40.0/22
195.85.215.0/24
IPv6:
2a01:9e40::/32
2a03:b540::/32
Signature Algorithm: sha256WithRSAEncryption
6e:1c:62:e2:ab:e8:ff:06:44:e3:e8:8f:3d:76:db:54:31:25:
2d:5f:89:2b:97:94:f7:e0:88:f7:c0:5f:7d:82:18:3b:3b:33:
8a:a7:e0:3a:28:ad:b9:af:5c:94:73:db:c4:0a:e3:33:b1:9a:
44:9d:03:ac:aa:7e:f2:e9:ba:35:e2:ac:f9:59:d6:45:df:58:
67:81:94:ef:a2:26:90:84:3f:59:f7:a7:eb:f4:ce:4d:fe:9f:
fc:34:98:85:89:a6:f6:54:e5:5f:38:de:d9:87:65:49:5b:bf:
e1:53:f9:ef:2f:01:09:de:77:50:01:4e:6a:eb:7a:93:45:07:
c7:4c:89:99:ea:b1:ef:bf:2d:6f:e3:15:e8:4f:98:3b:f5:a4:
1c:dc:c8:75:11:f0:76:84:16:5b:e6:e0:b8:29:42:93:9a:29:
9b:49:73:ed:cd:07:ef:b3:3a:41:25:c0:4e:1f:6a:b0:c5:4e:
68:f4:40:c2:9e:d2:f9:85:5b:e3:05:b4:95:bf:cb:5d:55:10:
5b:3e:57:56:fe:82:27:06:b3:a7:4f:98:dc:45:b0:c7:27:66:
6f:10:90:27:81:76:c2:2c:64:5a:f1:38:10:0e:cb:cd:61:9a:
32:86:1d:c5:18:38:8f:fe:ff:1e:df:10:55:d8:63:0e:37:2a:
96:91:3d:cb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYkGlFkMXnM6neUV1tkDx6VWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwNjI5MDk1NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFiZjllY2QyZjE0ZmNiYTAyZDNmMDUzN2QzYTM2NWI3Nzk3NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtapoLLd/SQOmwUXXgGXLx0HuwCj2
tkxAwWAAeLQo95qceK0RMh3uMK2SIpGyvogFwRXHhh9yqUdNaG/qgwsTc6H6U1kX
oFAmTv3OsdqxUhKArmLbKh/Be99YQiaWl7QMH7EjLr4BnWop4ylhy+ad1MPdAMNn
jXYeIL/Xz7JU4nm1fxjXgwldbOl/nlxB+iDg2k/AkGouKB+QZisKQQ/FcsNgRB7m
WMgeuAdeu5dBqEtOWH81DGpSuJGk8Xtqh2XyeeOyJitD2Sma8VvEvl3Mr+NhDBW3
/0tlTw4B+3V8c19xWVaUc2DOhsQ8TaY5ifqap7ZyV3nz6Krd3P/F/eRTkQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFC8b+ezS8U/LoC0/BTfTo2W3eXTFMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvTHh2NTdOTHhUOHVnTFQ4Rk45T2paYmQ1ZE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBswQCAAEwgawDBAIu
N/wDBANNTpgDBABQSEADBABQSEgwDAMEAFW7AwMEAFW7BAMEAFW7BgMEAFW7CAME
AVW7CgMEAFW7DwMEAFW7EgMEAFW7FAMEAFW7KgMEAFW7MgMEAVW7PgMEAVW7uAME
AlW7zAMEAFW73gMEAFW76AMEAFW7+AMEAJftHTAMAwQAl+1bAwQBl+1cAwQAl+2A
AwQCuS6gAwQAuUg6AwQCucgoAwQAw1XXMBQEAgACMA4DBQAqAZ5AAwUAKgO1QDAN
BgkqhkiG9w0BAQsFAAOCAQEAbhxi4qvo/wZE4+iPPXbbVDElLV+JK5eU9+CI98Bf
fYIYOzsziqfgOiitua9clHPbxArjM7GaRJ0DrKp+8um6NeKs+VnWRd9YZ4GU76Im
kIQ/Wfen6/TOTf6f/DSYhYmm9lTlXzje2YdlSVu/4VP57y8BCd53UAFOaut6k0UH
x0yJmeqx778tb+MV6E+YO/WkHNzIdRHwdoQWW+bguClCk5opm0lz7c0H77M6QSXA
Th9qsMVOaPRAwp7S+YVb4wW0lb/LXVUQWz5XVv6CJwazp0+Y3EWwxydmbxCQJ4F2
wixkWvE4EA7LzWGaMoYdxRg4j/7/Ht8QVdhjDjcqlpE9yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:12 2024 by rpki-client on console-fra.rpki-client.org