Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LfveMBI9PfQCuY_BSatWqesy4GE.roa
File: LfveMBI9PfQCuY_BSatWqesy4GE.roa (raw, json)
Hash identifier: bWcSYCmwSSKqQHrZ0I1p0rroMl1ChgiUUPsiXY9qkhY=
Subject key identifier: 2D:FB:DE:30:12:3D:3D:F4:02:B9:8F:C1:49:AB:56:A9:EB:32:E0:61
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D3613EED6656BC86186C38143521D9D40
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LfveMBI9PfQCuY_BSatWqesy4GE.roa
Signing time: Tue 23 Jan 2024 11:28:12 +0000
ROA not before: Tue 23 Jan 2024 11:28:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.230.65.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 12:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:13:ee:d6:65:6b:c8:61:86:c3:81:43:52:1d:9d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 23 11:28:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dfbde30123d3df402b98fc149ab56a9eb32e061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:42:56:25:c9:96:55:5f:02:15:26:2b:0c:c7:
94:e2:5d:60:f7:94:0c:79:d0:08:14:44:f2:40:ee:
d9:07:46:c2:db:37:de:0c:f0:aa:bf:a6:72:77:a3:
67:a3:f2:22:d9:48:57:be:91:c5:b3:46:c0:24:12:
39:aa:71:98:16:2c:07:ef:26:81:54:7f:f2:13:ec:
ee:f4:6e:3d:08:61:d7:17:93:8d:04:8b:cf:60:0a:
45:d0:c6:26:fd:a5:ad:d5:d9:c9:ea:55:b7:79:f9:
ed:c4:b8:4b:6f:92:ec:99:c6:8f:f8:02:e3:8c:6a:
97:61:b0:15:85:8d:7b:11:0b:37:fb:51:ac:7c:2e:
e0:e6:12:84:71:6f:af:c9:ff:c3:5f:d9:44:11:fd:
f9:88:93:33:1d:43:4e:50:93:1e:ce:4c:63:67:a8:
17:38:ef:99:c4:f6:5c:0b:dd:44:8b:38:04:47:90:
c0:f5:cc:f6:b3:4a:bd:2b:ee:00:08:0a:aa:95:fa:
ca:09:0a:3a:4d:9c:ed:e4:f8:67:ba:d7:fb:dc:d9:
44:2d:46:99:9c:b6:8b:e0:e6:ad:bc:dd:82:02:43:
41:48:39:cf:df:8f:8b:97:9d:64:de:00:bb:cf:ac:
f9:e2:fa:7b:69:44:69:5d:df:90:63:f7:28:aa:53:
c5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FB:DE:30:12:3D:3D:F4:02:B9:8F:C1:49:AB:56:A9:EB:32:E0:61
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LfveMBI9PfQCuY_BSatWqesy4GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.223.80.0/24
185.225.0.0/24
185.230.65.0/24
185.251.231.0/24
193.8.114.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ac:41:52:6f:60:6e:63:36:4b:75:22:cc:c9:40:dd:8f:4f:
4b:ef:06:f5:64:ed:d7:07:19:31:88:a7:9e:75:3b:0b:2d:c0:
9d:e5:af:29:51:43:2a:47:3a:78:60:15:12:c6:43:b5:d9:9b:
62:aa:33:89:6a:47:00:10:16:0d:a8:9b:42:c4:a4:a5:53:50:
44:d4:29:9f:50:a5:9a:5b:23:de:a2:5f:2d:d1:95:ce:78:07:
3e:cb:20:f7:76:50:c4:cd:14:9d:19:2a:ac:f0:ef:21:d3:48:
1a:0a:af:95:99:b5:5e:3a:a4:22:9a:17:4d:fc:93:4c:7f:d4:
74:3f:11:de:ae:41:23:49:eb:b4:f6:96:31:a2:7b:85:e2:2d:
b2:26:a2:c0:a5:ff:c0:5e:45:5d:7c:b2:d9:88:db:c6:66:29:
5a:25:81:c7:ad:ce:05:07:a5:fc:b0:7b:de:44:35:d4:73:7c:
c7:db:d7:e1:3d:81:fb:88:ba:53:73:fb:4c:a0:c4:16:d6:ef:
1e:4b:05:4b:72:98:c0:4e:97:39:e7:f6:e7:99:3a:a4:a1:12:
99:e5:a8:9d:5a:6c:71:ad:82:3d:a0:69:15:b5:79:3f:8a:1e:
e8:39:82:a0:42:7a:f9:4b:04:00:b1:6c:c3:fb:56:ac:7d:da:
25:a8:d0:89
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY02E+7WZWvIYYbDgUNSHZ1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTIzMTEyODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZiZGUzMDEyM2QzZGY0MDJiOThmYzE0OWFiNTZhOWViMzJlMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEJWJcmWVV8CFSYrDMeU4l1g95QM
edAIFETyQO7ZB0bC2zfeDPCqv6Zyd6Nno/Ii2UhXvpHFs0bAJBI5qnGYFiwH7yaB
VH/yE+zu9G49CGHXF5ONBIvPYApF0MYm/aWt1dnJ6lW3efntxLhLb5LsmcaP+ALj
jGqXYbAVhY17EQs3+1GsfC7g5hKEcW+vyf/DX9lEEf35iJMzHUNOUJMezkxjZ6gX
OO+ZxPZcC91EizgER5DA9cz2s0q9K+4ACAqqlfrKCQo6TZzt5Phnutf73NlELUaZ
nLaL4OatvN2CAkNBSDnP34+Ll51k3gC7z6z54vp7aURpXd+QY/coqlPFwwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFC373jASPT30ArmPwUmrVqnrMuBhMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTGZ2ZU1CSTlQZlFDdVlfQlNhdFdxZXN5NEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAsH34AwQA
udLoAwQAudZmAwQAud9QAwQAueEAAwQAueZBAwQAufvnAwQAwQhyAwQAwkysMA0G
CSqGSIb3DQEBCwUAA4IBAQADrEFSb2BuYzZLdSLMyUDdj09L7wb1ZO3XBxkxiKee
dTsLLcCd5a8pUUMqRzp4YBUSxkO12ZtiqjOJakcAEBYNqJtCxKSlU1BE1CmfUKWa
WyPeol8t0ZXOeAc+yyD3dlDEzRSdGSqs8O8h00gaCq+VmbVeOqQimhdN/JNMf9R0
PxHerkEjSeu09pYxonuF4i2yJqLApf/AXkVdfLLZiNvGZilaJYHHrc4FB6X8sHve
RDXUc3zH29fhPYH7iLpTc/tMoMQW1u8eSwVLcpjATpc55/bnmTqkoRKZ5aidWmxx
rYI9oGkVtXk/ih7oOYKgQnr5SwQAsWzD+1asfdolqNCJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org