Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lvmZ3mKmwgNhUoVwyyHcndpvp5g.roa
File: lvmZ3mKmwgNhUoVwyyHcndpvp5g.roa (raw, json)
Hash identifier: 9SoXPOuafa3OalSQIbdG6G/ksNVsUfpLaVHNO3H4YMQ=
Subject key identifier: 96:F9:99:DE:62:A6:C2:03:61:52:85:70:CB:21:DC:9D:DA:6F:A7:98
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C79A85DE7F1AC94F53CD6216B5D916038
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lvmZ3mKmwgNhUoVwyyHcndpvp5g.roa
Signing time: Sun 17 Dec 2023 21:22:06 +0000
ROA not before: Sun 17 Dec 2023 21:22:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.209.36.0/23 maxlen: 24
185.218.102.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Dec 2023 07:58:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:a8:5d:e7:f1:ac:94:f5:3c:d6:21:6b:5d:91:60:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 17 21:22:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96f999de62a6c20361528570cb21dc9dda6fa798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e0:a4:53:31:fe:7e:b0:12:09:54:ee:f6:9c:
fc:3d:df:34:78:fd:84:de:e8:5a:5a:66:15:48:96:
61:1a:8a:75:4a:27:62:a6:63:55:9b:1c:4b:7b:ea:
31:65:0f:b7:40:3b:20:b5:98:cd:b7:02:21:f8:1c:
89:4c:bb:c4:e7:d6:a2:51:9e:22:ee:50:b5:ce:89:
55:17:92:bf:dd:07:8a:88:22:9e:7b:c2:1c:f5:19:
58:3f:bc:c9:1d:99:a7:f5:94:f6:27:55:6c:fc:fa:
f6:fa:2c:58:3a:37:d7:15:c0:35:1a:9f:c6:94:d1:
51:1f:24:43:fd:02:32:e9:13:64:e3:ce:6f:b4:39:
d7:dc:8b:0e:7d:be:b3:87:a3:fa:6a:4f:13:da:7a:
cc:15:fd:6f:64:f4:4d:04:6c:a3:0e:c2:be:d1:d1:
62:d1:4e:4c:00:2d:a0:64:ce:a0:2b:2d:07:9d:36:
ec:13:74:dd:09:23:df:dc:06:39:2d:fd:b9:42:ff:
98:c5:48:f9:11:23:93:74:22:a1:d4:11:38:46:10:
ff:76:40:3e:2d:77:29:2a:85:09:95:95:20:81:6b:
6c:41:1c:2f:95:d4:33:06:ec:73:9f:24:a9:1c:3c:
59:28:ae:28:d3:ac:67:4a:97:e6:ea:3a:b0:60:c0:
2c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F9:99:DE:62:A6:C2:03:61:52:85:70:CB:21:DC:9D:DA:6F:A7:98
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lvmZ3mKmwgNhUoVwyyHcndpvp5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.226.105.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
82:55:81:75:b2:c6:b4:dc:b2:dd:b2:4c:fd:0f:25:62:fc:8c:
3b:dd:6f:8a:8e:78:7b:00:9f:d9:ae:48:81:e7:67:cc:e1:56:
fa:e0:8e:fe:e8:3b:d8:45:1b:48:80:db:6b:c1:e2:b9:c8:43:
3c:3e:39:99:95:b7:96:ac:a2:32:8d:2e:64:d1:63:ce:1f:6c:
01:3b:61:b1:1f:89:30:6b:2c:59:0e:04:7d:f7:4a:9e:68:21:
5e:9a:bc:37:73:74:c1:6b:f8:8f:48:28:7b:ba:af:c4:7d:38:
01:59:f5:9f:30:db:a4:68:d3:4d:ec:6e:b6:7a:b6:bb:89:fb:
30:31:f5:12:d0:e2:ba:56:bc:0b:55:c4:86:4f:e2:66:0b:31:
ca:1e:6a:8c:a2:69:58:5d:64:15:4b:40:c0:ab:03:b6:90:74:
6f:c3:51:13:6c:60:96:c8:00:cf:6e:3a:45:e8:3e:f5:1c:76:
73:1d:65:f4:c0:19:49:7d:71:99:26:c2:3a:f2:e3:cf:3d:e6:
18:3a:9a:76:0a:c4:7e:26:85:a9:3a:59:41:eb:a8:7a:e6:2a:
56:21:90:7d:26:8c:b3:1c:62:ee:a0:fe:b5:90:ec:09:c9:ad:
9e:ff:1a:6d:93:7e:16:f9:90:3f:1c:c9:8f:e9:34:d4:ae:50:
40:1a:88:cb
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYx5qF3n8ayU9TzWIWtdkWA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjE3MjEyMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY5OTlkZTYyYTZjMjAzNjE1Mjg1NzBjYjIxZGM5ZGRhNmZhNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOCkUzH+frASCVTu9pz8Pd80eP2E
3uhaWmYVSJZhGop1SidipmNVmxxLe+oxZQ+3QDsgtZjNtwIh+ByJTLvE59aiUZ4i
7lC1zolVF5K/3QeKiCKee8Ic9RlYP7zJHZmn9ZT2J1Vs/Pr2+ixYOjfXFcA1Gp/G
lNFRHyRD/QIy6RNk485vtDnX3IsOfb6zh6P6ak8T2nrMFf1vZPRNBGyjDsK+0dFi
0U5MAC2gZM6gKy0HnTbsE3TdCSPf3AY5Lf25Qv+YxUj5ESOTdCKh1BE4RhD/dkA+
LXcpKoUJlZUggWtsQRwvldQzBuxznySpHDxZKK4o06xnSpfm6jqwYMAsPwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFJb5md5ipsIDYVKFcMsh3J3ab6eYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbHZtWjNtS213Z05oVW9Wd3l5SGNuZHB2cDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEArl5DAME
ALnHnwMEAbnO+AMEALnO+wMEAbnRJAMEALnRSgMEArnSmAMEALnaZgMEALnfTAME
ALnfUAMEALnhAgMEALniaQMEALniawMEALnjkQMEArnqFAMEArnu5AMEAbnweAME
ALn75zANBgkqhkiG9w0BAQsFAAOCAQEAglWBdbLGtNyy3bJM/Q8lYvyMO91vio54
ewCf2a5IgednzOFW+uCO/ug72EUbSIDba8HiuchDPD45mZW3lqyiMo0uZNFjzh9s
ATthsR+JMGssWQ4EffdKnmghXpq8N3N0wWv4j0goe7qvxH04AVn1nzDbpGjTTexu
tnq2u4n7MDH1EtDiula8C1XEhk/iZgsxyh5qjKJpWF1kFUtAwKsDtpB0b8NRE2xg
lsgAz246Reg+9Rx2cx1l9MAZSX1xmSbCOvLjzz3mGDqadgrEfiaFqTpZQeuoeuYq
ViGQfSaMsxxi7qD+tZDsCcmtnv8abZN+FvmQPxzJj+k01K5QQBqIyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org