Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Lbxi23mNtidMa8FwF6f9LMIvFeA.roa
File: Lbxi23mNtidMa8FwF6f9LMIvFeA.roa (raw, json)
Hash identifier: Migy5XlxJt44O1UhKvKcFf8zvrqOAwrZRuDMOrKEyd4=
Subject key identifier: 2D:BC:62:DB:79:8D:B6:27:4C:6B:C1:70:17:A7:FD:2C:C2:2F:15:E0
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018D82FC658A62A12E31EB3A752BBE15F25A
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Lbxi23mNtidMa8FwF6f9LMIvFeA.roa
Signing time: Wed 07 Feb 2024 09:53:15 +0000
ROA not before: Wed 07 Feb 2024 09:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57344
IP address blocks: 5.104.168.0/23 maxlen: 23
5.104.174.0/24 maxlen: 24
77.76.10.0/24 maxlen: 24
77.76.11.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.67.0/24 maxlen: 24
78.128.72.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.79.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.92.0/24 maxlen: 24
78.128.94.0/24 maxlen: 24
78.128.98.0/24 maxlen: 24
78.128.108.0/23 maxlen: 23
78.142.1.0/24 maxlen: 24
78.142.4.0/23 maxlen: 23
78.142.17.0/24 maxlen: 24
78.142.20.0/24 maxlen: 24
78.142.24.0/24 maxlen: 24
78.142.33.0/24 maxlen: 24
78.142.34.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.60.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.0.0/24 maxlen: 24
79.124.15.0/24 maxlen: 24
79.124.20.0/23 maxlen: 23
79.124.23.0/24 maxlen: 24
79.124.24.0/22 maxlen: 24
79.124.28.0/24 maxlen: 24
79.124.50.0/24 maxlen: 24
79.124.51.0/24 maxlen: 24
79.124.73.0/24 maxlen: 24
79.124.74.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.79.0/24 maxlen: 24
79.124.82.0/24 maxlen: 24
82.118.224.0/24 maxlen: 24
82.118.236.0/24 maxlen: 24
82.118.238.0/24 maxlen: 24
82.118.244.0/24 maxlen: 24
82.118.246.0/23 maxlen: 23
91.148.131.0/24 maxlen: 24
91.148.140.0/24 maxlen: 24
91.148.160.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.145.0/24 maxlen: 24
94.72.148.0/22 maxlen: 24
94.72.158.0/24 maxlen: 24
94.72.159.0/24 maxlen: 24
130.185.224.0/24 maxlen: 24
130.185.226.0/24 maxlen: 24
130.185.229.0/24 maxlen: 24
130.185.235.0/24 maxlen: 24
130.185.236.0/24 maxlen: 24
130.185.237.0/24 maxlen: 24
130.185.248.0/24 maxlen: 24
130.185.250.0/24 maxlen: 24
178.132.80.0/24 maxlen: 24
178.132.81.0/24 maxlen: 24
178.132.82.0/23 maxlen: 24
178.132.84.0/23 maxlen: 24
185.148.160.0/22 maxlen: 22
217.174.148.0/23 maxlen: 24
217.174.150.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.154.0/24 maxlen: 24
217.174.159.0/24 maxlen: 24
2a01:8740::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 29 May 2024 12:08:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:fc:65:8a:62:a1:2e:31:eb:3a:75:2b:be:15:f2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Feb 7 09:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dbc62db798db6274c6bc17017a7fd2cc22f15e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:df:01:b4:8f:e4:54:d3:8e:69:21:d1:af:35:
32:81:46:c1:ee:15:04:ed:d4:49:a0:a2:28:5c:df:
fa:90:9a:15:c4:ac:6b:d7:11:e5:a7:4d:6a:c9:96:
1a:b7:e5:79:a1:12:25:87:71:68:4f:5d:7e:6f:8b:
28:88:01:64:5f:29:4d:13:f8:54:41:ec:46:3a:56:
75:49:f5:af:d5:6a:c5:23:5c:6b:4d:0c:8c:9e:79:
e6:1a:1a:78:0f:82:5b:e3:d3:43:a1:46:40:3d:3d:
0a:3d:cf:56:47:41:36:2a:bf:43:09:03:a9:7f:c9:
d8:c2:16:bf:7f:51:ca:a5:4e:5d:45:4c:32:91:ab:
c0:48:9f:17:68:d4:12:bb:e4:cb:b9:19:08:e8:57:
87:8c:2a:65:ef:ba:ce:fe:75:db:e6:96:ec:1e:60:
aa:d2:7c:88:0b:98:75:3f:3f:ed:71:8f:16:f9:6f:
59:8f:6c:16:02:63:b6:69:3f:34:5b:51:6c:10:75:
04:9c:f1:3c:47:ad:c9:e7:f6:f5:67:03:df:9a:22:
38:d0:8d:74:b8:66:25:98:dc:93:93:a5:ef:4c:17:
b1:12:8d:cf:a5:4f:5f:5a:dc:22:10:56:06:5e:94:
01:57:92:c3:f7:e8:55:0b:3e:28:54:ff:4c:58:1d:
0c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BC:62:DB:79:8D:B6:27:4C:6B:C1:70:17:A7:FD:2C:C2:2F:15:E0
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Lbxi23mNtidMa8FwF6f9LMIvFeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.168.0/23
5.104.174.0/24
77.76.10.0/23
78.128.8.0/24
78.128.43.0/24
78.128.60.0/24
78.128.67.0/24
78.128.72.0/24
78.128.76.0/24
78.128.79.0/24
78.128.81.0/24
78.128.92.0/24
78.128.94.0/24
78.128.98.0/24
78.128.108.0/23
78.142.1.0/24
78.142.4.0/23
78.142.17.0/24
78.142.20.0/24
78.142.24.0/24
78.142.33.0-78.142.34.255
78.142.47.0/24
78.142.60.0/24
78.142.63.0/24
79.124.0.0/24
79.124.15.0/24
79.124.20.0/23
79.124.23.0-79.124.28.255
79.124.50.0/23
79.124.73.0-79.124.74.255
79.124.76.0/24
79.124.79.0/24
79.124.82.0/24
82.118.224.0/24
82.118.236.0/24
82.118.238.0/24
82.118.244.0/24
82.118.246.0/23
91.148.131.0/24
91.148.140.0/24
91.148.160.0/24
91.148.168.0/24
94.72.145.0/24
94.72.148.0/22
94.72.158.0/23
130.185.224.0/24
130.185.226.0/24
130.185.229.0/24
130.185.235.0-130.185.237.255
130.185.248.0/24
130.185.250.0/24
178.132.80.0-178.132.85.255
185.148.160.0/22
217.174.148.0-217.174.150.255
217.174.152.0-217.174.154.255
217.174.159.0/24
IPv6:
2a01:8740::/32
Signature Algorithm: sha256WithRSAEncryption
15:77:20:6d:f7:b2:cb:df:6d:2f:88:5d:af:ea:be:40:11:4c:
3a:01:b7:32:42:f2:ef:00:88:d2:a5:e3:f0:1e:84:c6:bd:9c:
56:5f:44:e2:25:87:6a:f1:0a:c8:5e:2d:84:a5:39:ac:c7:8d:
56:cd:f6:89:31:ef:ac:db:7d:67:eb:7c:59:9e:4b:69:ea:a7:
37:23:26:07:ee:f1:4b:ce:fd:1a:75:15:65:16:03:33:c0:45:
b3:bd:5f:24:12:2f:60:11:d2:57:cf:86:0b:e5:a9:3a:21:8f:
70:9d:d7:97:c7:58:ec:5e:c3:1f:67:be:91:08:5a:f8:77:b9:
e1:cc:e7:4d:2a:59:7e:eb:97:a5:d5:52:5a:ee:3d:91:73:31:
03:f5:1c:6a:52:87:55:7b:d6:3a:71:f6:e1:db:b1:74:46:26:
6b:e1:f1:9e:15:b9:12:ec:64:4c:59:39:f6:6b:41:7e:2c:08:
59:c4:32:bf:5d:46:9f:27:09:1c:7b:5f:1b:bf:94:d0:0f:50:
6e:64:77:98:a1:be:1c:9b:c8:33:7a:74:45:3d:a0:5e:b3:f1:
c0:6a:04:50:77:ac:8d:78:4a:53:16:ea:e3:1e:1a:da:e8:35:
05:89:49:93:e2:7c:91:b4:ee:c8:95:43:e6:5b:6d:5e:05:6c:
bb:0d:49:6b
-----BEGIN CERTIFICATE-----
MIIGmDCCBYCgAwIBAgISAY2C/GWKYqEuMes6dSu+FfJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwMjA3MDk1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGJjNjJkYjc5OGRiNjI3NGM2YmMxNzAxN2E3ZmQyY2MyMmYxNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid8BtI/kVNOOaSHRrzUygUbB7hUE
7dRJoKIoXN/6kJoVxKxr1xHlp01qyZYat+V5oRIlh3FoT11+b4soiAFkXylNE/hU
QexGOlZ1SfWv1WrFI1xrTQyMnnnmGhp4D4Jb49NDoUZAPT0KPc9WR0E2Kr9DCQOp
f8nYwha/f1HKpU5dRUwykavASJ8XaNQSu+TLuRkI6FeHjCpl77rO/nXb5pbsHmCq
0nyIC5h1Pz/tcY8W+W9Zj2wWAmO2aT80W1FsEHUEnPE8R63J5/b1ZwPfmiI40I10
uGYlmNyTk6XvTBexEo3PpU9fWtwiEFYGXpQBV5LD9+hVCz4oVP9MWB0MxQIDAQAB
o4IDpDCCA6AwHQYDVR0OBBYEFC28Ytt5jbYnTGvBcBen/SzCLxXgMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvTGJ4aTIzbU50aWRNYThGd0Y2ZjlMTUl2RmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuAYIKwYBBQUHAQcBAf8EggGnMIIBozCCAZAEAgABMIIB
iAMEAQVoqAMEAAVorgMEAU1MCgMEAE6ACAMEAE6AKwMEAE6APAMEAE6AQwMEAE6A
SAMEAE6ATAMEAE6ATwMEAE6AUQMEAE6AXAMEAE6AXgMEAE6AYgMEAU6AbAMEAE6O
AQMEAU6OBAMEAE6OEQMEAE6OFAMEAE6OGDAMAwQATo4hAwQATo4iAwQATo4vAwQA
To48AwQATo4/AwQAT3wAAwQAT3wPAwQBT3wUMAwDBABPfBcDBABPfBwDBAFPfDIw
DAMEAE98SQMEAE98SgMEAE98TAMEAE98TwMEAE98UgMEAFJ24AMEAFJ27AMEAFJ2
7gMEAFJ29AMEAVJ29gMEAFuUgwMEAFuUjAMEAFuUoAMEAFuUqAMEAF5IkQMEAl5I
lAMEAV5IngMEAIK54AMEAIK54gMEAIK55TAMAwQAgrnrAwQBgrnsAwQAgrn4AwQA
grn6MAwDBASyhFADBAGyhFQDBAK5lKAwDAMEAtmulAMEANmuljAMAwQD2a6YAwQA
2a6aAwQA2a6fMA0EAgACMAcDBQAqAYdAMA0GCSqGSIb3DQEBCwUAA4IBAQAVdyBt
97LL320viF2v6r5AEUw6AbcyQvLvAIjSpePwHoTGvZxWX0TiJYdq8QrIXi2EpTms
x41WzfaJMe+s231n63xZnktp6qc3IyYH7vFLzv0adRVlFgMzwEWzvV8kEi9gEdJX
z4YL5ak6IY9wndeXx1jsXsMfZ76RCFr4d7nhzOdNKll+65el1VJa7j2RczED9Rxq
UodVe9Y6cfbh27F0RiZr4fGeFbkS7GRMWTn2a0F+LAhZxDK/XUafJwkce18bv5TQ
D1BuZHeYob4cm8gzenRFPaBes/HAagRQd6yNeEpTFurjHhra6DUFiUmT4nyRtO7I
lUPmW21eBWy7DUlr
-----END CERTIFICATE-----
Generated at Wed May 29 16:34:29 2024 by rpki-client on console-ams.rpki-client.org