Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lDMwJN2oZg6-nSIDmEcyaDn9NsY.roa
File: lDMwJN2oZg6-nSIDmEcyaDn9NsY.roa (raw, json)
Hash identifier: NiALz3cwi4lE/KkBzkyu/Kxn6kkbQJmUNrWZKWqxdL0=
Subject key identifier: 94:33:30:24:DD:A8:66:0E:BE:9D:22:03:98:47:32:68:39:FD:36:C6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E0E8E76BB23B62F340A73D9BD5055F75F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lDMwJN2oZg6-nSIDmEcyaDn9NsY.roa
Signing time: Tue 05 Mar 2024 12:20:01 +0000
ROA not before: Tue 05 Mar 2024 12:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 5.182.115.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
83.137.153.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/22 maxlen: 22
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 08 Mar 2024 11:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:8e:76:bb:23:b6:2f:34:0a:73:d9:bd:50:55:f7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 5 12:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94333024dda8660ebe9d22039847326839fd36c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:95:f1:fe:58:e4:f0:cc:d1:ab:77:ee:34:3d:
30:b7:bc:e0:7f:b7:f3:70:13:fb:f2:03:7a:8c:ac:
20:ff:f8:0a:c9:d5:c0:bc:07:3d:87:80:7f:a9:d2:
3f:dc:87:b9:b0:dd:f3:75:df:2e:93:f2:6f:c1:33:
09:37:a4:66:0b:93:d8:d7:c8:6b:67:3c:c7:8a:21:
7a:16:4f:99:9f:ce:e2:72:5b:fe:fc:ea:f1:e4:2b:
55:77:7b:75:c1:5c:68:3f:5b:18:e7:88:dc:83:11:
8f:d1:c1:1a:eb:47:39:04:2d:35:81:97:a6:35:75:
25:91:9e:24:80:bd:2a:de:e7:03:89:b0:0a:cf:dc:
3b:f2:db:25:d9:8f:c8:4e:ec:c6:bf:e3:68:2d:52:
a8:ae:9b:3a:9d:ce:03:60:05:f6:e4:29:b4:ec:e0:
4f:ee:ee:54:15:a3:65:5c:dc:56:a5:21:4c:9b:99:
1a:7f:45:3d:1d:25:90:ae:45:7f:8c:74:8d:10:1f:
5b:91:78:2b:f0:f3:25:23:e8:b7:96:70:e4:35:bf:
f5:d5:9e:17:b5:25:cb:e8:b2:c1:bb:5d:2b:5b:8b:
80:39:81:22:77:90:83:10:f8:a7:aa:14:14:b2:54:
12:19:91:bd:3a:e2:7a:06:56:59:0c:5e:a2:f9:72:
e3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:33:30:24:DD:A8:66:0E:BE:9D:22:03:98:47:32:68:39:FD:36:C6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lDMwJN2oZg6-nSIDmEcyaDn9NsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.115.0/24
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0-77.242.155.255
83.137.153.0/24
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.238.0/24
92.52.208.0/21
178.210.224.0/19
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:a8:bd:cd:0a:06:58:d2:c1:92:f6:d6:64:b9:b5:0d:f8:b2:
f2:91:89:33:f0:09:94:f8:28:5e:af:8b:7b:1e:89:ba:8b:12:
a6:cc:f1:56:b7:3b:63:14:24:44:b5:3d:ad:b6:23:3d:1a:40:
ca:bf:b6:cc:58:db:28:68:da:20:aa:78:4f:63:c2:35:d3:b3:
05:dc:1e:1f:d9:c1:aa:39:e7:71:4f:77:ad:69:cf:ba:4d:36:
f8:41:2c:d2:aa:6e:ef:77:8a:73:90:46:c6:52:bc:99:df:2d:
03:8c:02:0b:b2:fb:b0:4a:ad:78:44:30:7f:dd:e6:bd:6f:7c:
48:d4:d6:a4:ea:d6:f8:32:c4:c2:ef:ee:ee:2e:51:57:fe:64:
6b:0e:c3:70:f9:24:88:cc:59:0b:21:20:3d:9c:ba:80:13:31:
58:c5:9c:e7:02:d9:c6:1e:bb:8b:02:12:75:c2:02:05:29:03:
cc:01:11:7a:34:fe:57:04:8d:bf:b9:2b:d7:b6:01:db:65:62:
91:81:2b:5d:6f:0a:08:22:63:0d:47:98:1b:8e:fb:ce:1e:9b:
48:15:50:75:61:15:58:b3:f2:65:3c:01:63:c4:a0:9a:ea:b5:
6a:47:81:f2:f7:58:ab:8f:45:93:6e:22:06:d0:34:3b:94:f3:
13:e2:24:cd
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY4Ojna7I7YvNApz2b1QVfdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzA1MTIyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMzMzAyNGRkYTg2NjBlYmU5ZDIyMDM5ODQ3MzI2ODM5ZmQzNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5Xx/ljk8MzRq3fuND0wt7zgf7fz
cBP78gN6jKwg//gKydXAvAc9h4B/qdI/3Ie5sN3zdd8uk/JvwTMJN6RmC5PY18hr
ZzzHiiF6Fk+Zn87iclv+/Orx5CtVd3t1wVxoP1sY54jcgxGP0cEa60c5BC01gZem
NXUlkZ4kgL0q3ucDibAKz9w78tsl2Y/ITuzGv+NoLVKorps6nc4DYAX25Cm07OBP
7u5UFaNlXNxWpSFMm5kaf0U9HSWQrkV/jHSNEB9bkXgr8PMlI+i3lnDkNb/11Z4X
tSXL6LLBu10rW4uAOYEid5CDEPinqhQUslQSGZG9OuJ6BlZZDF6i+XLjkwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFJQzMCTdqGYOvp0iA5hHMmg5/TbGMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbERNd0pOMm9aZzYtblNJRG1FY3lhRG45TnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAAF
tnMwDAMEAC0JqQMEAi0JqAMEAS0OCgMEAC1YXTAMAwQETfKQAwQATfKUMAwDBABN
8pcDBAJN8pgDBABTiZkDBABTiZ4DBABY0cEDBABY0cQDBABY0dADBABY0dIDBAJY
0dQDBABY0e4DBANcNNADBAWy0uADBAOy+MgDBADBin0wDQQCAAIwBwMFAyoAH0Aw
DQYJKoZIhvcNAQELBQADggEBALaovc0KBljSwZL21mS5tQ34svKRiTPwCZT4KF6v
i3seibqLEqbM8Va3O2MUJES1Pa22Iz0aQMq/tsxY2yho2iCqeE9jwjXTswXcHh/Z
wao553FPd61pz7pNNvhBLNKqbu93inOQRsZSvJnfLQOMAguy+7BKrXhEMH/d5r1v
fEjU1qTq1vgyxMLv7u4uUVf+ZGsOw3D5JIjMWQshID2cuoATMVjFnOcC2cYeu4sC
EnXCAgUpA8wBEXo0/lcEjb+5K9e2AdtlYpGBK11vCggiYw1HmBuO+84em0gVUHVh
FViz8mU8AWPEoJrqtWpHgfL3WKuPRZNuIgbQNDuU8xPiJM0=
-----END CERTIFICATE-----
Generated at Fri Mar 8 17:08:29 2024 by rpki-client on console-fra.rpki-client.org