Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/LD_Uc3BBbtGizjuOAffdeU_8XNg.roa
File: LD_Uc3BBbtGizjuOAffdeU_8XNg.roa (raw, json)
Hash identifier: /H6XpqrrCEsXScy6zRpuVq/GGLEJXh++90NDaxsdXUs=
Subject key identifier: 2C:3F:D4:73:70:41:6E:D1:A2:CE:3B:8E:01:F7:DD:79:4F:FC:5C:D8
Certificate issuer: /CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Certificate serial: 01874D2F8BB9CFF538F2E623FA2BB285BA69
Authority key identifier: B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/LD_Uc3BBbtGizjuOAffdeU_8XNg.roa
Signing time: Tue 04 Apr 2023 16:52:54 +0000
ROA not before: Tue 04 Apr 2023 16:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50247
IP address blocks: 91.218.240.0/24 maxlen: 24
185.178.236.0/22 maxlen: 22
109.197.36.0/23 maxlen: 23
109.196.80.0/20 maxlen: 20
91.224.143.0/24 maxlen: 24
91.224.142.0/23 maxlen: 23
91.224.142.0/24 maxlen: 24
45.131.33.0/24 maxlen: 24
109.95.88.0/21 maxlen: 21
2a0a:7080::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:2f:8b:b9:cf:f5:38:f2:e6:23:fa:2b:b2:85:ba:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Validity
Not Before: Apr 4 16:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c3fd47370416ed1a2ce3b8e01f7dd794ffc5cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:68:01:1b:df:92:b1:c7:5f:5a:0d:eb:51:c1:
72:81:ef:80:ed:4b:d0:22:77:60:44:7b:de:63:7b:
03:60:72:43:c9:10:4b:16:fa:12:2f:7a:81:20:5c:
73:b9:fa:d4:2e:f2:9d:91:01:a1:28:44:04:09:00:
56:de:7d:b6:84:6e:74:90:b0:28:ac:37:7c:19:58:
76:eb:fb:37:6e:55:60:05:f3:24:ec:7d:7c:7c:d0:
e9:65:d4:86:93:cf:2e:77:42:1a:ae:5e:c6:22:5f:
c2:1f:c6:08:66:ee:c5:bc:d7:e0:5e:6d:99:b9:e0:
25:b8:50:bd:48:88:71:23:d6:cf:5c:90:78:96:ef:
21:ae:f9:a4:40:b7:56:94:98:24:ad:42:59:46:f1:
13:52:67:95:5d:fb:a3:ba:64:c0:cb:20:db:3f:7d:
3c:e2:1f:fd:be:66:20:31:16:4f:cc:a2:3d:4f:bf:
28:33:cf:d1:84:cb:a2:ff:61:76:37:0c:cd:6a:75:
e5:47:72:c7:ec:21:20:a0:cf:3b:f4:ce:97:1d:51:
a1:0a:ef:e5:5a:b2:bd:19:02:fe:2d:4c:46:f2:89:
c5:e9:bc:c6:22:b1:d7:96:03:9d:10:0f:5d:47:89:
25:b9:2d:62:cc:75:27:cb:67:ee:55:09:80:91:65:
6e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3F:D4:73:70:41:6E:D1:A2:CE:3B:8E:01:F7:DD:79:4F:FC:5C:D8
X509v3 Authority Key Identifier:
keyid:B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/LD_Uc3BBbtGizjuOAffdeU_8XNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.33.0/24
91.218.240.0/24
91.224.142.0/23
109.95.88.0/21
109.196.80.0/20
109.197.36.0/23
185.178.236.0/22
IPv6:
2a0a:7080::/29
Signature Algorithm: sha256WithRSAEncryption
06:f2:cb:c2:03:ff:ca:dc:52:23:65:74:6d:b0:ed:a6:7b:b3:
0d:f2:3a:eb:93:9e:73:a4:55:a4:dc:fd:10:fc:89:40:a5:97:
05:90:0b:3b:2b:ba:83:4f:d8:6d:1f:e0:b8:55:f5:4a:21:ec:
f8:69:d1:24:26:25:ab:4d:62:ed:9d:0f:98:f4:d8:ae:1c:a6:
d5:c6:49:9d:87:83:28:37:e2:da:70:64:b2:7b:e2:61:73:c7:
88:ce:52:b1:f2:ef:62:e5:e0:3d:3b:c8:f8:ce:a5:d2:60:3a:
f6:94:c3:09:85:99:70:f0:b4:94:11:d8:3b:ee:eb:a4:ad:8f:
71:3e:8f:3f:89:01:17:98:bd:18:94:55:3a:d6:ce:4e:b4:0b:
5d:ee:40:10:44:48:b9:c7:92:fb:37:47:91:74:a9:f7:4b:31:
ac:24:d5:15:07:13:fa:62:c6:41:1b:72:b6:bb:b1:d6:7a:40:
60:e8:aa:5b:bb:d9:7b:a6:dc:e8:76:04:d4:47:49:4c:0b:9d:
12:c4:e6:76:ae:d5:da:91:f9:43:21:2e:b2:09:30:ad:72:70:
0a:b7:b7:44:c5:78:41:72:0c:04:d1:24:b7:37:95:77:12:e0:
71:00:3b:66:e4:dc:5e:18:e7:66:86:cd:9f:f8:7e:67:28:ab:
0a:9f:36:aa
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYdNL4u5z/U48uYj+iuyhbppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YmRjMzc2YTE1OWQwNWUyYWY5NzE3NmEzZWJhODM2MGU2
MGQxNzYwHhcNMjMwNDA0MTY1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzNmZDQ3MzcwNDE2ZWQxYTJjZTNiOGUwMWY3ZGQ3OTRmZmM1Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGgBG9+SscdfWg3rUcFyge+A7UvQ
IndgRHveY3sDYHJDyRBLFvoSL3qBIFxzufrULvKdkQGhKEQECQBW3n22hG50kLAo
rDd8GVh26/s3blVgBfMk7H18fNDpZdSGk88ud0Iarl7GIl/CH8YIZu7FvNfgXm2Z
ueAluFC9SIhxI9bPXJB4lu8hrvmkQLdWlJgkrUJZRvETUmeVXfujumTAyyDbP308
4h/9vmYgMRZPzKI9T78oM8/RhMui/2F2NwzNanXlR3LH7CEgoM879M6XHVGhCu/l
WrK9GQL+LUxG8onF6bzGIrHXlgOdEA9dR4kluS1izHUny2fuVQmAkWVuWQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCw/1HNwQW7Ros47jgH33XlP/FzYMB8GA1UdIwQY
MBaAFLS9w3ahWdBeKvlxdqPrqDYOYNF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUt
MjhkMDEwNjAzNTI5LzEvTERfVWMzQkJidEdpemp1T0FmZmRlVV84WE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUtMjhkMDEwNjAzNTI5
LzEvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALYMhAwQA
W9rwAwQBW+COAwQDbV9YAwQEbcRQAwQBbcUkAwQCubLsMA0EAgACMAcDBQMqCnCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAG8svCA//K3FIjZXRtsO2me7MN8jrrk55zpFWk
3P0Q/IlApZcFkAs7K7qDT9htH+C4VfVKIez4adEkJiWrTWLtnQ+Y9NiuHKbVxkmd
h4MoN+LacGSye+Jhc8eIzlKx8u9i5eA9O8j4zqXSYDr2lMMJhZlw8LSUEdg77uuk
rY9xPo8/iQEXmL0YlFU61s5OtAtd7kAQREi5x5L7N0eRdKn3SzGsJNUVBxP6YsZB
G3K2u7HWekBg6Kpbu9l7ptzodgTUR0lMC50SxOZ2rtXakflDIS6yCTCtcnAKt7dE
xXhBcgwE0SS3N5V3EuBxADtm5NxeGOdmhs2f+H5nKKsKnzaq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-fra.rpki-client.org