Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/LpwVHIdsBwZg5rfcxETwOy-OrKM.roa
File: LpwVHIdsBwZg5rfcxETwOy-OrKM.roa (raw, json)
Hash identifier: un9U6AgF49azFyD92mTEJXIMRuM2EkvPKxlBfjYU2+U=
Subject key identifier: 2E:9C:15:1C:87:6C:07:06:60:E6:B7:DC:C4:44:F0:3B:2F:8E:AC:A3
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 0187BC4BDED141A533E831EB4E7EABD51737
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/LpwVHIdsBwZg5rfcxETwOy-OrKM.roa
Signing time: Wed 26 Apr 2023 06:41:41 +0000
ROA not before: Wed 26 Apr 2023 06:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
194.187.88.0/22 maxlen: 24
194.187.88.0/24 maxlen: 24
185.63.148.0/22 maxlen: 22
217.11.208.0/20 maxlen: 20
212.103.64.0/24 maxlen: 24
212.103.64.0/19 maxlen: 19
217.146.160.0/20 maxlen: 20
212.103.65.0/24 maxlen: 24
217.146.165.0/24 maxlen: 24
2a00:c38:1a5::/48 maxlen: 48
2a00:c38::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:4b:de:d1:41:a5:33:e8:31:eb:4e:7e:ab:d5:17:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Apr 26 06:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e9c151c876c070660e6b7dcc444f03b2f8eaca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:60:d2:6c:a8:d2:63:d9:e5:d1:2d:4a:e2:04:
99:4f:06:c1:01:a6:33:73:9e:5c:c3:f5:7e:96:39:
67:25:7f:73:26:b8:4f:9d:34:d5:8f:14:f8:89:10:
d1:21:24:22:18:e7:ca:e9:52:78:b7:26:8f:73:53:
50:ef:60:dd:a6:41:c2:3e:fc:bf:e4:9c:99:53:8c:
ba:f0:6a:2a:62:82:c5:c1:6b:65:27:03:da:a7:10:
19:3c:d7:6c:64:da:6c:13:3a:28:9f:d4:81:11:37:
1e:88:34:c7:c1:05:0d:dc:9d:5b:e2:01:e5:31:4b:
bd:cc:df:69:7e:25:c7:f7:dd:8f:2d:83:e3:42:3d:
46:d5:a8:64:42:0a:c1:cd:71:38:a3:48:ba:9b:b0:
56:45:93:1e:c6:36:28:18:32:c8:e4:a8:f4:ba:c6:
c5:07:9c:82:8e:81:26:14:0e:a6:e3:43:ad:57:41:
2b:fa:ac:54:a6:f4:80:34:89:98:94:41:47:2e:c0:
ff:02:09:44:7b:e6:3c:a4:78:dd:e6:4f:13:6e:e4:
9c:da:df:ff:61:e7:a2:54:44:43:cd:0d:51:69:85:
a8:25:fe:75:02:cc:48:2c:04:b5:d9:db:0d:8e:99:
10:bf:dd:89:e0:3b:5d:d6:f8:7d:f0:16:f1:a0:4f:
dc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9C:15:1C:87:6C:07:06:60:E6:B7:DC:C4:44:F0:3B:2F:8E:AC:A3
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/LpwVHIdsBwZg5rfcxETwOy-OrKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
185.63.148.0/22
194.187.88.0/22
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
18:8b:65:c4:24:c0:1c:f0:dc:3c:48:1e:d3:22:fc:57:28:3d:
27:fc:c5:c6:23:24:b8:6e:8e:60:6a:2f:f3:f4:67:ef:a6:32:
74:9d:96:c5:5b:ea:51:ad:2a:3f:ea:81:c3:5f:92:cb:da:85:
67:31:61:93:d6:30:e1:1a:e6:3d:a2:c7:eb:21:d6:00:2a:6f:
0e:df:19:56:b9:90:b7:59:5a:1f:a5:cf:bf:10:9c:cb:71:63:
a4:11:20:c3:ff:0e:a9:33:7c:84:8a:4d:b6:ea:52:85:4a:71:
58:c4:10:7e:42:16:30:7c:2e:88:d8:6c:87:47:e1:6d:1a:20:
bf:3f:68:92:07:f1:b2:27:63:5f:a2:cc:9b:65:32:c5:65:e6:
db:36:45:66:3f:a0:3d:bd:ad:94:b7:87:e9:c7:2e:2f:39:62:
e7:3a:31:b1:39:71:38:f9:78:a4:88:96:91:06:a5:9e:f0:5e:
2d:9f:55:be:b9:b9:dc:86:fa:f0:66:47:ae:57:94:8b:09:49:
2b:13:f6:d5:51:68:54:c3:56:99:ac:68:5b:98:39:2c:75:7c:
f6:52:8a:21:65:aa:74:d7:91:f6:1c:0d:35:d9:f4:4b:a7:7f:
b8:70:a8:18:21:0f:fc:63:a3:51:3f:d7:cf:ac:71:dc:d9:a7:
ef:ff:e5:ec
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYe8S97RQaUz6DHrTn6r1Rc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjMwNDI2MDY0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTljMTUxYzg3NmMwNzA2NjBlNmI3ZGNjNDQ0ZjAzYjJmOGVhY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2DSbKjSY9nl0S1K4gSZTwbBAaYz
c55cw/V+ljlnJX9zJrhPnTTVjxT4iRDRISQiGOfK6VJ4tyaPc1NQ72DdpkHCPvy/
5JyZU4y68GoqYoLFwWtlJwPapxAZPNdsZNpsEzoon9SBETceiDTHwQUN3J1b4gHl
MUu9zN9pfiXH992PLYPjQj1G1ahkQgrBzXE4o0i6m7BWRZMexjYoGDLI5Kj0usbF
B5yCjoEmFA6m40OtV0Er+qxUpvSANImYlEFHLsD/AglEe+Y8pHjd5k8TbuSc2t//
YeeiVERDzQ1RaYWoJf51AsxILAS12dsNjpkQv92J4Dtd1vh98BbxoE/cdwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC6cFRyHbAcGYOa33MRE8DsvjqyjMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvTHB3VkhJZHNCd1pnNXJmY3hFVHdPeS1PcktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTV94AwQC
uT+UAwQCwrtYAwQF1GdAAwQE2QvQAwQE2ZKgMA0EAgACMAcDBQAqAAw4MA0GCSqG
SIb3DQEBCwUAA4IBAQAYi2XEJMAc8Nw8SB7TIvxXKD0n/MXGIyS4bo5gai/z9Gfv
pjJ0nZbFW+pRrSo/6oHDX5LL2oVnMWGT1jDhGuY9osfrIdYAKm8O3xlWuZC3WVof
pc+/EJzLcWOkESDD/w6pM3yEik226lKFSnFYxBB+QhYwfC6I2GyHR+FtGiC/P2iS
B/GyJ2NfosybZTLFZebbNkVmP6A9va2Ut4fpxy4vOWLnOjGxOXE4+XikiJaRBqWe
8F4tn1W+ubnchvrwZkeuV5SLCUkrE/bVUWhUw1aZrGhbmDksdXz2UoohZap015H2
HA012fRLp3+4cKgYIQ/8Y6NRP9fPrHHc2afv/+Xs
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:36 2024 by rpki-client on console-fra.rpki-client.org