Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa
File: LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa (raw, json)
Hash identifier: OA9FsJln1UtrKh7Y5COez790+aoKVmptkYMFpKnsvZc=
Subject key identifier: 2C:04:10:28:19:E9:67:30:CA:9D:5F:65:0B:70:7B:18:8D:0D:2C:81
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018BA28E4A83A093B3089E9E686D03D6C744
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa
Signing time: Mon 06 Nov 2023 02:55:16 +0000
ROA not before: Mon 06 Nov 2023 02:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
193.36.89.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
5.154.174.0/24 maxlen: 24
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
185.242.217.0/24 maxlen: 24
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a12:adc0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a05:6700::/29 maxlen: 29
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:3040::/29 maxlen: 48
2a07:9c80::/29 maxlen: 29
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a07:f2c0::/29 maxlen: 29
2a01:4740::/32 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a06:df80::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a2:8e:4a:83:a0:93:b3:08:9e:9e:68:6d:03:d6:c7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Nov 6 02:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c04102819e96730ca9d5f650b707b188d0d2c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:14:bc:92:80:92:18:de:aa:a7:c3:62:ed:cb:
ac:33:d2:a3:52:7b:d3:10:a7:36:81:d1:e5:c7:68:
9a:e0:19:a9:1f:89:93:f7:eb:4f:d6:2d:ba:a2:bc:
1a:0d:ef:49:54:6c:8b:b0:07:3d:18:66:38:e9:57:
cb:ce:ff:05:37:50:d3:1a:07:c7:49:14:6f:02:32:
af:44:e1:a7:37:59:2a:c3:d8:8f:e5:a8:1b:ee:e9:
e0:6b:bc:96:41:93:ca:5b:89:66:45:0a:60:c2:e3:
c2:d3:49:76:b5:1f:53:42:80:10:4f:9a:35:96:36:
21:be:33:84:3f:3a:54:01:76:d1:2b:d3:ea:ee:6d:
10:a1:b2:28:82:c9:cc:31:f6:7c:ce:b0:15:97:e9:
b6:8b:b9:a8:e6:9e:c1:ce:21:df:b3:52:0d:f6:7a:
88:1e:87:05:53:a9:7e:8c:23:53:0e:d2:f2:e5:40:
eb:c6:0e:7e:e8:c3:16:99:76:52:04:ed:f2:85:7d:
bc:60:72:f1:ba:0c:d9:d2:93:00:d9:c4:06:53:ae:
c1:ba:dc:69:2f:f5:d3:79:48:02:24:6c:0f:19:e5:
f4:57:79:6c:c4:65:ca:e7:cc:f7:63:d9:40:4c:a1:
4c:93:bb:27:3f:cd:57:57:53:77:2d:e3:14:90:aa:
07:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:04:10:28:19:E9:67:30:CA:9D:5F:65:0B:70:7B:18:8D:0D:2C:81
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:6700::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
2a12:adc0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:00:11:ce:b1:7a:b0:70:e6:cc:64:79:1d:e7:5b:8f:ce:45:
40:7d:18:ed:8c:a3:ba:9d:5c:cb:51:ee:b7:d2:6c:28:7f:c9:
29:5b:dc:1c:a5:97:9a:da:92:d5:8b:22:7a:73:17:ef:22:8c:
44:f5:46:69:45:70:d2:7d:93:a6:01:a9:52:30:4c:87:dd:e3:
bd:f9:26:be:7f:cd:d7:d6:93:04:79:df:ac:e3:ce:e4:73:40:
1c:c8:fd:7f:1a:fe:9b:63:ca:2a:aa:e9:db:75:35:04:bf:32:
5f:ad:b5:18:65:57:de:7f:7b:75:31:ef:bc:ea:5a:69:8c:de:
dd:d9:91:8e:37:43:0c:5a:cb:fa:4a:b0:c8:5a:1c:4e:fc:42:
27:64:13:9f:9f:1d:e1:55:7d:7f:ed:14:6c:56:dc:9b:35:92:
63:04:4a:35:9e:34:2e:4b:75:41:b4:85:ca:94:9b:26:6c:a8:
98:c2:25:94:0d:5e:b6:21:e6:e4:e0:fd:ed:80:04:b2:69:f4:
66:c1:4e:15:f5:46:67:4c:e7:58:2b:ce:03:fc:5c:42:41:49:
06:6e:52:91:bd:59:5f:f5:35:e2:f1:ae:8f:a6:51:f7:94:e1:
58:8d:9a:fb:f6:ea:8a:f0:fb:e3:36:67:87:8b:b8:69:7f:f3:
ca:31:ca:93
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgISAYuijkqDoJOzCJ6eaG0D1sdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMxMTA2MDI1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA0MTAyODE5ZTk2NzMwY2E5ZDVmNjUwYjcwN2IxODhkMGQyYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhS8koCSGN6qp8Ni7cusM9KjUnvT
EKc2gdHlx2ia4BmpH4mT9+tP1i26orwaDe9JVGyLsAc9GGY46VfLzv8FN1DTGgfH
SRRvAjKvROGnN1kqw9iP5agb7unga7yWQZPKW4lmRQpgwuPC00l2tR9TQoAQT5o1
ljYhvjOEPzpUAXbRK9Pq7m0QobIogsnMMfZ8zrAVl+m2i7mo5p7BziHfs1IN9nqI
HocFU6l+jCNTDtLy5UDrxg5+6MMWmXZSBO3yhX28YHLxugzZ0pMA2cQGU67Butxp
L/XTeUgCJGwPGeX0V3lsxGXK58z3Y9lATKFMk7snP81XV1N3LeMUkKoHJwIDAQAB
o4IDTjCCA0owHQYDVR0OBBYEFCwEECgZ6Wcwyp1fZQtwexiNDSyBMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvTEFRUUtCbnBaekRLblY5bEMzQjdHSTBOTElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYgYIKwYBBQUHAQcBAf8EggFRMIIBTTCBuwQCAAEwgbQD
BAAFmq4DBAItXxgDBAItkFgDBAItlRwDBAItnOADBABQ9h4DBABWabcDBABX7/4D
BABZI/kDBABZKBgDBABZLM0DBABb5NgDBABeLs4DBAC5JP4DBAC5YKIDBAG5bGgD
BAK5k4wDBAK5mCQDBAK5mPgDBAC5mZcDBAK5oCwDBAC5plQDBAC5uOQDBAC5vD0D
BAC5ybwDBAK52UADBAC58tkDBAC8d5oDBADBJFkDBADDL8IwgYwEAgACMIGFAwUA
KgFHQAMFAyoFKMADBQMqBWcAAwUDKgX0wAMFAyoGMEADBQMqBkbAAwUDKgZKAAMF
AyoGUAADBQMqBlcAAwUDKgbfgAMFAyoG5IADBQMqB0eAAwUDKgecgAMFAyoH8sAD
BQMqCjCAAwUDKgs/QAMFAyoM2MADBQMqDOxAAwUDKhKtwDANBgkqhkiG9w0BAQsF
AAOCAQEATwARzrF6sHDmzGR5Hedbj85FQH0Y7Yyjup1cy1Hut9JsKH/JKVvcHKWX
mtqS1YsienMX7yKMRPVGaUVw0n2TpgGpUjBMh93jvfkmvn/N19aTBHnfrOPO5HNA
HMj9fxr+m2PKKqrp23U1BL8yX621GGVX3n97dTHvvOpaaYze3dmRjjdDDFrL+kqw
yFocTvxCJ2QTn58d4VV9f+0UbFbcmzWSYwRKNZ40Lkt1QbSFypSbJmyomMIllA1e
tiHm5OD97YAEsmn0ZsFOFfVGZ0znWCvOA/xcQkFJBm5Skb1ZX/U14vGuj6ZR95Th
WI2a+/bqivD74zZnh4u4aX/zyjHKkw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:28 2024 by rpki-client on console-fra.rpki-client.org