Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Lk7TV-FLQAQ6njHYgvW17wwcWmw.roa
File: Lk7TV-FLQAQ6njHYgvW17wwcWmw.roa (raw, json)
Hash identifier: WvxbQfybp55lwggeV9H6ENR5kreESOI1GtBclz64TBU=
Subject key identifier: 2E:4E:D3:57:E1:4B:40:04:3A:9E:31:D8:82:F5:B5:EF:0C:1C:5A:6C
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018B84FFCCD8609F2B9A34383588E49F59F6
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Lk7TV-FLQAQ6njHYgvW17wwcWmw.roa
Signing time: Tue 31 Oct 2023 09:10:38 +0000
ROA not before: Tue 31 Oct 2023 09:10:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
85.115.208.0/23 maxlen: 24
85.115.208.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Nov 2023 09:47:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:ff:cc:d8:60:9f:2b:9a:34:38:35:88:e4:9f:59:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 31 09:10:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e4ed357e14b40043a9e31d882f5b5ef0c1c5a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:24:69:c7:ba:cc:48:3f:1a:49:f7:07:27:ae:
a7:91:7a:bb:3d:50:00:5e:6a:44:cf:ca:bb:72:80:
50:9e:7a:4b:5e:95:d9:76:40:74:a8:fb:41:b1:6d:
98:a8:67:8f:e4:20:0b:46:f8:16:e4:bd:a6:87:e7:
1a:18:94:7c:99:a9:88:bf:d4:fe:86:c7:70:f3:d4:
1c:f2:e8:e0:7c:32:df:67:24:17:d4:49:81:1a:e4:
89:54:fe:a2:a5:29:d9:12:05:d5:e6:f6:e1:fd:6d:
a7:47:db:d4:67:b2:54:55:ea:d6:8a:e6:a7:94:70:
ca:0f:94:4e:f0:19:eb:48:da:be:28:3d:e4:99:8b:
da:90:43:38:d2:14:05:67:e1:18:33:13:7e:6b:fa:
0c:88:c6:b7:6d:24:a8:8e:f2:c1:15:1f:3e:45:7c:
be:90:99:c1:ab:63:97:8b:ad:fd:2b:06:46:c3:a9:
59:b5:1e:8b:8d:58:12:76:64:51:f7:82:30:ca:32:
7f:82:78:4e:df:8f:65:cc:db:26:9b:98:19:10:ad:
ad:74:c6:06:19:22:ce:5b:3c:da:bb:c2:b2:24:dd:
fb:67:f7:0d:5b:0c:5e:96:5c:c0:50:a1:d5:cc:3b:
f9:51:0d:67:df:fb:f5:53:9b:2b:19:da:30:9d:14:
73:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:4E:D3:57:E1:4B:40:04:3A:9E:31:D8:82:F5:B5:EF:0C:1C:5A:6C
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Lk7TV-FLQAQ6njHYgvW17wwcWmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
73:e3:c3:4e:01:0a:ad:7c:fb:9d:ef:4b:02:a7:65:ba:98:fb:
7c:13:cc:60:22:44:d5:f3:99:2f:3e:c0:23:c8:2b:04:d0:6f:
9c:84:5c:6f:91:d9:76:ff:57:2d:5f:c1:39:bc:2d:9b:4f:b9:
1f:7b:4f:2e:d7:a8:a7:4c:fa:1e:bf:31:9f:95:b0:80:d6:5b:
2c:ef:7a:e0:94:33:04:45:e6:b9:9f:75:fb:76:e6:50:e0:55:
e4:a3:f3:bb:1f:ca:61:73:3e:b1:08:a1:3d:e2:94:cc:54:6a:
1b:31:76:0c:a3:e1:e7:ee:bd:94:e4:4b:74:0e:6f:ce:57:f5:
ea:8c:f3:97:27:9c:71:86:99:56:c4:a4:e9:ed:ff:14:0b:86:
67:3d:c8:ab:ba:9c:33:0c:77:55:f9:dc:6e:92:d7:bd:e1:7d:
c3:42:d2:44:2c:8b:a4:e6:8a:d3:0f:1b:ee:98:89:43:51:78:
61:8f:b1:50:e6:97:e2:da:fd:6e:08:6b:c1:d2:cb:0d:c5:de:
94:86:73:9a:09:57:c6:20:4b:1d:67:71:be:26:56:75:15:44:
26:c6:c1:ae:8b:fa:bd:d2:eb:9f:60:16:25:c9:b5:20:1c:8f:
05:91:79:44:50:f9:fe:6a:5d:4e:d0:8b:80:5c:9c:d5:77:38:
b3:0f:25:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuE/8zYYJ8rmjQ4NYjkn1n2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMxMDMxMDkxMDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTRlZDM1N2UxNGI0MDA0M2E5ZTMxZDg4MmY1YjVlZjBjMWM1YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSRpx7rMSD8aSfcHJ66nkXq7PVAA
XmpEz8q7coBQnnpLXpXZdkB0qPtBsW2YqGeP5CALRvgW5L2mh+caGJR8mamIv9T+
hsdw89Qc8ujgfDLfZyQX1EmBGuSJVP6ipSnZEgXV5vbh/W2nR9vUZ7JUVerWiuan
lHDKD5RO8BnrSNq+KD3kmYvakEM40hQFZ+EYMxN+a/oMiMa3bSSojvLBFR8+RXy+
kJnBq2OXi639KwZGw6lZtR6LjVgSdmRR94IwyjJ/gnhO349lzNsmm5gZEK2tdMYG
GSLOWzzau8KyJN37Z/cNWwxellzAUKHVzDv5UQ1n3/v1U5srGdownRRzNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC5O01fhS0AEOp4x2IL1te8MHFpsMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvTGs3VFYtRkxRQVE2bmpIWWd2VzE3d3djV213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQBz48NOAQqtfPud70sCp2W6mPt8
E8xgIkTV85kvPsAjyCsE0G+chFxvkdl2/1ctX8E5vC2bT7kfe08u16inTPoevzGf
lbCA1lss73rglDMERea5n3X7duZQ4FXko/O7H8phcz6xCKE94pTMVGobMXYMo+Hn
7r2U5Et0Dm/OV/XqjPOXJ5xxhplWxKTp7f8UC4ZnPcirupwzDHdV+dxukte94X3D
QtJELIuk5orTDxvumIlDUXhhj7FQ5pfi2v1uCGvB0ssNxd6UhnOaCVfGIEsdZ3G+
JlZ1FUQmxsGui/q90uufYBYlybUgHI8FkXlEUPn+al1O0IuAXJzVdzizDyWu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org