Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/LGFt4ia8x8se7Aww1zKQKEe9FOI.roa
File: LGFt4ia8x8se7Aww1zKQKEe9FOI.roa (raw, json)
Hash identifier: 2sI70VgZuuKiiumXnNW3MtrcS8cOFjwmkDzOepiqNME=
Subject key identifier: 2C:61:6D:E2:26:BC:C7:CB:1E:EC:0C:30:D7:32:90:28:47:BD:14:E2
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018C5F1C68B3FFD1A41A446137F53401815D
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/LGFt4ia8x8se7Aww1zKQKEe9FOI.roa
Signing time: Tue 12 Dec 2023 17:39:06 +0000
ROA not before: Tue 12 Dec 2023 17:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16633
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.18.0/24 maxlen: 24
185.225.27.0/24 maxlen: 24
193.41.32.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
45.147.95.0/24 maxlen: 24
87.236.163.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
188.190.112.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5f:1c:68:b3:ff:d1:a4:1a:44:61:37:f5:34:01:81:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Dec 12 17:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c616de226bcc7cb1eec0c30d732902847bd14e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f7:ab:3e:92:4f:9d:73:55:ab:8e:4e:a4:75:
e1:41:9e:96:f7:d7:05:d6:d6:ef:f3:a2:e2:bc:e1:
a8:cf:d5:1b:f6:96:79:c6:d1:4a:42:22:df:b2:96:
0a:82:59:cd:da:92:61:e2:c8:f4:74:23:48:43:2f:
b8:05:2e:85:a6:17:ab:24:7a:3d:6b:0a:34:41:63:
25:07:b3:d7:e7:a7:39:85:4c:f3:88:75:d1:e2:2d:
df:d6:b3:40:94:62:51:33:f0:ce:76:05:27:0a:ea:
f1:c1:51:b1:4a:5f:86:69:d0:91:fe:35:41:05:6c:
9b:1c:ae:c9:54:01:c4:a9:1c:7f:f1:1f:2f:b2:f5:
42:77:6c:17:99:8f:f1:37:3e:4f:0e:25:a5:62:df:
e0:de:5b:41:f7:64:28:8d:93:f3:f1:e8:24:40:5f:
93:ab:cf:67:ca:ff:9c:a4:ce:06:ee:05:b4:53:37:
8c:de:36:a3:60:b5:98:c0:15:61:9f:e4:93:b7:b0:
0f:cf:d3:9d:5e:be:b8:e9:74:7c:43:c9:11:1b:0f:
df:f0:d7:11:32:65:0c:ac:b6:10:e5:24:d9:2e:c6:
92:50:93:9a:af:57:1f:68:e2:ac:f9:64:42:2f:8c:
33:b1:7e:30:ea:e2:3e:8a:7b:fb:3d:2f:2f:cd:20:
87:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:61:6D:E2:26:BC:C7:CB:1E:EC:0C:30:D7:32:90:28:47:BD:14:E2
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/LGFt4ia8x8se7Aww1zKQKEe9FOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.95.0/24
46.229.240.0/24
87.236.163.0/24
185.201.17.0-185.201.18.255
185.225.27.0/24
188.190.112.0/24
193.41.32.0/24
193.200.214.0/24
Signature Algorithm: sha256WithRSAEncryption
90:9d:a6:69:76:f7:82:bc:fe:31:cb:c8:71:89:58:00:2a:85:
45:e1:8a:39:44:8e:92:8d:51:8b:47:74:7f:5a:b4:2a:da:b9:
f3:02:ed:f0:36:0d:dc:a0:0a:84:91:d7:3b:e5:18:4e:84:9a:
11:4c:32:fc:05:5f:59:64:37:75:85:15:bb:3c:64:70:86:50:
ba:45:3b:1e:46:68:82:c7:15:81:c5:d9:e9:34:4f:f4:19:7c:
70:6c:15:ad:9a:d0:76:a2:84:c1:30:af:b7:06:93:5f:a5:d3:
ae:0d:4b:11:15:93:ae:b1:d8:41:c1:e9:b9:77:28:01:6d:b4:
5a:10:74:ee:24:41:32:db:5a:aa:dd:10:66:3a:00:93:86:da:
5d:73:5e:2d:6b:fb:cf:fb:2e:ca:61:ee:96:11:d4:f6:0f:0d:
b8:ae:e3:cb:0b:ff:45:7a:73:42:5b:32:19:a2:65:dd:37:36:
35:b4:e6:2b:fe:52:b5:39:75:d5:e4:23:4c:6e:c2:08:ab:3e:
6a:79:1b:59:ec:fe:f5:44:b4:64:c7:39:66:46:2c:4b:81:16:
42:ad:6f:fb:42:ee:64:ba:43:68:54:18:21:74:68:a8:a4:bd:
ee:10:20:cf:3b:67:42:d9:ce:96:54:b7:ba:c0:f8:34:20:af:
52:47:65:01
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYxfHGiz/9GkGkRhN/U0AYFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMxMjEyMTczOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzYxNmRlMjI2YmNjN2NiMWVlYzBjMzBkNzMyOTAyODQ3YmQxNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgverPpJPnXNVq45OpHXhQZ6W99cF
1tbv86LivOGoz9Ub9pZ5xtFKQiLfspYKglnN2pJh4sj0dCNIQy+4BS6FpherJHo9
awo0QWMlB7PX56c5hUzziHXR4i3f1rNAlGJRM/DOdgUnCurxwVGxSl+GadCR/jVB
BWybHK7JVAHEqRx/8R8vsvVCd2wXmY/xNz5PDiWlYt/g3ltB92QojZPz8egkQF+T
q89nyv+cpM4G7gW0UzeM3jajYLWYwBVhn+STt7APz9OdXr646XR8Q8kRGw/f8NcR
MmUMrLYQ5STZLsaSUJOar1cfaOKs+WRCL4wzsX4w6uI+inv7PS8vzSCHtwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCxhbeImvMfLHuwMMNcykChHvRTiMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvTEdGdDRpYTh4OHNlN0F3dzF6S1FLRWU5Rk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALZNfAwQA
LuXwAwQAV+yjMAwDBAC5yREDBAC5yRIDBAC54RsDBAC8vnADBADBKSADBADByNYw
DQYJKoZIhvcNAQELBQADggEBAJCdpml294K8/jHLyHGJWAAqhUXhijlEjpKNUYtH
dH9atCraufMC7fA2DdygCoSR1zvlGE6EmhFMMvwFX1lkN3WFFbs8ZHCGULpFOx5G
aILHFYHF2ek0T/QZfHBsFa2a0HaihMEwr7cGk1+l064NSxEVk66x2EHB6bl3KAFt
tFoQdO4kQTLbWqrdEGY6AJOG2l1zXi1r+8/7Lsph7pYR1PYPDbiu48sL/0V6c0Jb
MhmiZd03NjW05iv+UrU5ddXkI0xuwgirPmp5G1ns/vVEtGTHOWZGLEuBFkKtb/tC
7mS6Q2hUGCF0aKikve4QIM87Z0LZzpZUt7rA+DQgr1JHZQE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:18 2024 by rpki-client on console-fra.rpki-client.org