Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/lYPjnA75lIo8OKPeTRFsbPguO3k.roa
File: lYPjnA75lIo8OKPeTRFsbPguO3k.roa (raw, json)
Hash identifier: aydtvBjv/oQaqEhNIuHwVMNmMASuppr8OpS9SXA3F0Y=
Subject key identifier: 95:83:E3:9C:0E:F9:94:8A:3C:38:A3:DE:4D:11:6C:6C:F8:2E:3B:79
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56F02A17D96C617AB047A04BDBE661A
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/lYPjnA75lIo8OKPeTRFsbPguO3k.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209706
IP address blocks: 94.190.248.0/22 maxlen: 24
89.37.188.0/22 maxlen: 24
89.36.236.0/22 maxlen: 24
185.172.20.0/22 maxlen: 22
89.36.32.0/22 maxlen: 24
89.37.228.0/22 maxlen: 24
62.112.12.0/23 maxlen: 24
185.77.250.0/23 maxlen: 24
86.105.104.0/22 maxlen: 24
188.240.40.0/23 maxlen: 24
188.211.252.0/22 maxlen: 24
188.212.104.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:02:a1:7d:96:c6:17:ab:04:7a:04:bd:be:66:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9583e39c0ef9948a3c38a3de4d116c6cf82e3b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:23:07:1b:bf:2b:3d:90:50:da:8c:7f:95:31:
74:df:36:66:4f:b6:ea:0d:a2:40:d4:7e:b2:84:78:
83:d5:2f:aa:21:ac:4c:08:5a:0d:28:c7:42:0c:0b:
c9:c7:57:ee:fb:4c:9f:4c:41:1e:91:e6:c5:84:b2:
4d:03:af:59:70:4c:43:9c:0d:54:8b:40:01:b9:cf:
53:55:69:ca:a0:dd:a6:a4:40:d3:10:3c:35:b5:c8:
e1:b3:fd:43:39:50:17:29:c4:86:ea:2c:d9:0b:fc:
39:09:7f:32:70:91:02:12:dd:6d:36:e7:ed:10:3c:
cf:e7:c0:09:ca:37:fb:11:5d:83:bb:a7:a9:83:e1:
5c:34:11:5f:58:d3:97:25:eb:54:62:b5:69:8c:64:
0d:5c:9a:69:e0:4f:e8:ef:ef:80:8f:29:15:3f:03:
0b:c9:7d:64:88:b3:d8:21:ac:c1:67:81:0d:18:bb:
13:13:88:27:dc:bf:f3:0e:49:80:b1:61:73:e7:d0:
4a:34:8a:b9:d5:52:25:e3:0a:83:20:d1:bd:f1:be:
fe:64:17:e0:1e:58:e3:83:a8:e7:33:23:fc:36:e4:
1b:e1:39:83:38:2e:6a:9b:08:33:c7:8b:89:c4:c0:
c4:2c:34:cd:d3:eb:ca:83:ca:ae:8a:dd:bf:2e:08:
ee:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:83:E3:9C:0E:F9:94:8A:3C:38:A3:DE:4D:11:6C:6C:F8:2E:3B:79
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/lYPjnA75lIo8OKPeTRFsbPguO3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
86.105.104.0/22
89.36.32.0/22
89.36.236.0/22
89.37.188.0/22
89.37.228.0/22
94.190.248.0/22
185.77.250.0/23
185.172.20.0/22
188.211.252.0/22
188.212.104.0/22
188.240.40.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:d4:92:81:3c:e7:0b:50:73:ac:18:05:e8:03:6a:a8:3f:6c:
ea:dd:ad:b6:11:c6:e4:6d:4c:cd:8e:84:5b:b9:bc:b0:d3:25:
6c:0d:7d:f4:79:29:a9:42:52:4e:78:bf:81:6b:99:82:e6:48:
63:98:07:84:bc:ac:2a:42:d1:5c:14:eb:a2:45:ec:4d:49:92:
f3:5d:90:ab:98:41:a4:ea:73:e1:10:9c:b1:3c:e9:bd:fa:44:
b9:6f:1a:69:e6:c6:12:7a:04:3a:e3:fd:76:3b:6e:fe:67:8e:
18:67:b9:ed:ee:41:59:bd:1d:e5:d4:06:76:94:a3:3e:e3:71:
c1:29:aa:4d:64:a4:a1:ed:7b:0e:18:bd:03:d5:99:18:3e:71:
ae:56:0d:8c:25:50:57:76:4b:ee:c4:2a:85:83:11:ae:94:7e:
38:e8:c9:4b:3a:60:92:ab:27:30:5d:92:4e:d2:74:c3:fd:64:
2a:71:58:85:32:0a:d6:8b:37:e4:d4:e7:b1:cd:49:29:73:cd:
eb:2b:8d:d3:a8:91:fe:a3:3a:03:50:95:f7:28:1a:a7:e3:16:
24:e1:05:25:e9:b8:09:56:d4:e7:4d:4d:a8:79:0a:3c:ee:eb:
58:8c:a6:93:58:4c:81:f1:56:0e:13:3f:96:02:7a:7d:b1:b5:
0a:af:dd:70
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzFbwKhfZbGF6sEegS9vmYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTgzZTM5YzBlZjk5NDhhM2MzOGEzZGU0ZDExNmM2Y2Y4MmUzYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCMHG78rPZBQ2ox/lTF03zZmT7bq
DaJA1H6yhHiD1S+qIaxMCFoNKMdCDAvJx1fu+0yfTEEekebFhLJNA69ZcExDnA1U
i0ABuc9TVWnKoN2mpEDTEDw1tcjhs/1DOVAXKcSG6izZC/w5CX8ycJECEt1tNuft
EDzP58AJyjf7EV2Du6epg+FcNBFfWNOXJetUYrVpjGQNXJpp4E/o7++AjykVPwML
yX1kiLPYIazBZ4ENGLsTE4gn3L/zDkmAsWFz59BKNIq51VIl4wqDING98b7+ZBfg
Hljjg6jnMyP8NuQb4TmDOC5qmwgzx4uJxMDELDTN0+vKg8quit2/LgjusQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJWD45wO+ZSKPDij3k0RbGz4Ljt5MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbFlQam5BNzVsSW84T0tQZVRSRnNiUGd1TzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBPnAMAwQC
VmloAwQCWSQgAwQCWSTsAwQCWSW8AwQCWSXkAwQCXr74AwQBuU36AwQCuawUAwQC
vNP8AwQCvNRoAwQBvPAoMA0GCSqGSIb3DQEBCwUAA4IBAQBd1JKBPOcLUHOsGAXo
A2qoP2zq3a22EcbkbUzNjoRbubyw0yVsDX30eSmpQlJOeL+Ba5mC5khjmAeEvKwq
QtFcFOuiRexNSZLzXZCrmEGk6nPhEJyxPOm9+kS5bxpp5sYSegQ64/12O27+Z44Y
Z7nt7kFZvR3l1AZ2lKM+43HBKapNZKSh7XsOGL0D1ZkYPnGuVg2MJVBXdkvuxCqF
gxGulH446MlLOmCSqycwXZJO0nTD/WQqcViFMgrWizfk1OexzUkpc83rK43TqJH+
ozoDUJX3KBqn4xYk4QUl6bgJVtTnTU2oeQo87utYjKaTWEyB8VYOEz+WAnp9sbUK
r91w
-----END CERTIFICATE-----
Generated at Fri Jan 5 03:10:52 2024 by rpki-client on console-ams.rpki-client.org