Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LpwFFtZYMmGrkhDATqR_dzhc5rM.roa
File: LpwFFtZYMmGrkhDATqR_dzhc5rM.roa (raw, json)
Hash identifier: ZqhQ0BkWbpCofFUss8Qbwg+Ek4SIU5N+K/Ahz3oxxjU=
Subject key identifier: 2E:9C:05:16:D6:58:32:61:AB:92:10:C0:4E:A4:7F:77:38:5C:E6:B3
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01870D8E5E63E72F4FEB344DD545EF017CD9
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LpwFFtZYMmGrkhDATqR_dzhc5rM.roa
Signing time: Thu 23 Mar 2023 08:20:46 +0000
ROA not before: Thu 23 Mar 2023 08:20:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 212.60.22.0/24 maxlen: 24
194.116.162.0/24 maxlen: 24
194.116.163.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
45.89.188.0/24 maxlen: 24
45.89.189.0/24 maxlen: 24
45.89.191.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:8e:5e:63:e7:2f:4f:eb:34:4d:d5:45:ef:01:7c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 23 08:20:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e9c0516d6583261ab9210c04ea47f77385ce6b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:46:11:5f:47:85:df:f7:a7:40:ba:86:e8:b7:
c2:7f:fc:ca:4b:56:16:3d:0d:3b:b3:c9:84:4c:33:
0a:0d:16:9b:0a:f3:92:6a:2f:11:68:21:f9:e3:fa:
5a:86:84:24:42:35:8d:8f:8d:71:50:b0:bf:1c:c1:
87:77:f8:db:29:82:90:e2:46:3e:b9:b0:d6:77:d4:
9e:b1:cc:2b:23:9c:5a:de:28:5a:fd:16:30:5e:8e:
50:61:c7:03:53:a7:20:23:b0:44:59:d8:3c:f3:58:
4d:91:1f:96:d5:d3:ef:6d:d5:86:fe:27:cb:96:c7:
96:cc:6c:95:59:e2:d5:db:3e:db:58:6f:70:ed:5b:
27:ca:6e:72:e9:e2:e9:5b:e7:4e:f8:5d:39:63:38:
2a:8f:42:81:32:30:7f:c2:73:99:e7:e9:af:85:82:
b4:20:2f:c1:3b:59:58:d9:2a:11:a4:2e:d2:62:a6:
51:a0:38:36:74:98:e1:2f:a0:ca:05:b3:59:f0:af:
b8:84:ef:5c:58:e7:c8:c1:aa:95:fc:e8:dc:65:70:
ed:5a:13:b0:fe:38:e1:c0:1a:48:ac:77:24:d0:ca:
77:ca:b3:f3:25:bd:0a:48:92:97:5b:19:5e:54:04:
ff:43:9e:c1:84:34:01:1c:65:d0:c5:22:70:6b:fa:
a2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9C:05:16:D6:58:32:61:AB:92:10:C0:4E:A4:7F:77:38:5C:E6:B3
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LpwFFtZYMmGrkhDATqR_dzhc5rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.188.0/23
45.89.191.0/24
45.129.186.0/24
185.247.185.0/24
194.116.162.0/23
212.60.22.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ad:eb:88:76:80:6d:9d:93:e8:34:ff:5f:dd:82:98:11:b7:
e7:a6:d5:3f:11:f9:5a:66:64:1f:56:be:51:6f:2f:f4:5b:75:
25:7a:52:d6:18:3d:26:64:18:7a:e0:a5:a3:9d:f5:da:f9:d7:
22:6c:f3:1a:bc:e2:dd:89:ac:5d:a5:ef:e8:10:d2:da:bc:c6:
db:11:af:4f:63:a5:4e:a0:f4:78:1b:bc:7e:6a:d0:60:4c:f1:
c9:58:f5:0b:9c:bd:a8:1e:f0:c7:73:cb:78:a1:a4:aa:c6:0c:
11:0b:3e:29:fb:4b:69:b2:89:a8:f4:60:b3:27:64:46:68:55:
59:cb:89:74:4c:c6:5c:c6:fb:9c:39:c6:c5:ba:7e:b2:a2:db:
ca:df:9b:85:ff:e5:49:ec:cc:25:e8:56:9f:2f:3f:3b:b7:cd:
3e:f5:02:8b:0d:1e:b7:78:f0:87:c4:29:3a:a7:c4:bf:f9:b5:
44:51:7d:6e:3b:1f:c3:2e:02:9f:e3:90:e0:e3:7b:76:7f:30:
dc:cb:cb:d9:0c:cf:30:e6:20:b2:ae:22:05:44:8b:05:8a:ce:
92:31:85:5e:96:79:81:77:0f:7d:ef:e2:a0:2a:25:9e:52:0a:
ba:04:9c:75:32:7a:17:77:a2:5d:d5:42:3e:a2:6e:a1:73:bc:
e5:29:8c:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcNjl5j5y9P6zRN1UXvAXzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzIzMDgyMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTljMDUxNmQ2NTgzMjYxYWI5MjEwYzA0ZWE0N2Y3NzM4NWNlNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0YRX0eF3/enQLqG6LfCf/zKS1YW
PQ07s8mETDMKDRabCvOSai8RaCH54/pahoQkQjWNj41xULC/HMGHd/jbKYKQ4kY+
ubDWd9SescwrI5xa3iha/RYwXo5QYccDU6cgI7BEWdg881hNkR+W1dPvbdWG/ifL
lseWzGyVWeLV2z7bWG9w7Vsnym5y6eLpW+dO+F05Yzgqj0KBMjB/wnOZ5+mvhYK0
IC/BO1lY2SoRpC7SYqZRoDg2dJjhL6DKBbNZ8K+4hO9cWOfIwaqV/OjcZXDtWhOw
/jjhwBpIrHck0Mp3yrPzJb0KSJKXWxleVAT/Q57BhDQBHGXQxSJwa/qi/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC6cBRbWWDJhq5IQwE6kf3c4XOazMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvTHB3RkZ0WllNbUdya2hEQVRxUl9kemhjNXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLVm8AwQA
LVm/AwQALYG6AwQAufe5AwQBwnSiAwQA1DwWMA0GCSqGSIb3DQEBCwUAA4IBAQAe
reuIdoBtnZPoNP9f3YKYEbfnptU/EflaZmQfVr5Rby/0W3UlelLWGD0mZBh64KWj
nfXa+dcibPMavOLdiaxdpe/oENLavMbbEa9PY6VOoPR4G7x+atBgTPHJWPULnL2o
HvDHc8t4oaSqxgwRCz4p+0tpsomo9GCzJ2RGaFVZy4l0TMZcxvucOcbFun6yotvK
35uF/+VJ7Mwl6FafLz87t80+9QKLDR63ePCHxCk6p8S/+bVEUX1uOx/DLgKf45Dg
43t2fzDcy8vZDM8w5iCyriIFRIsFis6SMYVelnmBdw997+KgKiWeUgq6BJx1MnoX
d6Jd1UI+om6hc7zlKYz3
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:20 2023 by rpki-client on console.sobornost.net