Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LkcdFQDHVXH9MCZylvk2fITWVqI.roa
File: LkcdFQDHVXH9MCZylvk2fITWVqI.roa (raw, json)
Hash identifier: QnToQfZCZCYkh8fOKXJobxqK6MImSzRQmeY46laIG7E=
Subject key identifier: 2E:47:1D:15:00:C7:55:71:FD:30:26:72:96:F9:36:7C:84:D6:56:A2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DF56675D787EFE56A4D2CE428ADC32971
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LkcdFQDHVXH9MCZylvk2fITWVqI.roa
Signing time: Thu 29 Feb 2024 15:05:49 +0000
ROA not before: Thu 29 Feb 2024 15:05:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206003
IP address blocks: 45.141.158.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 11:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:66:75:d7:87:ef:e5:6a:4d:2c:e4:28:ad:c3:29:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 29 15:05:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e471d1500c75571fd30267296f9367c84d656a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:08:73:d8:93:d0:9d:80:74:2f:5a:04:09:d1:
25:23:4e:ae:a9:84:de:bd:97:64:c3:da:c9:fb:6e:
dc:83:2a:3b:83:4b:a4:bb:3e:46:7b:7e:8f:a4:c8:
84:1e:a4:d9:8f:59:2a:2f:23:08:f1:2a:06:e8:39:
c0:67:be:59:31:69:18:0d:df:29:22:a6:f5:fe:d1:
a9:ce:c1:a2:8e:c0:d0:cf:81:35:ba:ba:5e:f4:e3:
0c:71:10:99:dd:62:ad:0a:60:ad:d0:75:a1:7d:10:
09:13:c3:2c:50:9e:8c:8d:66:97:9a:b8:52:6a:02:
f3:c2:30:f3:f4:bd:e7:30:07:ae:b0:91:74:18:6c:
9a:fc:59:d9:e8:e8:c9:5b:e7:ad:b6:a0:89:c0:18:
cf:e6:40:fa:ed:6f:e1:87:3f:49:ec:11:48:27:f3:
49:ca:80:38:ec:c8:f0:8c:fc:aa:31:b0:fe:41:50:
1c:aa:02:db:8d:24:52:8c:30:ef:b5:2b:6d:f5:99:
f8:9c:9f:48:06:d2:02:2a:dc:fe:d7:91:48:7c:c8:
76:28:17:3c:8b:bf:ab:fc:ae:78:5f:15:36:0b:70:
ad:ae:56:fa:fe:78:e8:23:46:09:b2:14:91:44:bd:
73:8c:97:3e:ed:b2:c3:4d:07:8f:73:a1:70:4b:a5:
66:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:47:1D:15:00:C7:55:71:FD:30:26:72:96:F9:36:7C:84:D6:56:A2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LkcdFQDHVXH9MCZylvk2fITWVqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
87.121.124.0/23
87.121.162.0/24
171.22.17.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:9d:75:99:23:68:2e:42:34:ba:e4:f1:07:94:f7:4a:97:65:
c2:33:00:dd:4a:15:a8:af:ba:63:a2:38:2e:71:72:8b:76:ed:
32:1d:f8:e8:61:5f:41:38:aa:ac:91:50:19:0d:16:13:4f:80:
f0:47:89:b0:e1:61:6f:35:58:90:b5:e0:de:64:eb:85:25:2e:
c8:a7:af:7e:e8:cb:35:c9:6b:dd:2b:ec:b4:c2:b2:74:ad:31:
26:13:51:5c:86:68:90:06:a3:14:b8:b8:2e:35:41:e5:02:8d:
99:06:b6:fe:8f:72:61:2b:76:b2:ac:ae:90:d5:db:15:90:5e:
ce:1f:28:20:22:bc:52:be:ed:83:5a:5e:3e:61:3f:bb:ef:3d:
2e:06:d5:1c:c9:c5:a7:2f:33:27:f8:a4:6a:b3:3f:90:11:63:
e2:f1:b2:df:21:10:7f:0b:c2:0b:bc:ca:95:b0:1e:85:15:d2:
9c:33:97:9d:8a:e4:9b:00:c3:23:2f:a1:01:55:92:d2:1f:01:
54:48:12:5d:d7:26:a4:fc:92:3e:9a:2a:d5:46:d2:95:8a:57:
db:f8:b4:4d:18:45:b9:30:79:96:73:9f:db:9a:be:fa:68:24:
3a:7b:73:08:d9:86:9f:a6:06:f6:bd:21:2f:d3:50:ac:47:14:
56:92:a6:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY31ZnXXh+/lak0s5CitwylxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI5MTUwNTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQ3MWQxNTAwYzc1NTcxZmQzMDI2NzI5NmY5MzY3Yzg0ZDY1NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAhz2JPQnYB0L1oECdElI06uqYTe
vZdkw9rJ+27cgyo7g0ukuz5Ge36PpMiEHqTZj1kqLyMI8SoG6DnAZ75ZMWkYDd8p
Iqb1/tGpzsGijsDQz4E1urpe9OMMcRCZ3WKtCmCt0HWhfRAJE8MsUJ6MjWaXmrhS
agLzwjDz9L3nMAeusJF0GGya/FnZ6OjJW+ettqCJwBjP5kD67W/hhz9J7BFIJ/NJ
yoA47MjwjPyqMbD+QVAcqgLbjSRSjDDvtStt9Zn4nJ9IBtICKtz+15FIfMh2KBc8
i7+r/K54XxU2C3Ctrlb6/njoI0YJshSRRL1zjJc+7bLDTQePc6FwS6VmIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC5HHRUAx1Vx/TAmcpb5NnyE1laiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTGtjZEZRREhWWEg5TUNaeWx2azJmSVRXVnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY2eAwQB
V3l8AwQAV3miAwQAqxYRMA0GCSqGSIb3DQEBCwUAA4IBAQBenXWZI2guQjS65PEH
lPdKl2XCMwDdShWor7pjojgucXKLdu0yHfjoYV9BOKqskVAZDRYTT4DwR4mw4WFv
NViQteDeZOuFJS7Ip69+6Ms1yWvdK+y0wrJ0rTEmE1FchmiQBqMUuLguNUHlAo2Z
Brb+j3JhK3ayrK6Q1dsVkF7OHyggIrxSvu2DWl4+YT+77z0uBtUcycWnLzMn+KRq
sz+QEWPi8bLfIRB/C8ILvMqVsB6FFdKcM5ediuSbAMMjL6EBVZLSHwFUSBJd1yak
/JI+mirVRtKVilfb+LRNGEW5MHmWc5/bmr76aCQ6e3MI2Yafpgb2vSEv01CsRxRW
kqZj
-----END CERTIFICATE-----
Generated at Tue Mar 5 15:15:23 2024 by rpki-client on console-ams.rpki-client.org