Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3lmdcAppwAcvSplNwsYuxW5djxQ.roa
File: 3lmdcAppwAcvSplNwsYuxW5djxQ.roa (raw, json)
Hash identifier: rVrGOiMjXn4FAknvcCbBtx10CADyO9agRMJmEKOnKuw=
Subject key identifier: DE:59:9D:70:0A:69:C0:07:2F:4A:99:4D:C2:C6:2E:C5:6E:5D:8F:14
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE618887A0219B09A119147F5D4A59F
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3lmdcAppwAcvSplNwsYuxW5djxQ.roa
Signing time: Sun 01 Jan 2023 10:34:56 +0000
ROA not before: Sun 01 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44592
IP address blocks: 45.134.39.0/24 maxlen: 24
185.117.3.0/24 maxlen: 24
45.13.227.0/24 maxlen: 24
5.253.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 17:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:18:88:7a:02:19:b0:9a:11:91:47:f5:d4:a5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de599d700a69c0072f4a994dc2c62ec56e5d8f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2c:f2:ae:af:09:21:e7:e9:f4:03:ce:2f:b1:
20:bf:9d:ef:d9:23:5d:8b:28:59:c9:c6:b8:70:3d:
d4:0e:a1:be:46:a6:17:3b:10:1a:7f:6f:80:4d:e2:
b6:85:d4:db:a6:b3:2c:c8:27:a8:f0:40:ff:32:2c:
02:02:22:34:0d:cf:19:e1:3b:53:9f:ba:6e:e7:6a:
a2:d0:22:1d:e7:55:90:7c:ed:a0:df:13:ac:d2:e3:
d3:61:1b:a5:42:12:88:03:9f:90:a1:87:1d:72:d5:
31:40:a4:f0:9d:2c:a9:55:e3:c0:85:ff:ed:07:42:
94:ce:e9:09:6d:9f:f9:06:73:44:55:67:b3:b3:90:
ae:34:1b:da:bb:9b:52:c7:51:55:cf:e8:47:b9:21:
72:04:47:28:98:e8:2a:da:56:f7:42:e9:ae:55:79:
ef:51:e8:60:0d:93:45:45:aa:83:21:21:4d:21:9b:
5d:fe:c4:de:f3:89:47:52:a4:61:d3:6c:a6:1c:6d:
5e:79:93:49:40:d7:5a:41:d8:89:0a:6f:7f:ab:2e:
8d:bd:d6:cd:5e:2c:e4:8a:54:9f:a6:67:36:72:ff:
89:b0:72:83:9a:03:02:d4:da:6c:6c:59:cf:94:fb:
3a:2b:d1:d7:a0:48:e3:fb:32:9e:22:6e:42:b8:4f:
b7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:59:9D:70:0A:69:C0:07:2F:4A:99:4D:C2:C6:2E:C5:6E:5D:8F:14
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3lmdcAppwAcvSplNwsYuxW5djxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.246.0/24
45.13.227.0/24
45.134.39.0/24
185.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
70:50:b3:b6:49:27:4c:f0:6a:65:e4:98:2d:cc:6b:d5:26:ef:
ee:de:f2:42:bf:48:9e:0c:6f:9e:93:bf:55:41:8a:ca:9c:dd:
a9:88:58:f1:85:41:e4:83:72:d0:ea:c9:ff:80:b1:8b:55:02:
68:59:9d:ba:e4:9e:71:27:fd:ec:38:a9:b5:23:ea:24:b2:bf:
2d:f4:a7:56:8e:9c:a5:77:98:55:ee:10:ea:4d:49:0a:ea:98:
3d:97:0f:67:7c:86:8a:76:5d:90:ae:c0:e6:cf:fe:22:c6:23:
8c:5f:50:a2:da:a7:2f:cd:17:2a:85:fe:a5:81:f5:43:00:59:
75:f2:af:ea:38:63:94:8d:8a:18:8f:4c:27:ca:e3:bd:72:2a:
13:bb:61:1b:78:63:68:7d:04:15:3a:87:0b:24:13:c1:d8:0f:
29:44:3f:78:96:da:b0:fb:45:dc:2e:84:d5:d1:fe:7f:27:ec:
2e:61:c2:38:a8:87:f0:a2:8d:dc:47:82:28:87:82:c2:c5:6f:
a3:16:35:57:93:ff:92:a6:98:eb:d5:7e:db:9d:25:ea:5f:c6:
49:82:42:9c:b6:1d:48:4d:a6:d2:82:b0:87:6b:7b:fe:16:1d:
52:7f:fd:d3:a9:a4:20:3e:d3:de:3b:31:cf:47:68:2c:aa:52:
00:ef:24:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVs5hiIegIZsJoRkUf11KWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU5OWQ3MDBhNjljMDA3MmY0YTk5NGRjMmM2MmVjNTZlNWQ4ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryzyrq8JIefp9APOL7Egv53v2SNd
iyhZyca4cD3UDqG+RqYXOxAaf2+ATeK2hdTbprMsyCeo8ED/MiwCAiI0Dc8Z4TtT
n7pu52qi0CId51WQfO2g3xOs0uPTYRulQhKIA5+QoYcdctUxQKTwnSypVePAhf/t
B0KUzukJbZ/5BnNEVWezs5CuNBvau5tSx1FVz+hHuSFyBEcomOgq2lb3QumuVXnv
UehgDZNFRaqDISFNIZtd/sTe84lHUqRh02ymHG1eeZNJQNdaQdiJCm9/qy6NvdbN
XizkilSfpmc2cv+JsHKDmgMC1NpsbFnPlPs6K9HXoEjj+zKeIm5CuE+3rQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN5ZnXAKacAHL0qZTcLGLsVuXY8UMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvM2xtZGNBcHB3QWN2U3BsTndzWXV4VzVkanhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf32AwQA
LQ3jAwQALYYnAwQAuXUDMA0GCSqGSIb3DQEBCwUAA4IBAQBwULO2SSdM8Gpl5Jgt
zGvVJu/u3vJCv0ieDG+ek79VQYrKnN2piFjxhUHkg3LQ6sn/gLGLVQJoWZ265J5x
J/3sOKm1I+oksr8t9KdWjpyld5hV7hDqTUkK6pg9lw9nfIaKdl2QrsDmz/4ixiOM
X1Ci2qcvzRcqhf6lgfVDAFl18q/qOGOUjYoYj0wnyuO9cioTu2EbeGNofQQVOocL
JBPB2A8pRD94ltqw+0XcLoTV0f5/J+wuYcI4qIfwoo3cR4Ioh4LCxW+jFjVXk/+S
ppjr1X7bnSXqX8ZJgkKcth1ITabSgrCHa3v+Fh1Sf/3TqaQgPtPeOzHPR2gsqlIA
7yQg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:27 2024 by rpki-client on console-fra.rpki-client.org