Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LPQzAn_BGDt1VmyLNSe60rX4-zE.roa
File: LPQzAn_BGDt1VmyLNSe60rX4-zE.roa (raw, json)
Hash identifier: SGTdCZTuz9Aov5SKEC5ZutQe3zjL2ePmhm3HHBEkY90=
Subject key identifier: 2C:F4:33:02:7F:C1:18:3B:75:56:6C:8B:35:27:BA:D2:B5:F8:FB:31
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A6F1CD235083324E3C27E55C96DA60827
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LPQzAn_BGDt1VmyLNSe60rX4-zE.roa
Signing time: Thu 07 Sep 2023 10:07:54 +0000
ROA not before: Thu 07 Sep 2023 10:07:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.138.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:1c:d2:35:08:33:24:e3:c2:7e:55:c9:6d:a6:08:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 7 10:07:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cf433027fc1183b75566c8b3527bad2b5f8fb31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1d:7a:d4:92:1e:4c:cb:9f:e4:ac:3f:3b:f4:
0f:c9:6b:d1:08:fa:6c:9a:10:3e:b0:4d:1c:89:fa:
a7:de:62:4e:4e:41:dd:6f:95:76:e0:36:30:18:e0:
b3:ac:28:cc:77:49:f1:cf:52:2b:05:9f:b6:5d:11:
be:53:da:cd:ea:28:cf:9d:75:bf:7c:a6:06:93:bf:
e6:4e:f2:f3:7f:45:e4:ed:26:ff:6d:e3:53:cb:71:
0b:4c:b4:72:f0:9e:48:37:d5:ba:1c:ea:da:cd:79:
fc:45:26:96:40:57:ac:44:4c:96:47:f1:56:41:30:
b9:dc:b0:21:84:3d:b3:c3:ab:8a:68:5e:cc:32:01:
75:ad:9c:40:d3:80:a0:89:18:5d:02:0b:5d:1c:10:
a5:b7:8e:56:99:9f:b4:fb:1f:8c:61:02:7d:7b:21:
86:25:c7:7f:80:66:a0:89:62:2e:24:ee:c0:df:04:
b8:bf:a1:2b:87:d2:8d:67:64:be:bd:f8:6c:91:02:
e7:c6:d5:f5:e1:12:e8:4c:c7:72:5a:f5:7b:39:a3:
22:f7:74:72:58:88:73:b6:50:37:60:54:f2:1c:5b:
18:91:a5:cd:51:4b:44:58:5c:4c:d4:1e:97:45:af:
86:ef:a9:23:6a:6a:0f:bc:f9:ff:ec:ed:25:a1:6d:
cf:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F4:33:02:7F:C1:18:3B:75:56:6C:8B:35:27:BA:D2:B5:F8:FB:31
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LPQzAn_BGDt1VmyLNSe60rX4-zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.180.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:dc:f0:72:46:bd:a4:fc:15:30:98:06:44:f8:16:7b:fd:20:
96:d5:cb:4f:e8:00:73:75:04:44:d3:f1:84:5c:73:22:86:c9:
3a:75:01:4e:22:8b:2c:95:34:6a:f1:89:8f:fd:6c:44:2e:86:
bc:0e:92:57:f1:f7:a3:01:fa:76:4d:a0:b7:ff:d7:c0:87:36:
33:d8:c8:a4:49:bd:60:0b:70:69:26:8f:58:2c:c2:0e:e8:73:
a7:03:e9:ca:69:dc:a5:71:5b:5f:2e:7f:85:06:7b:5a:7e:9e:
93:80:7d:e3:7e:2b:37:09:3e:a4:ef:29:97:7a:e3:0c:52:57:
3c:9e:bd:5f:5e:ef:72:cc:7e:f6:24:dd:84:ff:68:c4:6e:17:
21:bb:0a:e1:60:2e:37:cf:f2:72:28:27:20:e1:a6:d9:1a:c5:
3c:df:db:b7:cd:f5:61:ee:2d:0b:7e:87:d6:2f:8e:00:75:c7:
a5:7a:96:83:e5:b9:a9:8d:d5:0f:bb:d6:a7:9f:3c:63:98:9b:
a6:52:9c:42:b7:92:2a:c0:d6:1c:b8:a1:ce:67:2e:ee:61:57:
0b:90:0e:10:3d:7d:3c:f5:36:ba:a6:3b:b8:34:12:00:f9:80:
1e:7c:56:5f:f6:7f:aa:6a:22:d2:38:e5:91:42:79:51:5c:b2:
41:cc:8a:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpvHNI1CDMk48J+VcltpggnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA3MTAwNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Y0MzMwMjdmYzExODNiNzU1NjZjOGIzNTI3YmFkMmI1ZjhmYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph161JIeTMuf5Kw/O/QPyWvRCPps
mhA+sE0cifqn3mJOTkHdb5V24DYwGOCzrCjMd0nxz1IrBZ+2XRG+U9rN6ijPnXW/
fKYGk7/mTvLzf0Xk7Sb/beNTy3ELTLRy8J5IN9W6HOrazXn8RSaWQFesREyWR/FW
QTC53LAhhD2zw6uKaF7MMgF1rZxA04CgiRhdAgtdHBClt45WmZ+0+x+MYQJ9eyGG
Jcd/gGagiWIuJO7A3wS4v6Erh9KNZ2S+vfhskQLnxtX14RLoTMdyWvV7OaMi93Ry
WIhztlA3YFTyHFsYkaXNUUtEWFxM1B6XRa+G76kjamoPvPn/7O0loW3PlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCz0MwJ/wRg7dVZsizUnutK1+PsxMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTFBRekFuX0JHRHQxVm15TE5TZTYwclg0LXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYq0MA0G
CSqGSIb3DQEBCwUAA4IBAQAr3PByRr2k/BUwmAZE+BZ7/SCW1ctP6ABzdQRE0/GE
XHMihsk6dQFOIosslTRq8YmP/WxELoa8DpJX8fejAfp2TaC3/9fAhzYz2MikSb1g
C3BpJo9YLMIO6HOnA+nKadylcVtfLn+FBntafp6TgH3jfis3CT6k7ymXeuMMUlc8
nr1fXu9yzH72JN2E/2jEbhchuwrhYC43z/JyKCcg4abZGsU839u3zfVh7i0LfofW
L44AdcelepaD5bmpjdUPu9annzxjmJumUpxCt5IqwNYcuKHOZy7uYVcLkA4QPX08
9Ta6pju4NBIA+YAefFZf9n+qaiLSOOWRQnlRXLJBzIo5
-----END CERTIFICATE-----
Generated at Fri Sep 8 18:25:53 2023 by rpki-client on console-fra.rpki-client.org