Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lwc2I8Z675tRsUWo4BTs3okGEGU.roa
File: lwc2I8Z675tRsUWo4BTs3okGEGU.roa (raw, json)
Hash identifier: JLwKon/SEsJx/1gB+UsDt1qNEX/WU6efPxhfteEgISQ=
Subject key identifier: 97:07:36:23:C6:7A:EF:9B:51:B1:45:A8:E0:14:EC:DE:89:06:10:65
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D9DFEE8B354BC7468D919B6CD79DA40BF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lwc2I8Z675tRsUWo4BTs3okGEGU.roa
Signing time: Mon 12 Feb 2024 15:45:45 +0000
ROA not before: Mon 12 Feb 2024 15:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 45.81.113.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Mar 2024 17:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:fe:e8:b3:54:bc:74:68:d9:19:b6:cd:79:da:40:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 12 15:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97073623c67aef9b51b145a8e014ecde89061065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:df:89:b2:d2:e3:7b:fe:a2:80:94:53:e2:41:
a8:12:61:57:c7:03:70:ac:c7:20:de:ef:72:ff:df:
23:b6:0a:13:ff:14:74:77:fa:f2:b7:7b:d4:5a:ff:
24:aa:f8:58:ea:86:61:2b:3a:a3:b6:7c:d5:ea:18:
88:41:38:16:f2:53:ea:cd:4d:1f:b7:0b:10:fb:25:
54:a8:43:8d:01:0d:11:c4:d3:4f:b6:7f:a1:7e:45:
75:25:f9:a8:a8:d7:4e:56:a7:ef:49:8e:b7:d2:91:
b4:89:61:78:34:06:ef:c8:0f:0e:b0:36:52:c1:e8:
b5:c0:75:c9:b9:a9:ac:18:d1:1d:69:e7:c7:b9:d4:
0f:f1:e2:b6:49:8e:ba:97:56:26:1a:db:e5:b2:f5:
a3:2b:84:4d:33:06:ad:cb:cc:4c:f5:ba:ea:b7:93:
96:a2:d6:06:1a:24:fb:3e:6a:27:77:68:d1:29:20:
e7:d9:7c:dc:6d:6c:80:3f:85:ae:b4:20:bc:65:ed:
08:ad:22:a7:22:d6:b9:d5:4e:34:39:bf:c2:72:cc:
f7:8a:6d:6a:6c:27:5d:36:ab:aa:57:87:bc:55:d8:
df:b5:46:2d:c2:7d:84:9e:e9:3d:ab:50:44:26:96:
2f:73:0d:3e:84:44:bf:2e:54:83:52:14:e9:78:b7:
d5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:07:36:23:C6:7A:EF:9B:51:B1:45:A8:E0:14:EC:DE:89:06:10:65
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lwc2I8Z675tRsUWo4BTs3okGEGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.113.0/24
45.88.137.0/24
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:34:bc:06:ed:e6:63:76:1d:19:bb:e5:9e:84:e3:e3:7e:46:
fc:4c:28:9a:87:88:81:e9:a3:43:5b:d5:1f:27:c8:aa:09:43:
d0:3f:20:f6:2b:2b:15:67:1a:37:c2:10:f0:f0:80:8e:1b:08:
b8:c2:ee:6e:da:9a:0f:90:6b:0e:62:89:86:77:88:58:60:c5:
1d:e1:3b:86:95:20:e4:f4:ff:d1:bb:a6:dd:d3:1d:ce:fc:ea:
62:9d:50:01:8b:be:e0:89:67:16:eb:4d:8f:cb:4a:73:c3:6d:
ee:8f:70:0e:4c:62:39:ea:e3:71:33:30:8f:fd:cf:ff:4e:49:
51:ee:8a:05:57:b8:f3:5c:02:01:a4:ce:9d:bc:be:b9:e8:46:
3f:fc:d2:3b:c7:d2:d5:d3:0d:5a:aa:ed:25:01:c6:31:c1:42:
29:6d:23:00:97:de:92:33:63:be:d9:91:51:2d:8c:83:58:23:
47:27:4f:99:43:d6:e2:87:ce:f5:f4:6b:78:06:c9:e6:ae:83:
0a:b7:4f:02:cc:9a:a2:79:19:b3:26:70:1f:df:63:b4:ad:d1:
a6:4e:2e:c7:ac:4f:b0:35:d6:75:19:bc:87:34:26:fc:4b:7c:
40:e8:f3:b5:51:d3:81:1b:88:f2:f3:87:8d:e3:31:2f:1a:8f:
bd:14:39:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2d/uizVLx0aNkZts152kC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjEyMTU0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzA3MzYyM2M2N2FlZjliNTFiMTQ1YThlMDE0ZWNkZTg5MDYxMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud+JstLje/6igJRT4kGoEmFXxwNw
rMcg3u9y/98jtgoT/xR0d/ryt3vUWv8kqvhY6oZhKzqjtnzV6hiIQTgW8lPqzU0f
twsQ+yVUqEONAQ0RxNNPtn+hfkV1JfmoqNdOVqfvSY630pG0iWF4NAbvyA8OsDZS
wei1wHXJuamsGNEdaefHudQP8eK2SY66l1YmGtvlsvWjK4RNMwaty8xM9brqt5OW
otYGGiT7Pmond2jRKSDn2XzcbWyAP4WutCC8Ze0IrSKnIta51U40Ob/Ccsz3im1q
bCddNquqV4e8VdjftUYtwn2Enuk9q1BEJpYvcw0+hES/LlSDUhTpeLfVJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJcHNiPGeu+bUbFFqOAU7N6JBhBlMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbHdjMkk4WjY3NXRSc1VXbzRCVHMzb2tHRUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVFxAwQA
LViJAwQAwz4YMA0GCSqGSIb3DQEBCwUAA4IBAQC1NLwG7eZjdh0Zu+WehOPjfkb8
TCiah4iB6aNDW9UfJ8iqCUPQPyD2KysVZxo3whDw8ICOGwi4wu5u2poPkGsOYomG
d4hYYMUd4TuGlSDk9P/Ru6bd0x3O/OpinVABi77giWcW602Py0pzw23uj3AOTGI5
6uNxMzCP/c//TklR7ooFV7jzXAIBpM6dvL656EY//NI7x9LV0w1aqu0lAcYxwUIp
bSMAl96SM2O+2ZFRLYyDWCNHJ0+ZQ9bih8719Gt4BsnmroMKt08CzJqieRmzJnAf
32O0rdGmTi7HrE+wNdZ1GbyHNCb8S3xA6PO1UdOBG4jy84eN4zEvGo+9FDnZ
-----END CERTIFICATE-----
Generated at Sun Mar 17 18:03:46 2024 by rpki-client on console-fra.rpki-client.org