Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/lC9dxtkvX2BbK5W3RUQL4yhLDs4.roa
File: lC9dxtkvX2BbK5W3RUQL4yhLDs4.roa (raw, json)
Hash identifier: 89NznMciDfD/oG+ijkKOpIFNZVz1dnFZtt9jE1eK0iw=
Subject key identifier: 94:2F:5D:C6:D9:2F:5F:60:5B:2B:95:B7:45:44:0B:E3:28:4B:0E:CE
Certificate issuer: /CN=d39123880f427446d5ff07cef9633e86dc49198d
Certificate serial: 018AF45BA830D1A7EAD6F65A1242D499EBCE
Authority key identifier: D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/lC9dxtkvX2BbK5W3RUQL4yhLDs4.roa
Signing time: Tue 03 Oct 2023 07:06:02 +0000
ROA not before: Tue 03 Oct 2023 07:06:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210792
IP address blocks: 45.153.76.0/22 maxlen: 22
158.255.79.0/24 maxlen: 24
2a11:ba80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:5b:a8:30:d1:a7:ea:d6:f6:5a:12:42:d4:99:eb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d39123880f427446d5ff07cef9633e86dc49198d
Validity
Not Before: Oct 3 07:06:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=942f5dc6d92f5f605b2b95b745440be3284b0ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b1:60:7b:72:ab:cd:02:97:da:2f:5e:4f:39:
37:ac:78:53:80:e2:50:62:53:62:01:df:20:c2:f6:
35:c6:e2:40:02:df:f4:51:69:ad:bb:ae:cb:6a:97:
6a:e5:c9:79:7d:d4:7a:4e:0f:8e:f3:0c:af:39:e5:
f3:3a:6a:48:b0:4c:31:09:7a:3d:c8:be:91:97:cd:
5f:b7:a2:3f:31:b9:36:41:ed:ae:88:20:51:85:e4:
90:e8:57:95:70:13:6b:02:4b:31:92:21:59:e5:3a:
69:5a:34:29:bd:3e:d9:bb:a3:e3:96:9e:bb:7b:6d:
b5:22:14:9f:66:76:2b:b3:f4:f9:5a:9c:90:f3:74:
3e:85:71:8f:6f:51:24:e3:17:a7:d2:b2:4f:5e:e4:
4c:e0:d2:23:6e:7c:07:34:15:44:e5:49:bf:de:0b:
b6:01:40:02:2c:d5:f3:69:90:b7:40:04:30:fe:e3:
5b:52:c9:5d:06:64:29:d5:f6:ed:6c:8f:b0:50:0d:
06:35:9e:b2:39:d7:13:88:d6:c4:a3:35:1d:8d:b0:
c2:d9:15:75:0b:45:09:f2:59:e0:38:52:9d:d0:a1:
c7:3f:1c:b4:94:38:af:fe:67:51:1c:e3:4c:2a:8c:
52:ca:5b:f8:f4:65:17:b0:cb:de:c1:c0:85:7e:c3:
c9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:2F:5D:C6:D9:2F:5F:60:5B:2B:95:B7:45:44:0B:E3:28:4B:0E:CE
X509v3 Authority Key Identifier:
keyid:D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/lC9dxtkvX2BbK5W3RUQL4yhLDs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.76.0/22
158.255.79.0/24
IPv6:
2a11:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
83:55:0a:6e:3a:f8:99:bc:0d:22:12:df:fe:b3:07:ae:2c:33:
9f:17:18:3b:5c:20:eb:f7:ce:57:10:0a:87:70:3b:0a:0b:08:
4b:a2:49:d5:0f:71:8f:d9:4d:88:3f:14:9a:ad:06:96:64:5c:
62:23:05:8a:b0:e2:fa:bd:3c:a9:bb:bc:ff:30:f9:70:75:d1:
82:cf:e4:8f:8f:2b:3f:2b:59:3b:8d:56:7f:61:f5:3f:e8:27:
54:7a:63:b7:82:05:1b:50:38:61:ad:b3:a1:be:ea:71:41:ce:
a7:a9:aa:2c:c8:41:47:0a:da:2a:ab:21:7c:86:c3:7e:64:a8:
bf:39:0c:df:bf:91:eb:5e:ef:aa:9a:1a:c8:f3:6b:96:d2:ba:
10:0b:fb:b3:b7:b7:8a:76:08:8f:de:9e:79:cb:bb:a7:5f:27:
bb:e5:9d:43:72:81:a4:53:ac:81:95:b9:c4:ef:8e:56:b3:ed:
ee:3a:81:31:83:95:f0:4d:bc:b4:0f:e4:a6:ce:4f:cd:88:25:
04:59:cf:bc:b8:4d:96:05:fb:51:4d:76:7b:d8:ee:c7:62:36:
65:16:a6:bf:fc:31:4d:9f:c1:49:7f:db:cb:af:11:2c:b0:4d:
a1:49:b2:d8:c6:64:d2:4c:bf:2a:79:b5:53:70:86:d2:8b:5c:
01:19:c9:ef
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYr0W6gw0afq1vZaEkLUmevOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOTEyMzg4MGY0Mjc0NDZkNWZmMDdjZWY5NjMzZTg2ZGM0
OTE5OGQwHhcNMjMxMDAzMDcwNjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDJmNWRjNmQ5MmY1ZjYwNWIyYjk1Yjc0NTQ0MGJlMzI4NGIwZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirFge3KrzQKX2i9eTzk3rHhTgOJQ
YlNiAd8gwvY1xuJAAt/0UWmtu67Lapdq5cl5fdR6Tg+O8wyvOeXzOmpIsEwxCXo9
yL6Rl81ft6I/Mbk2Qe2uiCBRheSQ6FeVcBNrAksxkiFZ5TppWjQpvT7Zu6Pjlp67
e221IhSfZnYrs/T5WpyQ83Q+hXGPb1Ek4xen0rJPXuRM4NIjbnwHNBVE5Um/3gu2
AUACLNXzaZC3QAQw/uNbUsldBmQp1fbtbI+wUA0GNZ6yOdcTiNbEozUdjbDC2RV1
C0UJ8lngOFKd0KHHPxy0lDiv/mdRHONMKoxSylv49GUXsMvewcCFfsPJHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJQvXcbZL19gWyuVt0VEC+MoSw7OMB8GA1UdIwQY
MBaAFNORI4gPQnRG1f8HzvljPobcSRmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQt
Y2NhMGFkMjY4NWNhLzEvbEM5ZHh0a3ZYMkJiSzVXM1JVUUw0eWhMRHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQtY2NhMGFkMjY4NWNh
LzEvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZlMAwQA
nv9PMA0EAgACMAcDBQMqEbqAMA0GCSqGSIb3DQEBCwUAA4IBAQCDVQpuOviZvA0i
Et/+sweuLDOfFxg7XCDr985XEAqHcDsKCwhLoknVD3GP2U2IPxSarQaWZFxiIwWK
sOL6vTypu7z/MPlwddGCz+SPjys/K1k7jVZ/YfU/6CdUemO3ggUbUDhhrbOhvupx
Qc6nqaosyEFHCtoqqyF8hsN+ZKi/OQzfv5HrXu+qmhrI82uW0roQC/uzt7eKdgiP
3p55y7unXye75Z1DcoGkU6yBlbnE745Ws+3uOoExg5XwTby0D+Smzk/NiCUEWc+8
uE2WBftRTXZ72O7HYjZlFqa//DFNn8FJf9vLrxEssE2hSbLYxmTSTL8qebVTcIbS
i1wBGcnv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:00 2024 by rpki-client on console-ams.rpki-client.org