Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/lxpuZKJF5p00kUtDCxEojyznMD8.roa
File: lxpuZKJF5p00kUtDCxEojyznMD8.roa (raw, json)
Hash identifier: 5IEMHlZOes6PIKddK2ZSuFyFuxrHojigIpUjKIHrNTw=
Subject key identifier: 97:1A:6E:64:A2:45:E6:9D:34:91:4B:43:0B:11:28:8F:2C:E7:30:3F
Certificate issuer: /CN=a04de87501c7d3082c76659f4debd9428843b4cb
Certificate serial: 01856F42CE7042EA434E83EECC204E6E9717
Authority key identifier: A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/lxpuZKJF5p00kUtDCxEojyznMD8.roa
Signing time: Sun 01 Jan 2023 21:35:27 +0000
ROA not before: Sun 01 Jan 2023 21:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41529
IP address blocks: 45.131.84.0/24 maxlen: 24
45.131.85.0/24 maxlen: 24
45.131.84.0/22 maxlen: 22
45.131.87.0/24 maxlen: 24
45.131.86.0/24 maxlen: 24
2a0e:5f40:84::/48 maxlen: 48
2a0e:5f40:87::/48 maxlen: 48
2a0e:5f40::/29 maxlen: 29
2a0e:5f40:85::/48 maxlen: 48
2a0e:5f40:86::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ce:70:42:ea:43:4e:83:ee:cc:20:4e:6e:97:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04de87501c7d3082c76659f4debd9428843b4cb
Validity
Not Before: Jan 1 21:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=971a6e64a245e69d34914b430b11288f2ce7303f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f3:d1:86:6d:29:76:c1:02:f4:f2:38:a4:04:
3c:69:b0:f0:7c:99:dd:b3:6b:21:da:90:e3:dd:a5:
09:fe:6d:2f:67:dd:c9:75:1b:6b:3e:9d:8c:12:43:
61:6b:e5:36:0d:ff:79:c9:1d:b1:af:6f:2c:72:4b:
3a:2e:d9:28:55:ea:dc:24:ce:0d:eb:35:36:83:55:
cd:c9:e3:3a:5d:e2:26:a5:88:1e:1b:d6:1a:dc:f6:
c4:ef:8d:33:0e:87:46:e1:3d:c1:af:4d:1f:a8:10:
35:ba:2e:b4:ad:0d:0a:64:3c:83:0f:da:23:f6:7f:
24:02:19:61:67:ef:6a:77:47:f1:7f:59:ed:f5:bd:
95:2a:8f:5e:69:cf:d6:cb:b8:90:97:6f:2c:b1:69:
4f:ba:fb:d9:ea:87:3f:82:c3:64:44:d8:c2:ae:e0:
ce:20:7a:b8:b6:aa:17:a3:3d:d9:00:3d:cf:01:33:
ad:d1:68:79:3b:04:02:35:de:3d:f9:1b:f1:c3:c2:
e3:4e:be:00:d4:9a:2f:a0:a3:eb:9b:4c:40:28:b8:
40:ab:ae:28:3e:e0:e0:34:9a:55:d9:f2:93:1b:b5:
45:c7:0b:c8:ee:e7:28:8a:e3:b8:96:78:60:2e:45:
38:91:94:54:3a:54:8b:b5:d3:e3:aa:84:c5:ef:0a:
f4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1A:6E:64:A2:45:E6:9D:34:91:4B:43:0B:11:28:8F:2C:E7:30:3F
X509v3 Authority Key Identifier:
keyid:A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/lxpuZKJF5p00kUtDCxEojyznMD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.84.0/22
IPv6:
2a0e:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
15:26:82:33:6f:44:29:23:69:5c:e7:d4:70:f1:59:28:82:05:
3f:9a:6d:e0:6b:7b:e5:1c:71:a1:7b:77:48:5e:f9:bd:c3:8f:
9a:03:19:4e:49:06:5b:c5:6e:38:fd:64:95:92:4a:40:b2:50:
ce:b6:8a:20:75:55:d9:47:63:6a:2b:4d:99:86:11:ae:f8:7b:
f3:5a:03:a7:33:5e:8e:36:99:f9:4b:09:0c:8c:37:a0:79:0e:
0e:21:5a:a8:1a:7d:26:8a:c5:8c:5b:d1:dd:d1:cb:18:2d:32:
26:5d:39:81:13:4e:8c:54:d7:8e:ee:d8:16:e2:af:93:ab:43:
e8:5f:d0:bb:41:45:43:ae:b5:1d:ff:d0:1a:20:81:15:6e:83:
ce:37:f1:0d:33:e3:0e:45:b0:13:d3:3e:62:e1:79:72:03:cc:
7b:d9:6e:aa:f2:44:08:45:cf:90:fa:f8:63:ad:e3:4c:8f:90:
e7:4a:d1:f7:9a:46:34:23:2e:5e:22:0f:22:ef:3c:be:f8:9a:
12:12:d5:db:14:5b:bf:fa:fa:9b:bb:d3:74:66:a5:31:64:e2:
30:73:56:b0:40:dc:e0:0d:83:e4:56:58:1c:4e:2a:9f:fd:3f:
ae:5c:96:8f:f9:ea:2b:2b:92:c6:fc:df:9b:a3:79:55:63:29:
6a:19:f7:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQs5wQupDToPuzCBObpcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNGRlODc1MDFjN2QzMDgyYzc2NjU5ZjRkZWJkOTQyODg0
M2I0Y2IwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzFhNmU2NGEyNDVlNjlkMzQ5MTRiNDMwYjExMjg4ZjJjZTczMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfPRhm0pdsEC9PI4pAQ8abDwfJnd
s2sh2pDj3aUJ/m0vZ93JdRtrPp2MEkNha+U2Df95yR2xr28scks6LtkoVercJM4N
6zU2g1XNyeM6XeImpYgeG9Ya3PbE740zDodG4T3Br00fqBA1ui60rQ0KZDyDD9oj
9n8kAhlhZ+9qd0fxf1nt9b2VKo9eac/Wy7iQl28ssWlPuvvZ6oc/gsNkRNjCruDO
IHq4tqoXoz3ZAD3PATOt0Wh5OwQCNd49+Rvxw8LjTr4A1JovoKPrm0xAKLhAq64o
PuDgNJpV2fKTG7VFxwvI7ucoiuO4lnhgLkU4kZRUOlSLtdPjqoTF7wr0cQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJcabmSiReadNJFLQwsRKI8s5zA/MB8GA1UdIwQY
MBaAFKBN6HUBx9MILHZln03r2UKIQ7TLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5Njkt
NzQ4Zjc4NzgzODhhLzEvbHhwdVpLSkY1cDAwa1V0REN4RW9qeXpuTUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5NjktNzQ4Zjc4NzgzODhh
LzEvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYNUMA0E
AgACMAcDBQMqDl9AMA0GCSqGSIb3DQEBCwUAA4IBAQAVJoIzb0QpI2lc59Rw8Vko
ggU/mm3ga3vlHHGhe3dIXvm9w4+aAxlOSQZbxW44/WSVkkpAslDOtoogdVXZR2Nq
K02ZhhGu+HvzWgOnM16ONpn5SwkMjDegeQ4OIVqoGn0misWMW9Hd0csYLTImXTmB
E06MVNeO7tgW4q+Tq0PoX9C7QUVDrrUd/9AaIIEVboPON/ENM+MORbAT0z5i4Xly
A8x72W6q8kQIRc+Q+vhjreNMj5DnStH3mkY0Iy5eIg8i7zy++JoSEtXbFFu/+vqb
u9N0ZqUxZOIwc1awQNzgDYPkVlgcTiqf/T+uXJaP+eorK5LG/N+bo3lVYylqGfca
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:36 2024 by rpki-client on console-ams.rpki-client.org