Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/lfTJm8Jozkyjdg2vZx6igTpsv2o.roa
File: lfTJm8Jozkyjdg2vZx6igTpsv2o.roa (raw, json)
Hash identifier: 1hODlYCb2ErTn+XdAJcw6VNFZhMQAd1nL3ro3sJ3nu8=
Subject key identifier: 95:F4:C9:9B:C2:68:CE:4C:A3:76:0D:AF:67:1E:A2:81:3A:6C:BF:6A
Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Certificate serial: 018CC348950305D2132900854D60BC96E996
Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/lfTJm8Jozkyjdg2vZx6igTpsv2o.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212517
IP address blocks: 45.159.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:95:03:05:d2:13:29:00:85:4d:60:bc:96:e9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95f4c99bc268ce4ca3760daf671ea2813a6cbf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:37:8a:bb:65:da:e8:0b:86:5d:fc:e2:7a:
b8:e2:f7:ff:da:61:65:01:ad:4c:57:bb:07:e0:d1:
37:a8:d6:44:d2:95:ea:4c:b6:d5:23:e6:7d:a6:24:
34:f2:e4:5b:ee:bc:03:2b:7b:6a:0d:0a:21:9e:2c:
8d:23:31:ab:4a:46:79:ab:94:5e:81:1e:9f:40:7b:
ca:e1:2a:6a:8a:e7:45:c5:53:f9:eb:c1:db:40:5f:
bf:bc:97:e5:86:cb:85:b3:a2:9e:40:8c:58:44:23:
3f:02:ac:54:53:98:d9:31:9f:ee:26:52:37:92:2b:
2b:e0:fe:7d:54:91:ee:e9:16:18:ec:7d:2d:b6:ee:
ba:95:46:9c:53:2d:38:54:d5:10:99:e5:ce:1b:89:
d8:2c:4e:99:c2:62:5a:b5:9b:66:94:d7:d3:24:61:
2a:7e:18:d2:ab:46:86:a8:35:99:e6:3b:e5:a2:0a:
79:f9:a9:19:e7:0e:7a:b6:36:2b:3a:60:32:2f:e9:
55:06:2e:ea:2b:45:9e:02:e8:9f:1c:d7:48:7b:98:
c0:d9:8f:c0:61:46:6a:88:6e:51:de:82:93:f5:f2:
01:9e:16:6b:79:d1:47:2e:a0:b6:3a:b2:54:79:7b:
68:b9:cb:89:8c:59:a4:80:33:01:94:b9:b2:25:49:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F4:C9:9B:C2:68:CE:4C:A3:76:0D:AF:67:1E:A2:81:3A:6C:BF:6A
X509v3 Authority Key Identifier:
keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/lfTJm8Jozkyjdg2vZx6igTpsv2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.12.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e1:11:48:a4:c3:49:4d:a7:34:03:75:86:a4:a3:ac:71:07:
8d:3f:ee:eb:ef:87:e1:b8:b9:69:b5:76:1e:f1:6a:87:c2:e4:
9e:87:15:ba:d7:00:de:73:c0:10:f2:f6:44:f6:6d:e5:cf:82:
b5:bb:f7:fc:ee:b9:75:00:a7:64:6f:34:e8:72:f3:94:3a:9b:
46:72:b3:4a:6e:de:26:99:35:e7:ce:2d:63:60:33:4b:89:30:
89:c9:76:e1:59:eb:b2:f6:56:b9:b1:89:f3:8a:d5:c3:c1:88:
69:3b:4f:cc:9e:2e:ac:34:44:b0:3b:d5:10:42:3d:57:12:dc:
c3:81:ef:7a:98:4e:1c:c6:77:3d:43:4f:1b:4f:fc:8b:56:17:
04:b7:71:09:83:c4:af:20:7e:eb:18:a6:7d:d4:ce:d2:3e:04:
ee:4c:69:9c:a5:9d:c7:6d:5a:e0:93:22:70:80:99:e9:52:45:
79:e4:9b:26:65:4c:58:61:70:61:32:bb:a6:eb:67:5e:06:56:
a6:7a:ce:05:9d:57:97:bf:0e:fc:b1:e4:1c:c8:50:e2:99:02:
02:cd:77:e2:90:84:33:31:64:76:47:33:c2:e1:77:d4:a5:9b:
ba:be:95:82:cf:07:ac:37:ba:b5:15:2b:e8:6f:3a:f7:1d:ad:
ed:1c:f8:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSJUDBdITKQCFTWC8lumWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0
NDNiZDQwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY0Yzk5YmMyNjhjZTRjYTM3NjBkYWY2NzFlYTI4MTNhNmNiZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNo3irtl2ugLhl384nq44vf/2mFl
Aa1MV7sH4NE3qNZE0pXqTLbVI+Z9piQ08uRb7rwDK3tqDQohniyNIzGrSkZ5q5Re
gR6fQHvK4SpqiudFxVP568HbQF+/vJflhsuFs6KeQIxYRCM/AqxUU5jZMZ/uJlI3
kisr4P59VJHu6RYY7H0ttu66lUacUy04VNUQmeXOG4nYLE6ZwmJatZtmlNfTJGEq
fhjSq0aGqDWZ5jvlogp5+akZ5w56tjYrOmAyL+lVBi7qK0WeAuifHNdIe5jA2Y/A
YUZqiG5R3oKT9fIBnhZredFHLqC2OrJUeXtoucuJjFmkgDMBlLmyJUnSIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJX0yZvCaM5Mo3YNr2ceooE6bL9qMB8GA1UdIwQY
MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct
Y2RhNWMzNzY2ZjAzLzEvbGZUSm04Sm96a3lqZGcydlp4NmlnVHBzdjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz
LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ8MMA0G
CSqGSIb3DQEBCwUAA4IBAQCD4RFIpMNJTac0A3WGpKOscQeNP+7r74fhuLlptXYe
8WqHwuSehxW61wDec8AQ8vZE9m3lz4K1u/f87rl1AKdkbzTocvOUOptGcrNKbt4m
mTXnzi1jYDNLiTCJyXbhWeuy9la5sYnzitXDwYhpO0/Mni6sNESwO9UQQj1XEtzD
ge96mE4cxnc9Q08bT/yLVhcEt3EJg8SvIH7rGKZ91M7SPgTuTGmcpZ3HbVrgkyJw
gJnpUkV55JsmZUxYYXBhMrum62deBlames4FnVeXvw78seQcyFDimQICzXfikIQz
MWR2RzPC4XfUpZu6vpWCzwesN7q1FSvobzr3Ha3tHPgq
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:58:44 2025 by rpki-client