Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/lbkrlGR4FasMWyIf5DhtAuNHZB4.roa
File: lbkrlGR4FasMWyIf5DhtAuNHZB4.roa (raw, json)
Hash identifier: W5XtmIbH4vZ9JTvRimCDNdlsS5YF1XmwvXU3rSCtwY8=
Subject key identifier: 95:B9:2B:94:64:78:15:AB:0C:5B:22:1F:E4:38:6D:02:E3:47:64:1E
Certificate issuer: /CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Certificate serial: 01856D787D631A30DF54CD0F54B761A5E63B
Authority key identifier: 8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/lbkrlGR4FasMWyIf5DhtAuNHZB4.roa
Signing time: Sun 01 Jan 2023 13:14:51 +0000
ROA not before: Sun 01 Jan 2023 13:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207054
IP address blocks: 45.15.92.0/22 maxlen: 22
185.167.112.0/22 maxlen: 22
185.231.192.0/22 maxlen: 22
2a0b:1a07::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:7d:63:1a:30:df:54:cd:0f:54:b7:61:a5:e6:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Validity
Not Before: Jan 1 13:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95b92b94647815ab0c5b221fe4386d02e347641e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0e:b2:4c:e4:e5:bc:23:d3:ff:8a:91:1c:07:
a0:d1:2c:48:ec:9a:b7:ba:a1:d8:e8:06:80:04:f4:
a4:ab:2c:03:30:0a:68:57:6c:0f:f6:b1:ab:21:35:
43:16:b5:9b:e2:74:63:92:3b:6f:c7:7e:ef:40:13:
65:aa:83:f2:76:57:e7:8d:ea:53:29:2d:bd:c7:b8:
66:76:44:a2:a5:9b:b1:2a:bc:08:59:14:2b:3c:03:
a0:1d:37:33:02:1e:92:d9:9e:bf:98:f0:b3:02:8c:
f9:55:f3:c5:26:5f:05:c0:3a:9f:a8:92:29:9d:a4:
a5:19:5c:8d:84:b3:e2:be:9a:2c:ff:d1:05:bc:04:
03:b5:e8:3a:c9:84:74:a3:57:8b:7e:ea:ee:4f:e7:
15:6a:6a:f9:75:32:5a:04:9c:37:f6:b8:87:df:ce:
76:af:ab:94:75:4c:89:6e:0d:e6:bd:9f:99:3e:1e:
ed:ab:fb:34:e0:f9:ba:5d:ec:b0:78:eb:3a:27:76:
0e:32:9e:49:72:60:df:42:8b:d0:cd:74:10:f7:c3:
ec:a8:18:a9:5f:10:ce:1c:f3:be:82:db:8f:59:77:
f4:22:be:27:7b:ec:43:c0:7d:a0:01:b6:6a:b2:a7:
8c:01:f3:7e:fd:2b:49:01:bf:2e:01:0e:f6:54:76:
f7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B9:2B:94:64:78:15:AB:0C:5B:22:1F:E4:38:6D:02:E3:47:64:1E
X509v3 Authority Key Identifier:
keyid:8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/lbkrlGR4FasMWyIf5DhtAuNHZB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.92.0/22
185.167.112.0/22
185.231.192.0/22
IPv6:
2a0b:1a07::/32
Signature Algorithm: sha256WithRSAEncryption
61:a1:4a:a9:0e:66:56:ca:77:8f:32:f7:52:38:c3:e3:98:b7:
39:3d:fe:63:47:03:4f:22:22:64:fc:ba:7a:4c:93:6d:33:d1:
5e:6a:35:7d:48:ac:d4:c8:27:28:ea:80:2f:60:82:e9:e2:f3:
49:be:a3:5b:1f:94:02:c0:fc:0d:19:bc:f3:c5:1d:8d:41:d1:
fe:be:fa:e9:de:8b:0f:5d:83:3b:55:28:b7:81:3e:e1:1b:bc:
9b:e8:5e:af:11:5c:75:c5:ba:17:28:94:9e:47:2c:06:73:85:
e3:e7:eb:47:3d:34:79:16:21:17:92:f0:f4:88:18:b6:15:ae:
9a:07:15:f6:15:d8:db:a9:ed:1d:bf:dd:cf:69:1c:2c:81:f6:
8b:14:5d:ff:5d:70:9b:4b:51:01:0e:54:61:c7:53:5e:09:6e:
21:e7:fd:b8:68:c1:11:b4:32:73:d0:0e:78:1c:c7:e3:22:21:
af:14:8c:d7:6a:7b:7b:c0:0a:27:68:32:ac:ee:d9:0c:dd:58:
00:45:1c:84:71:47:b6:ef:46:0e:e3:51:14:ef:34:45:1e:7d:
85:e1:cf:a6:c9:b4:07:28:5c:40:1e:d8:66:c7:b6:1d:96:ae:
1e:12:16:5d:41:cf:e9:65:c9:5e:bd:9a:f1:d2:ef:82:d9:37:
bb:0b:6f:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVteH1jGjDfVM0PVLdhpeY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYzdlYWU2NDlkOTU0N2IwYWQwYWIwMDdhYjRlOGE0OGRl
ZDRkNWQwHhcNMjMwMTAxMTMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI5MmI5NDY0NzgxNWFiMGM1YjIyMWZlNDM4NmQwMmUzNDc2NDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA6yTOTlvCPT/4qRHAeg0SxI7Jq3
uqHY6AaABPSkqywDMApoV2wP9rGrITVDFrWb4nRjkjtvx37vQBNlqoPydlfnjepT
KS29x7hmdkSipZuxKrwIWRQrPAOgHTczAh6S2Z6/mPCzAoz5VfPFJl8FwDqfqJIp
naSlGVyNhLPivpos/9EFvAQDteg6yYR0o1eLfuruT+cVamr5dTJaBJw39riH3852
r6uUdUyJbg3mvZ+ZPh7tq/s04Pm6XeyweOs6J3YOMp5JcmDfQovQzXQQ98PsqBip
XxDOHPO+gtuPWXf0Ir4ne+xDwH2gAbZqsqeMAfN+/StJAb8uAQ72VHb3RQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJW5K5RkeBWrDFsiH+Q4bQLjR2QeMB8GA1UdIwQY
MBaAFIrH6uZJ2VR7CtCrAHq06KSN7U1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYt
YWMwMWYwYzU2NjJiLzEvbGJrcmxHUjRGYXNNV3lJZjVEaHRBdU5IWkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYtYWMwMWYwYzU2NjJi
LzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQ9cAwQC
uadwAwQCuefAMA0EAgACMAcDBQAqCxoHMA0GCSqGSIb3DQEBCwUAA4IBAQBhoUqp
DmZWynePMvdSOMPjmLc5Pf5jRwNPIiJk/Lp6TJNtM9FeajV9SKzUyCco6oAvYILp
4vNJvqNbH5QCwPwNGbzzxR2NQdH+vvrp3osPXYM7VSi3gT7hG7yb6F6vEVx1xboX
KJSeRywGc4Xj5+tHPTR5FiEXkvD0iBi2Fa6aBxX2Fdjbqe0dv93PaRwsgfaLFF3/
XXCbS1EBDlRhx1NeCW4h5/24aMERtDJz0A54HMfjIiGvFIzXant7wAonaDKs7tkM
3VgARRyEcUe270YO41EU7zRFHn2F4c+mybQHKFxAHthmx7Ydlq4eEhZdQc/pZcle
vZrx0u+C2Te7C2+C
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:13 2024 by rpki-client on console-ams.rpki-client.org