Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/lNpDdQWmUSe6iy582ZPNqaxNA_k.roa
File: lNpDdQWmUSe6iy582ZPNqaxNA_k.roa (raw, json)
Hash identifier: ZPMrwusG6c9CD0xjwtttzOom7J8C5PPMRDTNA0SGVKY=
Subject key identifier: 94:DA:43:75:05:A6:51:27:BA:8B:2E:7C:D9:93:CD:A9:AC:4D:03:F9
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CA6E694307B88303B9AF2A782709FA03E
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/lNpDdQWmUSe6iy582ZPNqaxNA_k.roa
Signing time: Tue 26 Dec 2023 16:12:58 +0000
ROA not before: Tue 26 Dec 2023 16:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31863
IP address blocks: 45.142.154.0/24 maxlen: 24
185.202.100.0/24 maxlen: 24
45.91.224.0/24 maxlen: 24
194.126.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:e6:94:30:7b:88:30:3b:9a:f2:a7:82:70:9f:a0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 26 16:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94da437505a65127ba8b2e7cd993cda9ac4d03f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1b:e6:d3:c2:a3:6e:eb:d0:28:85:41:27:bd:
94:b6:3f:4d:90:3f:e9:27:90:3f:d4:46:05:d5:cb:
24:7f:ac:72:98:df:f0:76:81:8d:6b:cc:68:93:91:
38:14:22:ca:bf:bd:93:bf:da:f6:9c:c8:f6:83:c6:
6e:89:da:a6:56:8e:d7:b2:5e:64:21:85:78:a2:0d:
7c:4b:11:9d:c2:30:97:fa:c4:9b:3f:86:58:55:fe:
03:ff:1a:3c:60:68:7e:fa:d2:20:da:53:d8:97:4f:
28:3b:d1:06:89:83:04:81:ba:77:65:1b:b6:aa:93:
30:0c:61:11:e8:51:c7:08:05:27:44:88:65:21:2a:
3e:0f:d3:c3:f9:b7:e0:b9:f4:b6:78:d5:7e:c7:de:
c7:7e:b8:20:86:d4:fb:fd:8c:a7:a4:c3:da:03:e0:
bd:e5:0c:d9:1c:54:d1:0a:8c:06:95:e5:d6:25:89:
f7:30:12:70:e6:95:49:ae:08:e7:8a:07:fd:d7:e9:
13:6f:01:49:51:f7:94:48:5d:a6:e3:97:a4:48:a5:
b4:a9:bd:f5:a1:03:aa:93:7c:36:50:6f:ab:79:14:
1c:b6:95:59:e3:83:9b:89:4b:4d:9f:92:da:46:83:
4c:06:17:5c:53:1e:f9:fe:f9:6c:45:d6:c3:9c:b0:
d8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DA:43:75:05:A6:51:27:BA:8B:2E:7C:D9:93:CD:A9:AC:4D:03:F9
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/lNpDdQWmUSe6iy582ZPNqaxNA_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.224.0/24
45.142.154.0/24
185.202.100.0/24
194.126.227.0/24
Signature Algorithm: sha256WithRSAEncryption
23:3d:35:16:7a:16:c8:b2:39:5d:5c:92:46:75:0d:f2:0e:9d:
d6:33:ec:bf:22:55:9d:29:e3:4e:05:fb:47:a5:be:c9:9f:8d:
6e:c4:dc:bf:1c:46:3e:73:ce:04:99:d3:f4:24:f2:f4:d6:39:
bb:05:a9:6e:25:ff:61:eb:5e:f5:0a:f3:62:12:f5:a3:19:bb:
89:2e:d9:86:85:fa:3d:60:db:9e:29:53:5c:e7:c8:7a:54:70:
25:9e:07:48:ee:98:2c:a1:5a:62:a9:21:ad:90:07:91:22:1c:
6b:96:fe:55:39:44:e4:26:38:57:58:bb:0f:c5:a4:13:19:fd:
8d:33:24:25:e5:aa:3f:c3:d2:59:80:c9:36:3d:74:85:50:91:
61:82:84:53:68:0b:90:f8:19:70:2c:17:09:73:b8:20:d0:8b:
68:7c:5c:69:bd:bc:9f:e4:71:8c:52:b3:e0:9b:bd:79:70:ca:
1d:7d:1b:f8:4c:7e:7f:04:5e:32:97:e4:53:be:aa:a4:fd:ce:
e5:91:da:f4:e0:cc:c3:2d:7d:46:49:4a:b0:04:f9:12:96:91:
37:c3:b9:5c:82:4b:7d:64:85:21:a3:a7:ab:09:aa:e2:39:20:
0f:31:05:df:67:40:56:e5:de:e6:bb:cb:4f:d3:05:e4:71:c9:
ed:98:56:ed
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYym5pQwe4gwO5ryp4Jwn6A+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI2MTYxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRhNDM3NTA1YTY1MTI3YmE4YjJlN2NkOTkzY2RhOWFjNGQwM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBvm08KjbuvQKIVBJ72Utj9NkD/p
J5A/1EYF1cskf6xymN/wdoGNa8xok5E4FCLKv72Tv9r2nMj2g8ZuidqmVo7Xsl5k
IYV4og18SxGdwjCX+sSbP4ZYVf4D/xo8YGh++tIg2lPYl08oO9EGiYMEgbp3ZRu2
qpMwDGER6FHHCAUnRIhlISo+D9PD+bfgufS2eNV+x97HfrgghtT7/YynpMPaA+C9
5QzZHFTRCowGleXWJYn3MBJw5pVJrgjnigf91+kTbwFJUfeUSF2m45ekSKW0qb31
oQOqk3w2UG+reRQctpVZ44ObiUtNn5LaRoNMBhdcUx75/vlsRdbDnLDYJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJTaQ3UFplEnuosufNmTzamsTQP5MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvbE5wRGRRV21VU2U2aXk1ODJaUE5xYXhOQV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVvgAwQA
LY6aAwQAucpkAwQAwn7jMA0GCSqGSIb3DQEBCwUAA4IBAQAjPTUWehbIsjldXJJG
dQ3yDp3WM+y/IlWdKeNOBftHpb7Jn41uxNy/HEY+c84EmdP0JPL01jm7BaluJf9h
6171CvNiEvWjGbuJLtmGhfo9YNueKVNc58h6VHAlngdI7pgsoVpiqSGtkAeRIhxr
lv5VOUTkJjhXWLsPxaQTGf2NMyQl5ao/w9JZgMk2PXSFUJFhgoRTaAuQ+BlwLBcJ
c7gg0ItofFxpvbyf5HGMUrPgm715cModfRv4TH5/BF4yl+RTvqqk/c7lkdr04MzD
LX1GSUqwBPkSlpE3w7lcgkt9ZIUho6erCariOSAPMQXfZ0BW5d7mu8tP0wXkccnt
mFbt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:03 2024 by rpki-client on console-ams.rpki-client.org