Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/dLXPGQR2Iihix2Myln8Et0543-g.roa
File: dLXPGQR2Iihix2Myln8Et0543-g.roa (raw, json)
Hash identifier: lgEMBHhFpgrNNlJlFyd37i/ML1TzaWKIFHo4OXb0F48=
Subject key identifier: 74:B5:CF:19:04:76:22:28:62:C7:63:32:96:7F:04:B7:4E:78:DF:E8
Certificate issuer: /CN=c7671270b69cec504606b126c4ca833816af7da4
Certificate serial: 018B22F1380BD7E129A9DB0FACF267D76980
Authority key identifier: C7:67:12:70:B6:9C:EC:50:46:06:B1:26:C4:CA:83:38:16:AF:7D:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x2cScLac7FBGBrEmxMqDOBavfaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/dLXPGQR2Iihix2Myln8Et0543-g.roa
Signing time: Thu 12 Oct 2023 08:11:55 +0000
ROA not before: Thu 12 Oct 2023 08:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216323
IP address blocks: 45.131.35.0/24 maxlen: 24
2a12:9e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:22:f1:38:0b:d7:e1:29:a9:db:0f:ac:f2:67:d7:69:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7671270b69cec504606b126c4ca833816af7da4
Validity
Not Before: Oct 12 08:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74b5cf190476222862c76332967f04b74e78dfe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cc:11:fc:76:82:14:07:15:cb:12:4f:63:20:
63:ae:8f:aa:81:b6:7f:73:3a:bb:7d:d0:47:5c:19:
76:88:7b:b7:30:be:97:d5:42:b4:00:ae:f6:b5:23:
fc:3e:04:01:58:59:7d:10:30:7d:a8:57:ce:06:5e:
f1:b9:bd:1a:17:2b:8a:03:27:36:f1:69:dd:42:39:
db:5f:d2:29:3d:cb:e9:63:dd:39:06:66:e5:1e:ef:
63:6e:20:25:54:5c:a2:3c:1c:a5:60:b0:a8:c5:97:
17:bd:4e:3f:51:f0:9c:3a:a0:09:87:56:ff:6f:9f:
7b:25:b2:43:75:a2:16:ab:39:66:30:94:2b:10:62:
7d:47:17:e0:a7:fb:19:66:93:4c:60:36:18:50:7f:
b3:54:87:e8:f6:5f:ff:e1:ce:95:43:f3:6b:d2:91:
65:25:68:5a:75:1a:a5:84:3a:fd:b0:15:92:6a:a8:
6f:a4:ee:79:c1:9b:43:f1:15:a1:40:62:8f:13:95:
40:1d:7c:e0:19:8d:c7:0b:93:63:1b:c5:5e:ce:40:
fb:04:36:a9:d5:42:1a:73:00:c2:b9:6a:3f:b3:cb:
52:ba:fa:10:0e:c6:f6:40:c5:aa:d6:91:5e:c2:ef:
71:29:4b:c2:e4:a7:eb:a1:12:c4:43:ad:2f:c5:9f:
d5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B5:CF:19:04:76:22:28:62:C7:63:32:96:7F:04:B7:4E:78:DF:E8
X509v3 Authority Key Identifier:
keyid:C7:67:12:70:B6:9C:EC:50:46:06:B1:26:C4:CA:83:38:16:AF:7D:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2cScLac7FBGBrEmxMqDOBavfaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/dLXPGQR2Iihix2Myln8Et0543-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/x2cScLac7FBGBrEmxMqDOBavfaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.35.0/24
IPv6:
2a12:9e80::/29
Signature Algorithm: sha256WithRSAEncryption
7c:ab:b7:b2:1c:ea:79:40:bd:7b:ad:c3:10:ce:ac:24:35:35:
83:98:c2:1c:64:10:d2:7b:70:af:06:df:bd:da:3a:32:e9:5a:
85:48:bb:a8:ba:2c:ce:1f:14:8e:50:c0:18:a7:7f:32:86:c3:
a2:66:90:7c:24:80:d5:74:15:76:cb:9e:eb:b1:98:90:0d:26:
21:f5:88:2e:c9:39:5d:7a:8e:5f:bb:7e:0f:1c:85:d5:20:f0:
0c:3e:bd:05:5b:a2:15:7f:bd:61:9a:80:34:c3:11:8c:22:cc:
c2:03:7c:64:56:5f:f5:b0:39:16:cc:bc:10:46:a6:fd:65:6d:
d5:6f:f2:c7:1d:2c:5f:b7:8d:9e:7c:c2:c1:ae:d9:da:b5:37:
6d:fb:79:30:52:39:f1:d4:f9:44:b6:66:e8:d2:43:a2:ff:e8:
85:47:37:ea:4d:6b:47:8d:a8:9c:a8:74:dd:02:16:ed:d4:72:
b5:81:11:db:38:ae:81:b7:09:3f:fe:6c:29:7a:79:5e:7c:32:
f5:f0:52:6d:b5:ab:27:77:2d:cb:78:ef:d6:2b:81:98:45:54:
57:58:ac:d4:4d:27:ef:2b:38:98:74:09:e7:f4:a7:b3:62:7f:
89:3b:29:00:eb:4d:f7:04:a3:92:29:6d:82:a7:0f:d7:52:60:
30:ff:c2:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsi8TgL1+EpqdsPrPJn12mAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NjcxMjcwYjY5Y2VjNTA0NjA2YjEyNmM0Y2E4MzM4MTZh
ZjdkYTQwHhcNMjMxMDEyMDgxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI1Y2YxOTA0NzYyMjI4NjJjNzYzMzI5NjdmMDRiNzRlNzhkZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8wR/HaCFAcVyxJPYyBjro+qgbZ/
czq7fdBHXBl2iHu3ML6X1UK0AK72tSP8PgQBWFl9EDB9qFfOBl7xub0aFyuKAyc2
8WndQjnbX9IpPcvpY905BmblHu9jbiAlVFyiPBylYLCoxZcXvU4/UfCcOqAJh1b/
b597JbJDdaIWqzlmMJQrEGJ9Rxfgp/sZZpNMYDYYUH+zVIfo9l//4c6VQ/Nr0pFl
JWhadRqlhDr9sBWSaqhvpO55wZtD8RWhQGKPE5VAHXzgGY3HC5NjG8VezkD7BDap
1UIacwDCuWo/s8tSuvoQDsb2QMWq1pFewu9xKUvC5KfroRLEQ60vxZ/VMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHS1zxkEdiIoYsdjMpZ/BLdOeN/oMB8GA1UdIwQY
MBaAFMdnEnC2nOxQRgaxJsTKgzgWr32kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDJjU2NMYWM3RkJHQnJFbXhNcURPQmF2ZmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hZWI3MGEtYTNmYy00NDYzLWE3Y2Qt
OTg2ZWEyMDNmOWVjLzEvZExYUEdRUjJJaWhpeDJNeWxuOEV0MDU0My1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hZWI3MGEtYTNmYy00NDYzLWE3Y2QtOTg2ZWEyMDNmOWVj
LzEveDJjU2NMYWM3RkJHQnJFbXhNcURPQmF2ZmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYMjMA0E
AgACMAcDBQMqEp6AMA0GCSqGSIb3DQEBCwUAA4IBAQB8q7eyHOp5QL17rcMQzqwk
NTWDmMIcZBDSe3CvBt+92joy6VqFSLuouizOHxSOUMAYp38yhsOiZpB8JIDVdBV2
y57rsZiQDSYh9YguyTldeo5fu34PHIXVIPAMPr0FW6IVf71hmoA0wxGMIszCA3xk
Vl/1sDkWzLwQRqb9ZW3Vb/LHHSxft42efMLBrtnatTdt+3kwUjnx1PlEtmbo0kOi
/+iFRzfqTWtHjaicqHTdAhbt1HK1gRHbOK6Btwk//mwpenlefDL18FJttasndy3L
eO/WK4GYRVRXWKzUTSfvKziYdAnn9KezYn+JOykA6033BKOSKW2Cpw/XUmAw/8Kk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:12 2024 by rpki-client on console-fra.rpki-client.org