Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/lfDGoCzGFv2u2ZYMw8Zvjo3IAhQ.roa
File: lfDGoCzGFv2u2ZYMw8Zvjo3IAhQ.roa (raw, json)
Hash identifier: 3DVwQg16m67ie0/7+V/Gm0ihmwoAX/cQpMOvcjRLq3A=
Subject key identifier: 95:F0:C6:A0:2C:C6:16:FD:AE:D9:96:0C:C3:C6:6F:8E:8D:C8:02:14
Certificate issuer: /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial: 01856EF8E755A31F233CC37B2751F7F15F66
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/lfDGoCzGFv2u2ZYMw8Zvjo3IAhQ.roa
Signing time: Sun 01 Jan 2023 20:14:43 +0000
ROA not before: Sun 01 Jan 2023 20:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207992
IP address blocks: 45.158.77.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f8:e7:55:a3:1f:23:3c:c3:7b:27:51:f7:f1:5f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Validity
Not Before: Jan 1 20:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f0c6a02cc616fdaed9960cc3c66f8e8dc80214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:94:61:b9:73:36:76:79:f6:1f:f5:9e:82:39:
71:61:92:67:c2:68:42:f2:2f:53:d9:ea:b0:dd:ee:
74:e8:ee:b7:7f:da:81:87:9c:8d:00:32:87:e5:67:
d5:0e:6f:03:87:94:b0:9a:ae:72:2a:d8:4e:53:2e:
27:15:d1:19:90:8d:6e:b9:38:f2:5a:ee:18:bf:91:
e0:11:8f:42:f7:41:b7:e1:a4:35:0c:17:f5:a6:80:
25:f8:77:48:3e:8d:91:3a:08:21:1d:fb:34:5a:c4:
e2:49:b0:1a:f1:e5:34:69:3c:0d:94:22:49:b9:26:
7f:34:d7:eb:1b:c5:1a:93:35:14:96:1d:c9:b7:31:
79:1a:7d:04:f7:b0:48:b7:de:9b:3b:ae:2e:8f:89:
ca:c4:61:2f:00:e5:b5:77:46:5d:39:8a:fd:b3:ca:
c0:8d:ff:27:fd:25:fe:b3:32:00:df:33:cb:89:f8:
c8:99:b2:2b:73:51:8c:e0:fe:bb:bd:00:7f:a6:f1:
b9:50:95:90:6c:88:57:20:1d:a7:a7:67:0b:68:bd:
47:fd:af:11:f9:9a:a8:b1:99:da:8b:87:76:b0:ac:
6d:e8:90:c8:64:ae:b6:f5:8c:c4:2a:b7:fd:0b:30:
54:df:1c:6f:7e:4f:53:dd:df:80:2a:1f:e6:83:0b:
20:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F0:C6:A0:2C:C6:16:FD:AE:D9:96:0C:C3:C6:6F:8E:8D:C8:02:14
X509v3 Authority Key Identifier:
keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/lfDGoCzGFv2u2ZYMw8Zvjo3IAhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.77.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:5c:b7:77:c8:eb:fd:4a:e6:73:06:5d:67:5a:57:90:c8:a9:
3f:4f:85:79:c7:ef:f5:ca:2b:d7:d5:7e:78:cf:a1:60:4d:05:
d3:c0:a9:7a:b1:1c:57:7f:fc:fd:db:af:c7:5d:a0:d0:72:1b:
bb:07:f7:34:69:2f:41:be:ef:19:35:e0:c5:8e:c8:46:a0:2b:
ff:2c:f1:86:38:fb:c6:19:e0:70:e1:ed:07:3e:c2:85:9f:19:
fe:a8:98:75:f6:49:fa:30:3d:81:03:c7:57:2a:ff:dd:c7:29:
a7:3b:b8:95:a4:af:d6:35:bb:04:d9:83:bb:71:e7:80:27:67:
61:34:dc:92:9b:23:a4:d1:1d:d3:3c:85:e2:3a:35:d8:2f:1e:
12:ad:c7:33:ea:63:cd:a4:0b:7c:ec:65:1b:78:86:77:ee:dd:
ba:a7:9f:ff:c0:5a:fd:31:76:42:70:ad:2f:98:2f:95:13:1b:
69:8c:a3:88:ec:bc:12:fd:b0:d2:00:8c:6a:0d:b9:c2:a3:58:
b3:4e:b6:c8:eb:d5:52:85:2f:e5:59:67:84:42:1b:4e:40:dc:
78:05:52:c6:86:bf:8e:d2:e0:f6:db:92:39:de:bc:8c:77:83:
6c:97:bb:fa:50:b5:ac:b7:b2:d6:d7:20:9d:b4:93:9a:8c:fc:
01:56:38:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu+OdVox8jPMN7J1H38V9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjMwMTAxMjAxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYwYzZhMDJjYzYxNmZkYWVkOTk2MGNjM2M2NmY4ZThkYzgwMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5RhuXM2dnn2H/WegjlxYZJnwmhC
8i9T2eqw3e506O63f9qBh5yNADKH5WfVDm8Dh5Swmq5yKthOUy4nFdEZkI1uuTjy
Wu4Yv5HgEY9C90G34aQ1DBf1poAl+HdIPo2ROgghHfs0WsTiSbAa8eU0aTwNlCJJ
uSZ/NNfrG8UakzUUlh3JtzF5Gn0E97BIt96bO64uj4nKxGEvAOW1d0ZdOYr9s8rA
jf8n/SX+szIA3zPLifjImbIrc1GM4P67vQB/pvG5UJWQbIhXIB2np2cLaL1H/a8R
+ZqosZnai4d2sKxt6JDIZK629YzEKrf9CzBU3xxvfk9T3d+AKh/mgwsg8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXwxqAsxhb9rtmWDMPGb46NyAIUMB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEvbGZER29DekdGdjJ1MlpZTXc4WnZqbzNJQWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ5NMA0G
CSqGSIb3DQEBCwUAA4IBAQCgXLd3yOv9SuZzBl1nWleQyKk/T4V5x+/1yivX1X54
z6FgTQXTwKl6sRxXf/z926/HXaDQchu7B/c0aS9Bvu8ZNeDFjshGoCv/LPGGOPvG
GeBw4e0HPsKFnxn+qJh19kn6MD2BA8dXKv/dxymnO7iVpK/WNbsE2YO7ceeAJ2dh
NNySmyOk0R3TPIXiOjXYLx4Srccz6mPNpAt87GUbeIZ37t26p5//wFr9MXZCcK0v
mC+VExtpjKOI7LwS/bDSAIxqDbnCo1izTrbI69VShS/lWWeEQhtOQNx4BVLGhr+O
0uD225I53ryMd4Nsl7v6ULWst7LW1yCdtJOajPwBVjgt
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:52 2024 by rpki-client on console-ams.rpki-client.org