Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/Lgtig5Y9ahBACn5tWRVeAL2e8-o.roa
File: Lgtig5Y9ahBACn5tWRVeAL2e8-o.roa (raw, json)
Hash identifier: 3kfRsKWlDAapplWjE90CwDjhYczrJnGQFS4bMPuY1Po=
Subject key identifier: 2E:0B:62:83:96:3D:6A:10:40:0A:7E:6D:59:15:5E:00:BD:9E:F3:EA
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 01856D0AD926EC2F65F5F2A8D6318061EFAD
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/Lgtig5Y9ahBACn5tWRVeAL2e8-o.roa
Signing time: Sun 01 Jan 2023 11:15:05 +0000
ROA not before: Sun 01 Jan 2023 11:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203392
IP address blocks: 185.140.233.0/24 maxlen: 24
45.148.249.0/24 maxlen: 24
45.86.4.0/24 maxlen: 24
45.86.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d9:26:ec:2f:65:f5:f2:a8:d6:31:80:61:ef:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Jan 1 11:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e0b6283963d6a10400a7e6d59155e00bd9ef3ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d6:f2:12:f7:4b:81:9d:d6:77:95:18:f4:a0:
1d:78:36:55:d1:ea:98:f3:4a:91:5c:4a:80:57:03:
68:36:b1:3c:fc:85:ca:e2:2d:d6:4c:f8:4c:69:d7:
11:a0:3c:e9:fa:ba:03:9e:41:c2:17:1e:5c:fe:55:
8e:2f:bf:e3:2c:4c:79:36:f3:f7:45:53:0e:df:48:
aa:4b:89:54:68:c7:82:f1:ff:7e:18:cc:be:6c:26:
76:9d:39:00:83:f9:90:12:ff:b5:bd:ba:f5:fc:cb:
65:43:c9:44:0d:89:38:4f:9a:ac:53:1e:a0:9f:e7:
5b:a4:4b:92:e0:57:64:df:ca:f4:3c:5a:58:1c:41:
5f:f2:90:fb:e7:d9:ce:a8:8a:e8:c8:76:6e:b4:3d:
d9:1a:f0:34:2d:aa:77:c8:4a:7c:43:51:b2:db:2a:
a8:75:4c:08:9d:f5:3a:8c:b4:1c:5b:0b:96:9b:1a:
21:b7:55:b9:02:64:e8:5e:b1:5e:06:45:b0:70:1f:
08:af:c1:f3:d3:e7:3e:ca:5b:d0:11:ff:1b:52:12:
fd:5f:84:f8:68:87:ff:c5:78:86:da:2e:50:77:81:
44:a8:66:21:81:50:18:87:2d:7e:ce:37:e2:19:bb:
39:fb:a4:2a:a9:5b:8f:41:ce:85:ad:7e:42:8c:29:
62:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0B:62:83:96:3D:6A:10:40:0A:7E:6D:59:15:5E:00:BD:9E:F3:EA
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/Lgtig5Y9ahBACn5tWRVeAL2e8-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.4.0/23
45.148.249.0/24
185.140.233.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:35:3f:a9:48:bc:8b:b3:fa:a7:8e:ec:b5:ec:75:62:6a:78:
4d:e0:3d:1a:b0:a8:da:55:42:1b:83:f9:ac:9b:1a:4d:fe:8b:
24:87:a6:78:fc:31:ee:44:38:75:10:b5:d5:9f:c4:2a:49:33:
1c:16:f1:6a:a2:19:ce:a1:f9:e8:3c:bc:ba:1d:95:c4:3b:c6:
15:28:e3:ca:8a:ad:06:2b:35:f3:8c:de:7d:55:d9:25:41:8a:
07:b0:27:e5:e3:aa:69:62:e9:30:27:f2:0f:5b:9a:fd:8d:17:
29:57:a6:f1:74:08:20:4a:8f:6d:6b:d8:c1:a9:2f:fa:41:4d:
3f:d8:0b:80:47:ee:df:3e:aa:fe:7e:99:d6:c9:4e:61:25:a1:
55:c0:0e:c7:7f:85:a6:0a:10:98:5a:7c:27:58:05:3b:11:ca:
48:b9:ca:87:b4:24:7a:38:f1:60:84:74:f8:50:f8:ef:76:3d:
3f:e9:a5:49:c4:00:59:6c:46:1e:d3:65:d2:34:bf:a1:b6:36:
85:aa:4b:18:c5:44:b3:9e:6e:fd:dd:81:9c:8b:35:5c:c1:dc:
4f:e8:4b:97:e8:db:19:ec:ec:60:6b:c8:70:8f:c4:bc:28:33:
43:66:95:a1:50:19:98:ab:73:f6:a3:0f:5f:2a:0b:04:fe:1f:
c3:73:70:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtCtkm7C9l9fKo1jGAYe+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjMwMTAxMTExNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTBiNjI4Mzk2M2Q2YTEwNDAwYTdlNmQ1OTE1NWUwMGJkOWVmM2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidbyEvdLgZ3Wd5UY9KAdeDZV0eqY
80qRXEqAVwNoNrE8/IXK4i3WTPhMadcRoDzp+roDnkHCFx5c/lWOL7/jLEx5NvP3
RVMO30iqS4lUaMeC8f9+GMy+bCZ2nTkAg/mQEv+1vbr1/MtlQ8lEDYk4T5qsUx6g
n+dbpEuS4Fdk38r0PFpYHEFf8pD759nOqIroyHZutD3ZGvA0Lap3yEp8Q1Gy2yqo
dUwInfU6jLQcWwuWmxoht1W5AmToXrFeBkWwcB8Ir8Hz0+c+ylvQEf8bUhL9X4T4
aIf/xXiG2i5Qd4FEqGYhgVAYhy1+zjfiGbs5+6QqqVuPQc6FrX5CjClihwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC4LYoOWPWoQQAp+bVkVXgC9nvPqMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvTGd0aWc1WTlhaEJBQ241dFdSVmVBTDJlOC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVYEAwQA
LZT5AwQAuYzpMA0GCSqGSIb3DQEBCwUAA4IBAQB/NT+pSLyLs/qnjuy17HVianhN
4D0asKjaVUIbg/msmxpN/oskh6Z4/DHuRDh1ELXVn8QqSTMcFvFqohnOofnoPLy6
HZXEO8YVKOPKiq0GKzXzjN59VdklQYoHsCfl46ppYukwJ/IPW5r9jRcpV6bxdAgg
So9ta9jBqS/6QU0/2AuAR+7fPqr+fpnWyU5hJaFVwA7Hf4WmChCYWnwnWAU7EcpI
ucqHtCR6OPFghHT4UPjvdj0/6aVJxABZbEYe02XSNL+htjaFqksYxUSznm793YGc
izVcwdxP6EuX6NsZ7Oxga8hwj8S8KDNDZpWhUBmYq3P2ow9fKgsE/h/Dc3B7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:19 2024 by rpki-client on console-fra.rpki-client.org