Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5L1NDMA40x4kYdWRSKMCDnXosJQ.roa
File: 5L1NDMA40x4kYdWRSKMCDnXosJQ.roa (raw, json)
Hash identifier: 8dYMgQWcUqM34t6QvR/wZHkLzvSGwmtgX42ocxPlQO4=
Subject key identifier: E4:BD:4D:0C:C0:38:D3:1E:24:61:D5:91:48:A3:02:0E:75:E8:B0:94
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191BDB8FD2784BE337C33C772ED905A10F1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5L1NDMA40x4kYdWRSKMCDnXosJQ.roa
Signing time: Wed 04 Sep 2024 15:48:22 +0000
ROA not before: Wed 04 Sep 2024 15:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203950
IP address blocks: 45.128.20.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 15:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:b8:fd:27:84:be:33:7c:33:c7:72:ed:90:5a:10:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 4 15:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4bd4d0cc038d31e2461d59148a3020e75e8b094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:38:15:5a:c2:5f:50:13:d5:42:71:31:2f:56:
41:dd:6b:cd:57:37:07:99:82:3e:56:f0:45:29:81:
15:1f:86:a0:14:f0:14:1a:c9:c4:ed:b1:d9:36:f5:
8f:c6:9d:a4:d4:d4:36:d4:11:f4:aa:dc:88:14:8e:
31:89:f8:90:8f:3f:79:8c:45:05:18:22:10:8b:47:
e6:d3:55:96:c8:ee:1f:ac:96:fe:f4:f6:2a:6c:c0:
ff:86:c3:3f:2d:95:0c:a5:28:0d:04:6f:21:77:80:
a2:dd:87:9d:bb:25:e9:0c:1e:09:a3:cb:13:96:f9:
42:5d:b4:02:11:16:2e:8b:79:28:53:96:1e:53:6a:
a9:bb:68:e1:ff:6e:45:7d:d4:20:29:18:f8:7e:9c:
ad:08:e0:3c:33:5a:5f:68:ea:b0:ce:96:f1:3a:c5:
52:a3:ec:bd:15:8d:02:da:9c:d7:98:55:d9:3e:52:
ac:2e:db:b1:82:f7:99:29:ef:54:d9:f6:94:80:e7:
29:b8:fd:80:f8:f2:45:57:7f:e8:90:62:0c:3b:14:
20:0e:0c:f6:1d:73:f1:40:31:e5:0c:29:94:1a:15:
0c:ac:6b:50:c1:16:3b:2e:92:79:68:b1:43:66:52:
8e:94:70:ba:36:d7:4a:77:83:d6:ac:bd:2e:95:eb:
ee:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BD:4D:0C:C0:38:D3:1E:24:61:D5:91:48:A3:02:0E:75:E8:B0:94
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5L1NDMA40x4kYdWRSKMCDnXosJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.20.0/22
89.40.161.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:16:4d:cc:84:ea:d9:c9:5a:b6:70:1e:dc:41:06:07:32:e0:
1e:cc:4f:fb:db:30:8d:41:8a:66:d6:b0:7f:8f:07:b9:d4:28:
a0:4b:12:e7:63:b1:9b:2d:c2:c9:60:16:df:7c:68:2c:c4:9e:
ce:97:98:22:da:68:c3:fc:2d:35:4e:80:7b:1c:aa:b5:4c:d2:
36:a1:e6:ed:df:20:06:d7:0b:06:72:8f:3a:30:20:40:26:9a:
6a:f2:17:d3:10:9c:60:28:71:18:6f:d9:64:66:6c:da:7c:67:
68:0f:cb:68:7b:d4:8d:e7:b6:3d:8f:f1:a4:4e:96:6c:53:f8:
af:ad:c9:3c:fe:67:3f:cf:36:14:7d:64:84:49:88:da:4c:ed:
9f:2c:b8:47:39:32:73:6c:50:6c:af:94:5b:cd:06:9e:d2:ff:
73:54:3b:a6:27:cd:a6:92:27:40:5a:e4:5d:ab:21:db:47:1a:
31:30:2a:a8:4b:bc:33:26:52:a0:f2:4f:76:80:9d:5a:e5:2a:
62:ce:cc:1b:e0:3b:bc:91:10:ba:bf:76:cf:3e:cd:e8:de:b1:
43:27:f8:81:05:25:7c:68:d0:e6:8f:9a:3e:52:5b:3d:c8:58:
c4:c8:25:ac:06:7b:93:d6:86:9b:92:54:af:4e:78:79:ba:b2:
0d:76:2c:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG9uP0nhL4zfDPHcu2QWhDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTA0MTU0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGJkNGQwY2MwMzhkMzFlMjQ2MWQ1OTE0OGEzMDIwZTc1ZThiMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DgVWsJfUBPVQnExL1ZB3WvNVzcH
mYI+VvBFKYEVH4agFPAUGsnE7bHZNvWPxp2k1NQ21BH0qtyIFI4xifiQjz95jEUF
GCIQi0fm01WWyO4frJb+9PYqbMD/hsM/LZUMpSgNBG8hd4Ci3YeduyXpDB4Jo8sT
lvlCXbQCERYui3koU5YeU2qpu2jh/25FfdQgKRj4fpytCOA8M1pfaOqwzpbxOsVS
o+y9FY0C2pzXmFXZPlKsLtuxgveZKe9U2faUgOcpuP2A+PJFV3/okGIMOxQgDgz2
HXPxQDHlDCmUGhUMrGtQwRY7LpJ5aLFDZlKOlHC6NtdKd4PWrL0ulevucwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOS9TQzAONMeJGHVkUijAg516LCUMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNUwxTkRNQTQweDRrWWRXUlNLTUNEblhvc0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYAUAwQA
WSihMA0GCSqGSIb3DQEBCwUAA4IBAQCjFk3MhOrZyVq2cB7cQQYHMuAezE/72zCN
QYpm1rB/jwe51CigSxLnY7GbLcLJYBbffGgsxJ7Ol5gi2mjD/C01ToB7HKq1TNI2
oebt3yAG1wsGco86MCBAJppq8hfTEJxgKHEYb9lkZmzafGdoD8toe9SN57Y9j/Gk
TpZsU/ivrck8/mc/zzYUfWSESYjaTO2fLLhHOTJzbFBsr5RbzQae0v9zVDumJ82m
kidAWuRdqyHbRxoxMCqoS7wzJlKg8k92gJ1a5Spizswb4Du8kRC6v3bPPs3o3rFD
J/iBBSV8aNDmj5o+Uls9yFjEyCWsBnuT1oabklSvTnh5urINdizG
-----END CERTIFICATE-----
Generated at Sat Sep 7 17:07:07 2024 by rpki-client on console-ams.rpki-client.org