Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Lx0LnKH_mL8ck1u4cXEgfaN8uDA.roa
File: Lx0LnKH_mL8ck1u4cXEgfaN8uDA.roa (raw, json)
Hash identifier: w/IL8DuTd6JgLjJRlD/ST4LAH60xmP63LR1JmjCsYAk=
Subject key identifier: 2F:1D:0B:9C:A1:FF:98:BF:1C:93:5B:B8:71:71:20:7D:A3:7C:B8:30
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348AE9F83B84C213DDF2A15F91DE959
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Lx0LnKH_mL8ck1u4cXEgfaN8uDA.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210636
IP address blocks: 45.152.149.0/24 maxlen: 24
45.134.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ae:9f:83:b8:4c:21:3d:df:2a:15:f9:1d:e9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f1d0b9ca1ff98bf1c935bb87171207da37cb830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f7:9e:b6:65:e2:28:90:8d:05:b9:6e:b7:f4:
9e:51:4c:5e:ef:bc:64:69:b6:4f:ee:48:46:2d:6b:
06:55:90:07:4d:11:3e:68:e3:f2:6f:40:14:13:9c:
4f:d1:cd:83:94:a9:b1:d9:39:d3:07:b7:9c:27:9c:
e8:99:fe:d7:fd:ee:70:c5:9c:89:43:e5:73:c3:74:
a5:30:d9:80:ea:22:cf:9a:f6:16:5c:35:ae:8b:5d:
e1:43:99:22:87:a4:21:77:14:5e:0a:13:8b:67:18:
3d:ac:c9:9f:a8:1c:45:71:2c:e2:63:5a:b7:cc:6c:
42:d5:72:f9:a4:37:21:27:c5:f3:be:99:f9:0f:c1:
47:e8:ff:50:be:08:a0:af:51:b1:5e:35:1a:12:07:
9f:d7:11:22:7d:da:3f:9c:cc:37:15:86:64:d1:70:
45:9d:b4:71:55:03:d8:40:83:b2:81:84:b6:11:be:
08:42:a3:5d:67:7b:6b:17:b4:bc:35:8d:38:7d:da:
94:80:f4:1b:07:49:54:30:02:c3:cb:54:ea:44:20:
ea:20:71:6f:68:36:ee:bb:54:d3:1b:5b:a8:06:ae:
66:95:04:08:9c:79:fd:e0:dd:83:e5:e4:a8:99:4a:
9f:f2:79:6e:32:4f:91:c6:d8:6e:3e:fb:54:22:46:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1D:0B:9C:A1:FF:98:BF:1C:93:5B:B8:71:71:20:7D:A3:7C:B8:30
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Lx0LnKH_mL8ck1u4cXEgfaN8uDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.21.0/24
45.152.149.0/24
Signature Algorithm: sha256WithRSAEncryption
35:1b:b2:06:f2:da:b9:3c:b7:24:19:39:ed:15:c0:2c:6d:a7:
b8:26:fb:e6:95:b2:7d:e8:a1:45:d5:f6:bd:13:1c:51:b8:8b:
bf:67:b5:e5:bc:ee:69:a7:64:21:fb:5b:54:a9:a7:63:ad:82:
da:ab:7c:76:e7:9f:89:17:77:cf:c5:19:3c:5a:76:91:64:2c:
aa:a2:60:56:32:08:db:fe:d5:54:18:05:8c:f9:f4:5c:80:47:
52:78:fa:27:2a:2d:de:d3:de:a2:dc:a9:12:45:1e:38:8e:30:
29:fe:31:ff:de:d4:85:02:66:f1:03:a1:98:34:25:67:38:c5:
7b:79:ac:8b:a8:b6:45:50:dc:50:10:7f:75:bb:5d:8e:3b:de:
05:b2:6f:49:69:aa:59:25:61:d8:8a:36:b2:a6:df:1e:d2:da:
43:60:b4:e0:d7:6f:f3:1e:10:3d:64:06:90:94:57:fd:a5:78:
3c:e3:49:fb:5e:78:24:96:9f:1d:ef:cf:89:8f:38:58:fe:60:
23:e5:55:36:f2:1d:c9:46:d3:d7:50:4c:9e:d3:91:d7:1d:76:
9a:78:b5:f1:8c:5e:50:49:c1:42:36:16:6b:a2:77:af:2f:e0:
3d:98:ab:c4:6f:cd:02:2d:24:97:0b:1d:5d:f6:36:e7:1b:4e:
f4:e3:3d:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSK6fg7hMIT3fKhX5HelZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFkMGI5Y2ExZmY5OGJmMWM5MzViYjg3MTcxMjA3ZGEzN2NiODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhveetmXiKJCNBblut/SeUUxe77xk
abZP7khGLWsGVZAHTRE+aOPyb0AUE5xP0c2DlKmx2TnTB7ecJ5zomf7X/e5wxZyJ
Q+Vzw3SlMNmA6iLPmvYWXDWui13hQ5kih6QhdxReChOLZxg9rMmfqBxFcSziY1q3
zGxC1XL5pDchJ8Xzvpn5D8FH6P9Qvgigr1GxXjUaEgef1xEifdo/nMw3FYZk0XBF
nbRxVQPYQIOygYS2Eb4IQqNdZ3trF7S8NY04fdqUgPQbB0lUMALDy1TqRCDqIHFv
aDbuu1TTG1uoBq5mlQQInHn94N2D5eSomUqf8nluMk+RxthuPvtUIkb2jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC8dC5yh/5i/HJNbuHFxIH2jfLgwMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvTHgwTG5LSF9tTDhjazF1NGNYRWdmYU44dURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYYVAwQA
LZiVMA0GCSqGSIb3DQEBCwUAA4IBAQA1G7IG8tq5PLckGTntFcAsbae4JvvmlbJ9
6KFF1fa9ExxRuIu/Z7XlvO5pp2Qh+1tUqadjrYLaq3x255+JF3fPxRk8WnaRZCyq
omBWMgjb/tVUGAWM+fRcgEdSePonKi3e096i3KkSRR44jjAp/jH/3tSFAmbxA6GY
NCVnOMV7eayLqLZFUNxQEH91u12OO94Fsm9JaapZJWHYijaypt8e0tpDYLTg12/z
HhA9ZAaQlFf9pXg840n7Xngklp8d78+JjzhY/mAj5VU28h3JRtPXUEye05HXHXaa
eLXxjF5QScFCNhZronevL+A9mKvEb80CLSSXCx1d9jbnG0704z18
-----END CERTIFICATE-----
Generated at Mon Feb 12 18:07:08 2024 by rpki-client on console-fra.rpki-client.org