Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/lHghve2YwantBPEkTDWnOMLRps0.roa
File: lHghve2YwantBPEkTDWnOMLRps0.roa (raw, json)
Hash identifier: 7K66Zl7FPkdWEn1VKpQvz50UVTMvNJX6V/RXiaim1k8=
Subject key identifier: 94:78:21:BD:ED:98:C1:A9:ED:04:F1:24:4C:35:A7:38:C2:D1:A6:CD
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0187050C08661C173D787CF7A913CE124F74
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/lHghve2YwantBPEkTDWnOMLRps0.roa
Signing time: Tue 21 Mar 2023 16:41:27 +0000
ROA not before: Tue 21 Mar 2023 16:41:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.90.116.0/22 maxlen: 24
45.90.12.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Nov 2023 22:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:05:0c:08:66:1c:17:3d:78:7c:f7:a9:13:ce:12:4f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Mar 21 16:41:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=947821bded98c1a9ed04f1244c35a738c2d1a6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c9:b4:05:a6:20:d0:a3:73:85:62:90:58:1b:
04:42:8b:35:7f:67:2a:07:83:03:e5:9f:2e:ba:5d:
14:95:e9:c3:09:ad:09:a1:d0:d5:88:b9:76:47:b5:
2b:03:09:ce:b4:73:54:c8:54:9b:dd:85:0a:73:d4:
4b:ff:41:ac:8d:cf:38:bb:d9:2a:84:91:d5:98:24:
23:19:6d:e1:3f:1c:35:33:22:ce:64:56:f9:38:09:
af:28:19:3c:01:c7:db:a7:33:64:b9:af:e3:b8:d7:
24:7b:33:cb:05:8e:d4:ef:8e:9a:c4:f2:7e:d5:1d:
a9:d9:ac:31:4f:30:d5:6a:9a:27:21:43:38:fe:65:
1b:a3:74:7a:f5:6b:5f:29:fe:80:1f:e8:ca:45:f4:
0e:d7:33:9e:32:50:a1:af:13:69:53:c8:dd:5d:69:
76:d3:53:91:c8:7a:dd:7c:8a:5d:dd:23:b1:99:2d:
bb:80:17:84:64:4a:27:17:f8:5a:ad:32:20:56:3b:
fb:f8:f9:b4:87:46:56:e4:f7:53:2b:af:48:68:b0:
ff:0f:e2:94:20:60:2f:1e:d0:f3:aa:e1:37:77:af:
d6:53:6c:f8:5f:0c:a5:d4:21:7a:d0:4d:ce:02:68:
76:e4:c0:2c:fc:ac:65:c0:23:7b:7d:0b:11:ad:9c:
2f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:78:21:BD:ED:98:C1:A9:ED:04:F1:24:4C:35:A7:38:C2:D1:A6:CD
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/lHghve2YwantBPEkTDWnOMLRps0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.12.0/22
45.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:d6:7c:ac:4b:57:b6:50:17:4d:4c:38:73:7c:cd:74:ca:18:
1b:c9:3c:80:16:b6:18:19:8a:c3:5a:7e:89:b1:90:25:c7:58:
8c:07:72:df:3b:2d:91:36:26:6f:ff:e6:74:85:7c:d0:2a:bc:
b0:8d:15:7b:c2:9f:c8:63:4f:7a:db:9c:31:9b:5a:2a:12:62:
75:ad:99:46:71:73:a9:6f:1b:8d:95:e0:d9:d1:0a:7e:51:2c:
65:0d:00:d4:07:36:a1:f7:ee:64:1e:89:49:bd:01:14:e9:9d:
8b:03:bc:4b:64:a0:a1:c3:9a:3e:96:0b:1d:81:9f:f0:2b:ae:
2d:82:cb:b0:d3:eb:bf:46:ad:48:cd:3c:8b:96:51:16:36:20:
e8:18:b4:0e:cc:0a:b5:89:9e:0f:59:e0:6f:6c:0b:9c:47:0a:
3a:8c:80:af:ae:7f:f5:bf:34:b7:07:1d:6c:fa:46:eb:65:c5:
74:20:0c:cb:83:2b:f9:b0:06:7d:73:e3:39:83:32:20:4d:bf:
cf:97:3a:fb:f6:eb:df:01:0c:56:24:34:4d:df:f0:43:a2:03:
d1:39:44:5b:e6:68:45:95:79:7f:90:e9:c4:b6:14:71:08:34:
da:9c:a3:e9:53:6f:07:26:f9:4a:52:12:0f:5e:26:7b:6b:79:
36:b3:de:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcFDAhmHBc9eHz3qRPOEk90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMzIxMTY0MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc4MjFiZGVkOThjMWE5ZWQwNGYxMjQ0YzM1YTczOGMyZDFhNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8m0BaYg0KNzhWKQWBsEQos1f2cq
B4MD5Z8uul0UlenDCa0JodDViLl2R7UrAwnOtHNUyFSb3YUKc9RL/0Gsjc84u9kq
hJHVmCQjGW3hPxw1MyLOZFb5OAmvKBk8AcfbpzNkua/juNckezPLBY7U746axPJ+
1R2p2awxTzDVaponIUM4/mUbo3R69WtfKf6AH+jKRfQO1zOeMlChrxNpU8jdXWl2
01ORyHrdfIpd3SOxmS27gBeEZEonF/harTIgVjv7+Pm0h0ZW5PdTK69IaLD/D+KU
IGAvHtDzquE3d6/WU2z4Xwyl1CF60E3OAmh25MAs/KxlwCN7fQsRrZwv/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJR4Ib3tmMGp7QTxJEw1pzjC0abNMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvbEhnaHZlMll3YW50QlBFa1REV25PTUxScHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVoMAwQC
LVp0MA0GCSqGSIb3DQEBCwUAA4IBAQAP1nysS1e2UBdNTDhzfM10yhgbyTyAFrYY
GYrDWn6JsZAlx1iMB3LfOy2RNiZv/+Z0hXzQKrywjRV7wp/IY09625wxm1oqEmJ1
rZlGcXOpbxuNleDZ0Qp+USxlDQDUBzah9+5kHolJvQEU6Z2LA7xLZKChw5o+lgsd
gZ/wK64tgsuw0+u/Rq1IzTyLllEWNiDoGLQOzAq1iZ4PWeBvbAucRwo6jICvrn/1
vzS3Bx1s+kbrZcV0IAzLgyv5sAZ9c+M5gzIgTb/Plzr79uvfAQxWJDRN3/BDogPR
OURb5mhFlXl/kOnEthRxCDTanKPpU28HJvlKUhIPXiZ7a3k2s94g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org