Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lRqSkK8hD-M5U7xlPZojW_sf7hI.roa
File: lRqSkK8hD-M5U7xlPZojW_sf7hI.roa (raw, json)
Hash identifier: 7kaOrj3S2JPTNR1cse9wZZ9WLBHSo4Mk8bWFIqeSemg=
Subject key identifier: 95:1A:92:90:AF:21:0F:E3:39:53:BC:65:3D:9A:23:5B:FB:1F:EE:12
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D692B0C1E1B6529557FBF6A4259E0EFBC
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lRqSkK8hD-M5U7xlPZojW_sf7hI.roa
Signing time: Fri 02 Feb 2024 09:34:05 +0000
ROA not before: Fri 02 Feb 2024 09:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 18:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:2b:0c:1e:1b:65:29:55:7f:bf:6a:42:59:e0:ef:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 2 09:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=951a9290af210fe33953bc653d9a235bfb1fee12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:64:3d:fa:8f:8c:7c:46:4c:b0:6e:4d:bd:92:
95:d3:bd:52:44:fb:a0:8f:53:0c:bb:11:77:09:5e:
78:a5:a3:53:72:8f:2b:3e:c6:ca:6d:ae:ce:e3:ad:
e8:65:f6:89:c0:48:99:ef:cd:cf:3e:3b:a7:6e:54:
9c:87:97:d7:75:d4:c1:e6:73:69:45:58:92:eb:23:
4f:cf:4e:4a:9e:28:8a:d2:13:bf:d5:d4:60:81:af:
13:bb:39:ff:6f:6f:e1:74:d0:4f:03:c4:7b:45:6a:
c8:67:cb:09:f5:bb:d1:79:ed:81:ba:f9:17:fe:ce:
2b:b4:b4:93:98:66:32:8c:28:76:3e:7a:eb:99:2a:
70:a6:ff:be:1b:cd:5b:5c:40:55:0a:12:59:b6:c5:
57:fe:1a:9f:80:de:f7:8e:63:4f:21:b4:c3:8c:23:
f3:6a:c9:03:dd:30:30:b3:d8:2a:65:fd:27:6b:16:
69:0a:2b:4f:12:ac:5e:d4:59:0c:2f:eb:8a:28:00:
83:25:57:79:2a:e8:0f:a4:25:ce:58:cf:ab:71:cc:
4d:54:08:c3:56:ff:23:57:86:28:41:22:68:aa:3d:
e8:41:48:37:85:93:29:27:00:55:18:7f:08:ed:4f:
e0:87:15:34:68:b3:eb:28:ff:aa:5c:e9:6a:2b:37:
49:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1A:92:90:AF:21:0F:E3:39:53:BC:65:3D:9A:23:5B:FB:1F:EE:12
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lRqSkK8hD-M5U7xlPZojW_sf7hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
45.14.221.0/24
Signature Algorithm: sha256WithRSAEncryption
78:9d:3e:3a:48:a5:a1:cf:fb:20:cb:fc:09:e4:ee:f9:f5:ad:
b7:6a:12:1b:ad:8a:df:25:9f:de:b0:b1:25:d8:2d:2b:06:dc:
f1:ce:68:52:e4:40:c1:7c:c6:e8:8f:93:af:fc:63:22:d9:4f:
c8:b8:4d:c9:90:f5:a2:31:e3:65:7c:84:58:b0:b8:5c:04:6a:
8a:d4:ce:ec:d1:f1:d9:ef:fc:7b:70:c2:78:2e:28:24:57:ec:
07:19:f1:17:35:11:c0:e2:52:89:d1:a5:4f:c3:0f:89:4c:ec:
b1:90:39:2d:22:3f:1b:8c:3d:8f:21:3d:f1:d8:3d:fc:6d:4a:
51:9a:4b:b2:61:33:b6:09:b7:c6:14:83:11:a9:34:06:3b:38:
59:e0:6d:9e:00:33:ee:5c:90:bc:2c:91:8c:a9:57:88:82:3b:
e7:f5:31:e1:9d:25:7c:4b:7d:b4:d3:33:20:d7:70:a6:4f:61:
21:3a:99:10:82:ed:78:c0:22:d0:f7:28:d8:3d:9e:10:d2:20:
89:02:37:f5:e0:66:22:55:c6:eb:a4:ba:c2:d0:60:9f:d7:43:
6d:8e:8d:8d:31:c1:ea:80:46:7f:74:29:77:22:3e:7f:91:4a:
02:1b:7d:6a:84:74:0b:60:bb:79:ff:22:9b:f1:cd:fc:90:e0:
35:82:b4:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1pKwweG2UpVX+/akJZ4O+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAyMDkzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTFhOTI5MGFmMjEwZmUzMzk1M2JjNjUzZDlhMjM1YmZiMWZlZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWQ9+o+MfEZMsG5NvZKV071SRPug
j1MMuxF3CV54paNTco8rPsbKba7O463oZfaJwEiZ783PPjunblSch5fXddTB5nNp
RViS6yNPz05KniiK0hO/1dRgga8Tuzn/b2/hdNBPA8R7RWrIZ8sJ9bvRee2BuvkX
/s4rtLSTmGYyjCh2PnrrmSpwpv++G81bXEBVChJZtsVX/hqfgN73jmNPIbTDjCPz
askD3TAws9gqZf0naxZpCitPEqxe1FkML+uKKACDJVd5KugPpCXOWM+rccxNVAjD
Vv8jV4YoQSJoqj3oQUg3hZMpJwBVGH8I7U/ghxU0aLPrKP+qXOlqKzdJLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUakpCvIQ/jOVO8ZT2aI1v7H+4SMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbFJxU2tLOGhELU01VTd4bFBab2pXX3NmN2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjswAwQA
LQ7dMA0GCSqGSIb3DQEBCwUAA4IBAQB4nT46SKWhz/sgy/wJ5O759a23ahIbrYrf
JZ/esLEl2C0rBtzxzmhS5EDBfMboj5Ov/GMi2U/IuE3JkPWiMeNlfIRYsLhcBGqK
1M7s0fHZ7/x7cMJ4LigkV+wHGfEXNRHA4lKJ0aVPww+JTOyxkDktIj8bjD2PIT3x
2D38bUpRmkuyYTO2CbfGFIMRqTQGOzhZ4G2eADPuXJC8LJGMqVeIgjvn9THhnSV8
S3200zMg13CmT2EhOpkQgu14wCLQ9yjYPZ4Q0iCJAjf14GYiVcbrpLrC0GCf10Nt
jo2NMcHqgEZ/dCl3Ij5/kUoCG31qhHQLYLt5/yKb8c38kOA1grQt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:49 2024 by rpki-client on console-ams.rpki-client.org