Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/LdJtBXrcg2kdA2WDqBip1BdA-A0.roa
File: LdJtBXrcg2kdA2WDqBip1BdA-A0.roa (raw, json)
Hash identifier: 3fDh6KyyvVszM+YxN2sBEpQlcUoM6sEL6aS7QzG+lS4=
Subject key identifier: 2D:D2:6D:05:7A:DC:83:69:1D:03:65:83:A8:18:A9:D4:17:40:F8:0D
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018571DE7508588874E1D08D38795E93E620
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/LdJtBXrcg2kdA2WDqBip1BdA-A0.roa
Signing time: Mon 02 Jan 2023 09:44:42 +0000
ROA not before: Mon 02 Jan 2023 09:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 45.158.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:75:08:58:88:74:e1:d0:8d:38:79:5e:93:e6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 09:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dd26d057adc83691d036583a818a9d41740f80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c4:77:a7:88:81:25:ee:4b:b3:fc:94:88:2a:
b5:77:79:ba:0c:3a:02:79:8f:27:42:e7:77:ca:d0:
0c:f0:0b:0d:48:0d:78:f2:9a:cb:95:12:70:c3:72:
f4:b7:a9:c2:59:ba:89:67:ff:38:d7:26:3a:fe:82:
34:4f:b2:99:4a:0f:b1:dc:6a:07:1f:b5:99:a1:b5:
ab:76:fe:76:78:8c:0c:8a:19:fb:e8:19:df:28:ef:
0a:83:91:21:2f:7a:04:55:f9:0d:11:de:a4:bd:00:
39:c0:77:74:4d:c5:53:a6:25:3c:85:da:50:c6:66:
ca:49:fe:12:90:74:bb:09:82:84:6a:de:87:18:51:
ba:a8:c4:9a:2b:4e:84:e7:a2:3c:79:85:25:3b:60:
fa:36:ed:3a:87:19:0a:32:bf:de:b4:4b:07:44:e5:
5e:90:b3:5f:b8:61:15:e1:46:a2:f7:88:27:7e:1c:
11:d4:c2:c7:2c:d1:cd:d2:bf:30:2b:b7:0a:49:32:
c7:6b:14:96:68:f3:ab:1a:36:77:23:13:a9:82:de:
96:37:2b:39:85:38:51:af:ee:03:88:5f:28:f0:10:
64:ba:87:b4:8f:32:90:a2:c2:93:49:a2:85:d7:f7:
52:d8:be:59:c4:1a:4f:0c:8e:95:29:b1:81:00:f3:
d0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D2:6D:05:7A:DC:83:69:1D:03:65:83:A8:18:A9:D4:17:40:F8:0D
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/LdJtBXrcg2kdA2WDqBip1BdA-A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.252.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:8b:67:6a:b5:7f:af:07:60:80:1c:c0:81:af:83:cc:92:6f:
c2:23:97:0b:8b:98:0a:6a:5b:97:b1:8b:9f:09:7c:5b:55:0a:
85:48:6d:a6:4f:b3:ca:04:8e:37:38:f2:34:b3:43:7f:97:01:
ea:10:97:37:47:56:3d:94:89:b9:86:5c:a9:3b:5d:6f:79:a1:
ec:9a:67:4e:01:94:0e:5a:46:ac:07:3f:8d:7c:96:74:df:e8:
c3:c7:6b:ce:0c:bc:4b:24:9f:78:e3:5a:b9:b3:80:d7:a0:3f:
83:4b:c0:77:59:72:b0:5d:7a:dd:33:08:95:4a:b5:c7:8f:e8:
56:06:c0:b5:a4:6d:e7:75:e2:a8:21:92:95:a9:ed:6a:85:f2:
73:0d:63:7a:5e:d5:48:7d:0c:e1:89:d5:73:af:25:74:aa:f3:
bc:9d:4e:81:0c:c1:00:d6:da:bf:8f:75:3c:3b:2d:bd:97:9e:
86:dc:52:a6:1b:9e:a5:15:81:8c:ae:5c:85:96:8a:2f:df:b3:
81:e6:bc:be:5a:f8:0b:73:c9:8d:34:40:bf:54:07:14:63:21:
00:3b:e6:aa:e2:25:59:7f:19:97:70:f3:51:70:bb:e5:59:ff:
d9:cd:00:24:52:a5:7d:47:c4:8c:a9:7b:2e:ee:de:21:33:1a:
84:94:9b:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3nUIWIh04dCNOHlek+YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwMTAyMDk0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQyNmQwNTdhZGM4MzY5MWQwMzY1ODNhODE4YTlkNDE3NDBmODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcR3p4iBJe5Ls/yUiCq1d3m6DDoC
eY8nQud3ytAM8AsNSA148prLlRJww3L0t6nCWbqJZ/841yY6/oI0T7KZSg+x3GoH
H7WZobWrdv52eIwMihn76BnfKO8Kg5EhL3oEVfkNEd6kvQA5wHd0TcVTpiU8hdpQ
xmbKSf4SkHS7CYKEat6HGFG6qMSaK06E56I8eYUlO2D6Nu06hxkKMr/etEsHROVe
kLNfuGEV4Uai94gnfhwR1MLHLNHN0r8wK7cKSTLHaxSWaPOrGjZ3IxOpgt6WNys5
hThRr+4DiF8o8BBkuoe0jzKQosKTSaKF1/dS2L5ZxBpPDI6VKbGBAPPQpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3SbQV63INpHQNlg6gYqdQXQPgNMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvTGRKdEJYcmNnMmtkQTJXRHFCaXAxQmRBLUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ78MA0G
CSqGSIb3DQEBCwUAA4IBAQAMi2dqtX+vB2CAHMCBr4PMkm/CI5cLi5gKaluXsYuf
CXxbVQqFSG2mT7PKBI43OPI0s0N/lwHqEJc3R1Y9lIm5hlypO11veaHsmmdOAZQO
WkasBz+NfJZ03+jDx2vODLxLJJ9441q5s4DXoD+DS8B3WXKwXXrdMwiVSrXHj+hW
BsC1pG3ndeKoIZKVqe1qhfJzDWN6XtVIfQzhidVzryV0qvO8nU6BDMEA1tq/j3U8
Oy29l56G3FKmG56lFYGMrlyFloov37OB5ry+WvgLc8mNNEC/VAcUYyEAO+aq4iVZ
fxmXcPNRcLvlWf/ZzQAkUqV9R8SMqXsu7t4hMxqElJvC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:46 2023 by rpki-client on console-ams.rpki-client.org