Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/L1T5j7L8hoPZVLGC-QeDdPP3x9k.roa
File: L1T5j7L8hoPZVLGC-QeDdPP3x9k.roa (raw, json)
Hash identifier: 6vz9jlSEtvrst5hoXk6AYd+9AAhwOD/lRp+k3vB16uc=
Subject key identifier: 2F:54:F9:8F:B2:FC:86:83:D9:54:B1:82:F9:07:83:74:F3:F7:C7:D9
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018EC0E4A01371EF4F4EA25E472752ED44EA
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/L1T5j7L8hoPZVLGC-QeDdPP3x9k.roa
Signing time: Tue 09 Apr 2024 03:26:32 +0000
ROA not before: Tue 09 Apr 2024 03:26:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57844
IP address blocks: 45.141.208.0/22 maxlen: 24
45.150.8.0/22 maxlen: 22
45.150.8.0/24 maxlen: 24
45.150.10.0/24 maxlen: 24
45.150.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 05:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c0:e4:a0:13:71:ef:4f:4e:a2:5e:47:27:52:ed:44:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 9 03:26:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f54f98fb2fc8683d954b182f9078374f3f7c7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2a:18:34:c3:d9:2e:14:5d:99:c8:ad:60:e4:
49:45:64:e4:60:17:cf:cd:71:4f:b3:bd:22:1f:7b:
89:7d:18:5e:2e:a4:17:3e:7e:5e:62:85:1b:f0:ac:
da:3d:a6:4a:4e:3b:b0:32:c0:e1:f2:41:5c:c0:73:
a7:4d:7f:e8:9c:fd:17:3d:57:57:e2:bb:09:17:a3:
0e:8f:7e:82:ba:aa:44:0a:cc:12:f5:3b:54:df:16:
34:be:dc:59:71:f5:8d:72:10:c4:db:74:96:d8:b3:
d9:0b:ce:79:5b:a1:8b:33:3e:20:91:9f:c2:36:4a:
8b:80:cc:82:96:ac:38:c9:60:7b:2d:d8:2c:f5:2b:
b2:9a:49:34:56:b7:70:4a:1f:37:cd:68:19:50:33:
3e:c7:38:5c:b1:2a:90:35:bf:0b:0f:e3:8e:9f:37:
c2:2c:35:40:c7:08:c5:5f:85:b6:bd:b4:05:d2:01:
ea:6f:3b:41:37:b0:52:8a:a9:7e:19:1d:e4:44:e9:
41:6c:7a:4a:73:2b:d0:85:d1:9c:bf:fb:51:a7:02:
1a:fd:28:46:bd:bc:aa:e5:5d:24:fa:5c:8e:d8:2f:
90:4f:4a:f3:b8:0d:9c:a4:5c:0b:e7:53:2c:48:90:
95:27:e6:65:cf:71:96:c2:72:e8:a8:a4:22:ca:a4:
a5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:54:F9:8F:B2:FC:86:83:D9:54:B1:82:F9:07:83:74:F3:F7:C7:D9
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/L1T5j7L8hoPZVLGC-QeDdPP3x9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.208.0/22
45.150.8.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:ac:18:ca:19:b9:12:33:ce:74:69:8a:ef:87:00:6f:e5:af:
84:97:88:4f:f7:7b:29:24:e8:97:8f:6b:2b:74:27:de:62:c7:
5d:2d:25:44:28:74:20:6f:b0:b3:ce:a2:c9:04:e1:56:eb:59:
71:eb:6a:ed:d1:c0:ed:02:f9:d4:c5:b9:2d:f4:9f:ce:8e:d4:
76:03:27:d5:e3:16:9a:f9:52:cb:09:f3:70:d7:67:00:fa:0c:
7f:9a:73:ce:3e:a3:00:66:49:42:f8:2f:33:09:c6:38:e0:db:
a6:2b:b9:e9:db:ea:f3:b9:05:52:35:ec:59:cf:d9:bf:3b:42:
bb:12:66:22:13:dd:30:0a:70:3e:13:48:a6:bf:73:32:9e:94:
dc:be:92:69:3e:64:b4:35:e9:4c:bf:1c:99:30:f5:cf:5a:23:
f8:a0:55:f5:55:ec:ab:32:d9:b9:63:36:04:3d:33:77:24:96:
87:f8:fe:2b:76:c9:a2:61:03:78:bb:59:11:1f:f7:09:01:89:
7c:e6:81:78:d6:3b:fc:9d:41:2a:7a:a7:af:54:33:c9:8e:27:
7b:2d:b4:7e:89:e0:3e:11:02:44:ab:42:ea:a7:d9:4d:13:ed:
41:4f:26:a2:1f:51:e1:b6:59:f7:07:18:88:c2:f4:de:06:d6:
03:9f:6c:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7A5KATce9PTqJeRydS7UTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwNDA5MDMyNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU0Zjk4ZmIyZmM4NjgzZDk1NGIxODJmOTA3ODM3NGYzZjdjN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSoYNMPZLhRdmcitYORJRWTkYBfP
zXFPs70iH3uJfRheLqQXPn5eYoUb8KzaPaZKTjuwMsDh8kFcwHOnTX/onP0XPVdX
4rsJF6MOj36CuqpECswS9TtU3xY0vtxZcfWNchDE23SW2LPZC855W6GLMz4gkZ/C
NkqLgMyClqw4yWB7Ldgs9Suymkk0VrdwSh83zWgZUDM+xzhcsSqQNb8LD+OOnzfC
LDVAxwjFX4W2vbQF0gHqbztBN7BSiql+GR3kROlBbHpKcyvQhdGcv/tRpwIa/ShG
vbyq5V0k+lyO2C+QT0rzuA2cpFwL51MsSJCVJ+Zlz3GWwnLoqKQiyqSl4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC9U+Y+y/IaD2VSxgvkHg3Tz98fZMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTDFUNWo3TDhob1BaVkxHQy1RZURkUFAzeDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY3QAwQC
LZYIMA0GCSqGSIb3DQEBCwUAA4IBAQAsrBjKGbkSM850aYrvhwBv5a+El4hP93sp
JOiXj2srdCfeYsddLSVEKHQgb7CzzqLJBOFW61lx62rt0cDtAvnUxbkt9J/OjtR2
AyfV4xaa+VLLCfNw12cA+gx/mnPOPqMAZklC+C8zCcY44NumK7np2+rzuQVSNexZ
z9m/O0K7EmYiE90wCnA+E0imv3MynpTcvpJpPmS0NelMvxyZMPXPWiP4oFX1Veyr
Mtm5YzYEPTN3JJaH+P4rdsmiYQN4u1kRH/cJAYl85oF41jv8nUEqeqevVDPJjid7
LbR+ieA+EQJEq0Lqp9lNE+1BTyaiH1Hhtln3BxiIwvTeBtYDn2x7
-----END CERTIFICATE-----
Generated at Sun Apr 14 06:56:32 2024 by rpki-client on console-ams.rpki-client.org