Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/lflFjYvk7fS5qWUj--Vs-mS5fAY.roa
File: lflFjYvk7fS5qWUj--Vs-mS5fAY.roa (raw, json)
Hash identifier: 5A/+iDQYWBWh04hqPdg4QSvwwh5A9+Csl/w0ZSV24Gc=
Subject key identifier: 95:F9:45:8D:8B:E4:ED:F4:B9:A9:65:23:FB:E5:6C:FA:64:B9:7C:06
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 019155DDB817A068035313527ECD2B80E3A2
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/lflFjYvk7fS5qWUj--Vs-mS5fAY.roa
Signing time: Thu 15 Aug 2024 11:47:59 +0000
ROA not before: Thu 15 Aug 2024 11:47:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211381
IP address blocks: 45.88.76.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
45.91.200.0/24 maxlen: 24
45.91.201.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
91.211.249.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
185.219.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 14:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:dd:b8:17:a0:68:03:53:13:52:7e:cd:2b:80:e3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Aug 15 11:47:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95f9458d8be4edf4b9a96523fbe56cfa64b97c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:78:c8:ee:b9:73:e2:32:3f:56:3d:6a:57:cc:
27:b2:94:09:80:dc:16:32:4d:46:93:c1:82:79:a8:
a9:36:6c:c8:7f:da:22:b1:31:1f:bc:b9:6c:6a:8d:
dd:f0:21:b8:fb:1e:f1:76:7d:0e:6a:d3:9b:e8:50:
71:a7:4b:71:dd:17:d9:4c:c9:74:87:32:f4:35:5d:
67:71:eb:cf:cc:62:b0:7c:65:73:48:b3:4d:15:ae:
33:b6:22:cc:6d:1e:ad:d6:e8:f5:53:0d:c5:2e:73:
0f:ef:9f:49:11:c4:d2:19:38:0e:e4:5f:4c:7b:da:
7f:b0:16:11:7f:0c:ad:aa:ff:3d:aa:a6:bd:c3:92:
1c:ef:d4:fe:ae:8a:67:d2:d9:4b:e6:b2:aa:51:67:
9c:6f:ff:ef:20:53:53:cc:c7:99:82:58:db:89:29:
3c:89:75:30:e8:0e:03:3c:35:9e:18:5e:16:ff:8b:
1e:d3:23:fc:05:1d:b8:9f:67:7d:26:88:a6:fe:6f:
2c:1a:3a:d3:0b:d6:51:74:15:83:a3:6a:a3:d8:20:
36:67:f0:ab:a1:a6:78:9a:78:c4:2f:2c:b4:ab:e0:
b4:c9:7e:51:4a:b6:be:ad:d9:3e:8e:d5:6b:35:84:
6e:57:82:51:3f:40:df:0a:0b:4a:72:02:a1:5f:4c:
0c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F9:45:8D:8B:E4:ED:F4:B9:A9:65:23:FB:E5:6C:FA:64:B9:7C:06
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/lflFjYvk7fS5qWUj--Vs-mS5fAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.76.0/24
45.88.105.0/24
45.91.200.0/23
45.132.107.0/24
77.83.175.0/24
91.211.249.0/24
92.119.114.0/24
185.219.83.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ae:13:e9:da:cc:03:56:f0:53:97:90:e3:5a:2f:d3:bc:fe:
1e:79:e5:47:3b:be:76:b4:36:4a:64:38:f3:5d:bd:fb:39:d1:
fa:bb:0c:ba:86:0c:cb:2d:e3:2e:05:03:d7:81:15:a3:3d:36:
3a:56:c4:d2:d4:28:f5:dc:72:c7:3d:fe:6f:a9:68:ed:2e:84:
61:3d:cf:13:a6:eb:23:3f:f3:81:16:fc:e1:23:57:34:23:8e:
02:c9:24:54:dd:e3:cd:f6:0e:4d:df:f1:22:e7:46:d2:5c:f6:
42:45:8d:fb:ae:8c:f1:23:ee:50:4f:23:b8:c1:39:20:c3:96:
a7:8e:81:e9:61:00:94:cf:63:aa:b1:18:89:17:be:40:a8:85:
8e:dd:e9:37:15:e9:09:74:a7:d6:8d:7c:c1:df:57:7b:28:aa:
fb:86:21:5a:16:8f:b4:bb:7a:1c:a6:17:49:b4:ef:45:1f:4b:
21:5d:85:08:57:be:23:5f:f9:33:17:d1:8b:a1:13:8f:dd:32:
12:bf:87:42:cd:2d:6d:e0:e7:2c:20:cd:cf:08:ce:81:4b:5e:
7c:b4:8a:91:4a:fa:91:42:60:42:d5:da:26:40:9b:25:88:26:
64:fc:4d:a0:da:5a:db:58:d3:e5:aa:1d:68:6e:17:5e:c4:e7:
b9:50:66:da
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZFV3bgXoGgDUxNSfs0rgOOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjQwODE1MTE0NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY5NDU4ZDhiZTRlZGY0YjlhOTY1MjNmYmU1NmNmYTY0Yjk3YzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXjI7rlz4jI/Vj1qV8wnspQJgNwW
Mk1Gk8GCeaipNmzIf9oisTEfvLlsao3d8CG4+x7xdn0OatOb6FBxp0tx3RfZTMl0
hzL0NV1ncevPzGKwfGVzSLNNFa4ztiLMbR6t1uj1Uw3FLnMP759JEcTSGTgO5F9M
e9p/sBYRfwytqv89qqa9w5Ic79T+ropn0tlL5rKqUWecb//vIFNTzMeZgljbiSk8
iXUw6A4DPDWeGF4W/4se0yP8BR24n2d9Joim/m8sGjrTC9ZRdBWDo2qj2CA2Z/Cr
oaZ4mnjELyy0q+C0yX5RSra+rdk+jtVrNYRuV4JRP0DfCgtKcgKhX0wMuQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJX5RY2L5O30uallI/vlbPpkuXwGMB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvbGZsRmpZdms3ZlM1cVdVai0tVnMtbVM1ZkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVhMAwQA
LVhpAwQBLVvIAwQALYRrAwQATVOvAwQAW9P5AwQAXHdyAwQAudtTMA0GCSqGSIb3
DQEBCwUAA4IBAQAVrhPp2swDVvBTl5DjWi/TvP4eeeVHO752tDZKZDjzXb37OdH6
uwy6hgzLLeMuBQPXgRWjPTY6VsTS1Cj13HLHPf5vqWjtLoRhPc8TpusjP/OBFvzh
I1c0I44CySRU3ePN9g5N3/Ei50bSXPZCRY37rozxI+5QTyO4wTkgw5anjoHpYQCU
z2OqsRiJF75AqIWO3ek3FekJdKfWjXzB31d7KKr7hiFaFo+0u3ocphdJtO9FH0sh
XYUIV74jX/kzF9GLoROP3TISv4dCzS1t4OcsIM3PCM6BS158tIqRSvqRQmBC1dom
QJsliCZk/E2g2lrbWNPlqh1obhdexOe5UGba
-----END CERTIFICATE-----
Generated at Thu Aug 29 16:57:24 2024 by rpki-client on console-fra.rpki-client.org