Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/3lbgMxjri49qvewNRI2-gT72QpU.roa
File: 3lbgMxjri49qvewNRI2-gT72QpU.roa (raw, json)
Hash identifier: tRYCov+fCtGK9sRmJo3+TV7CiMB+R9tZohFy0UK77Q4=
Subject key identifier: DE:56:E0:33:18:EB:8B:8F:6A:BD:EC:0D:44:8D:BE:81:3E:F6:42:95
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018D8AF6EF7669645FB06F4573B92BA0585C
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/3lbgMxjri49qvewNRI2-gT72QpU.roa
Signing time: Thu 08 Feb 2024 23:04:15 +0000
ROA not before: Thu 08 Feb 2024 23:04:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 45.43.136.0/21 maxlen: 21
216.173.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 23 Feb 2024 20:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:f6:ef:76:69:64:5f:b0:6f:45:73:b9:2b:a0:58:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 8 23:04:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de56e03318eb8b8f6abdec0d448dbe813ef64295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c5:b8:48:a3:c2:56:50:d3:19:6e:02:15:f7:
07:28:5b:c3:74:fa:0e:b4:27:a5:0b:0d:05:3a:cd:
5e:44:e9:2c:66:24:3d:72:f9:9d:2b:ab:07:7f:2b:
3a:2e:b0:b7:ea:43:26:c9:4b:2f:e3:39:b8:f0:85:
75:9d:22:b3:23:33:5c:95:32:76:7a:c5:ec:41:a8:
3c:d2:5d:e3:88:bc:97:06:0f:2a:d7:19:25:08:0a:
6c:7b:1d:62:1e:95:46:2d:51:c3:26:3f:6d:a1:7e:
44:71:1b:17:36:6f:f0:2e:d8:f8:90:54:64:09:cd:
1c:07:7d:64:ab:f1:cf:40:87:b6:18:a8:41:b3:af:
32:ae:17:08:a6:4f:58:ab:c5:6c:14:53:9c:3c:f9:
52:4d:91:cb:b2:54:15:7d:64:ae:a8:c0:26:a8:8a:
61:37:b6:64:1f:3d:10:4f:91:c0:c0:10:d6:d6:d8:
70:2e:f7:d1:31:dc:b5:e3:58:a5:52:a4:ad:24:a7:
bd:7f:de:6f:2e:c4:28:d3:1a:c1:16:ba:41:ba:80:
c1:fa:6d:f5:78:e8:08:dd:62:88:bc:a8:9c:21:ef:
23:bc:59:8e:ce:41:19:29:5b:8c:43:83:df:83:d4:
e3:d8:c6:fe:3a:84:68:1d:92:47:60:df:94:f6:d3:
6d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:56:E0:33:18:EB:8B:8F:6A:BD:EC:0D:44:8D:BE:81:3E:F6:42:95
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/3lbgMxjri49qvewNRI2-gT72QpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.136.0/21
216.173.64.0/22
Signature Algorithm: sha256WithRSAEncryption
00:38:de:37:13:5f:77:d5:bc:e3:bc:18:c1:a8:fb:1b:cc:73:
d5:82:1b:bd:eb:8a:5b:c1:67:69:ee:f8:7f:fe:fc:bb:cf:a8:
ba:32:98:93:53:ce:9e:8d:ab:6f:92:7d:a3:fa:74:4f:8e:d1:
db:95:bd:e9:ce:ba:f0:a3:12:18:b3:2c:1b:a5:a1:c5:6b:67:
c3:e4:56:5b:a9:5d:35:52:82:4c:64:75:85:83:f5:db:40:b3:
6e:b0:2e:f2:73:b8:67:29:9e:ef:57:56:d2:d2:bf:51:36:2e:
19:21:53:8e:b6:6e:5e:88:3b:f0:08:93:e3:65:b7:f6:c8:b7:
02:6e:96:cd:b1:e4:7e:3e:88:14:fb:86:24:38:d8:c6:40:c6:
34:ed:b3:16:69:fc:c2:b0:e1:19:e0:16:b0:3a:72:b8:00:dc:
3e:38:00:2b:14:be:ad:73:15:88:4d:51:95:c3:43:d3:a2:fa:
79:66:63:9d:53:54:ee:1b:87:33:eb:85:8e:1a:fa:19:f4:d9:
8e:ca:dc:65:b1:cc:2a:53:a5:57:35:6a:3b:ba:cb:6a:4a:4a:
60:6d:85:60:b9:54:7d:f2:ff:57:ae:95:eb:1d:13:b4:51:fa:
a3:58:7b:d5:ec:62:ee:1e:a4:ed:af:66:96:3d:a3:6e:0a:8d:
14:7b:62:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2K9u92aWRfsG9Fc7kroFhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMjA4MjMwNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU2ZTAzMzE4ZWI4YjhmNmFiZGVjMGQ0NDhkYmU4MTNlZjY0Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMW4SKPCVlDTGW4CFfcHKFvDdPoO
tCelCw0FOs1eROksZiQ9cvmdK6sHfys6LrC36kMmyUsv4zm48IV1nSKzIzNclTJ2
esXsQag80l3jiLyXBg8q1xklCApsex1iHpVGLVHDJj9toX5EcRsXNm/wLtj4kFRk
Cc0cB31kq/HPQIe2GKhBs68yrhcIpk9Yq8VsFFOcPPlSTZHLslQVfWSuqMAmqIph
N7ZkHz0QT5HAwBDW1thwLvfRMdy141ilUqStJKe9f95vLsQo0xrBFrpBuoDB+m31
eOgI3WKIvKicIe8jvFmOzkEZKVuMQ4Pfg9Tj2Mb+OoRoHZJHYN+U9tNtwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN5W4DMY64uPar3sDUSNvoE+9kKVMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvM2xiZ014anJpNDlxdmV3TlJJMi1nVDcyUXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLSuIAwQC
2K1AMA0GCSqGSIb3DQEBCwUAA4IBAQAAON43E1931bzjvBjBqPsbzHPVghu964pb
wWdp7vh//vy7z6i6MpiTU86ejatvkn2j+nRPjtHblb3pzrrwoxIYsywbpaHFa2fD
5FZbqV01UoJMZHWFg/XbQLNusC7yc7hnKZ7vV1bS0r9RNi4ZIVOOtm5eiDvwCJPj
Zbf2yLcCbpbNseR+PogU+4YkONjGQMY07bMWafzCsOEZ4BawOnK4ANw+OAArFL6t
cxWITVGVw0PTovp5ZmOdU1TuG4cz64WOGvoZ9NmOytxlscwqU6VXNWo7ustqSkpg
bYVguVR98v9XrpXrHRO0UfqjWHvV7GLuHqTtr2aWPaNuCo0Ue2Iy
-----END CERTIFICATE-----
Generated at Sat Feb 24 01:09:36 2024 by rpki-client on console-ams.rpki-client.org