Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/lJk-TYO_UueiDufhIN95XvPbGIg.roa
File: lJk-TYO_UueiDufhIN95XvPbGIg.roa (raw, json)
Hash identifier: baPXtt2q4CxEvOGfJkgiTmJHRW+YOGuwhxZorCxEHxM=
Subject key identifier: 94:99:3E:4D:83:BF:52:E7:A2:0E:E7:E1:20:DF:79:5E:F3:DB:18:88
Certificate issuer: /CN=1644e6c50cb692dfb640f6f88e228a2d9b06c679
Certificate serial: 018572710ED6E41FDD9A540DCAD1D0A5BF50
Authority key identifier: 16:44:E6:C5:0C:B6:92:DF:B6:40:F6:F8:8E:22:8A:2D:9B:06:C6:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FkTmxQy2kt-2QPb4jiKKLZsGxnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/lJk-TYO_UueiDufhIN95XvPbGIg.roa
Signing time: Mon 02 Jan 2023 12:24:50 +0000
ROA not before: Mon 02 Jan 2023 12:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208776
IP address blocks: 45.14.58.0/24 maxlen: 24
45.14.57.0/24 maxlen: 24
45.14.56.0/23 maxlen: 23
45.14.56.0/24 maxlen: 24
45.14.56.0/22 maxlen: 22
45.14.58.0/23 maxlen: 23
45.14.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:0e:d6:e4:1f:dd:9a:54:0d:ca:d1:d0:a5:bf:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1644e6c50cb692dfb640f6f88e228a2d9b06c679
Validity
Not Before: Jan 2 12:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94993e4d83bf52e7a20ee7e120df795ef3db1888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:06:2a:ab:25:67:6b:22:05:29:8b:61:0a:ed:
54:40:0f:a0:33:88:5c:72:3e:51:3c:fb:1e:51:9d:
ce:aa:63:33:fa:14:68:70:70:37:73:bc:72:cd:a1:
0e:d4:df:72:9d:1f:d5:ad:cb:cc:eb:5e:08:9a:70:
33:36:36:83:cf:2a:87:80:c6:e9:bb:9b:fc:c3:e8:
50:83:23:8b:a7:06:78:e2:77:14:68:3e:3b:d0:8f:
6a:11:81:72:a8:4b:41:c4:78:28:64:90:c1:be:cc:
c3:78:af:a7:d4:5e:65:1e:4d:7e:f9:23:e2:22:bb:
81:56:74:aa:59:f0:68:bd:6b:3f:35:df:a4:17:a5:
a8:8a:18:a6:de:84:d5:d5:0d:77:49:8d:23:b0:a8:
9f:95:85:bb:c8:e6:38:ce:26:a3:c8:62:4c:42:9d:
76:ee:cd:14:53:31:86:a3:31:23:66:d7:9b:72:f3:
0a:18:a7:e6:67:c1:c2:1e:a4:23:3e:08:84:72:fa:
26:f9:e8:f1:5a:99:e1:78:14:0a:07:ef:68:d4:d7:
4a:19:7e:7f:75:29:d0:fc:e6:22:7a:e3:a0:a1:17:
d1:e3:88:cb:7f:1b:e1:b4:f4:00:92:52:d8:0f:01:
e1:c7:f7:3e:49:3c:1f:40:ac:a0:95:dc:43:c4:fe:
88:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:99:3E:4D:83:BF:52:E7:A2:0E:E7:E1:20:DF:79:5E:F3:DB:18:88
X509v3 Authority Key Identifier:
keyid:16:44:E6:C5:0C:B6:92:DF:B6:40:F6:F8:8E:22:8A:2D:9B:06:C6:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FkTmxQy2kt-2QPb4jiKKLZsGxnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/lJk-TYO_UueiDufhIN95XvPbGIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/FkTmxQy2kt-2QPb4jiKKLZsGxnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.56.0/22
Signature Algorithm: sha256WithRSAEncryption
86:d0:4d:6b:2f:5d:4e:9e:a3:4c:fa:ed:a5:0f:ae:94:dc:f3:
e0:20:9f:31:db:28:89:e0:61:e9:d3:36:6c:60:1d:16:25:74:
a5:4d:6c:54:f7:1f:dc:3a:f0:6c:13:dd:3d:af:4d:e4:23:69:
6b:12:66:25:24:66:a9:3a:b0:25:5b:14:0b:d7:d9:2a:c6:e0:
d6:a1:10:44:a3:ee:10:32:c6:52:8d:94:85:7e:cf:cf:28:eb:
e2:a4:f5:cf:2c:ae:95:82:c6:f4:57:35:48:83:31:68:ad:aa:
b6:c6:2a:27:b1:31:d6:d5:b5:46:e2:77:ee:75:88:0d:1c:50:
f4:ec:3a:8f:8b:9e:fc:17:3e:8c:b1:f8:6f:73:20:e3:af:b7:
03:80:21:23:dc:f9:db:ed:c7:47:14:69:2f:a9:75:8e:ab:09:
e3:fe:bb:d3:93:2e:23:18:ca:92:9f:8b:fd:9c:a0:65:0d:5d:
77:fe:32:7d:0c:8a:d1:80:ab:28:86:72:c2:94:69:8f:7a:b0:
4b:7d:b0:0e:9c:30:48:a4:25:37:a6:d1:8c:60:31:41:7a:83:
d6:55:b2:a0:b5:f8:49:e3:e1:f8:b4:06:b4:3f:aa:89:66:7f:
ba:e4:5b:8c:31:f7:64:68:cc:c2:6f:1d:9b:b5:73:57:f8:44:
03:64:44:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycQ7W5B/dmlQNytHQpb9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NDRlNmM1MGNiNjkyZGZiNjQwZjZmODhlMjI4YTJkOWIw
NmM2NzkwHhcNMjMwMTAyMTIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk5M2U0ZDgzYmY1MmU3YTIwZWU3ZTEyMGRmNzk1ZWYzZGIxODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwYqqyVnayIFKYthCu1UQA+gM4hc
cj5RPPseUZ3OqmMz+hRocHA3c7xyzaEO1N9ynR/VrcvM614ImnAzNjaDzyqHgMbp
u5v8w+hQgyOLpwZ44ncUaD470I9qEYFyqEtBxHgoZJDBvszDeK+n1F5lHk1++SPi
IruBVnSqWfBovWs/Nd+kF6Woihim3oTV1Q13SY0jsKiflYW7yOY4ziajyGJMQp12
7s0UUzGGozEjZtebcvMKGKfmZ8HCHqQjPgiEcvom+ejxWpnheBQKB+9o1NdKGX5/
dSnQ/OYieuOgoRfR44jLfxvhtPQAklLYDwHhx/c+STwfQKygldxDxP6I/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSZPk2Dv1Lnog7n4SDfeV7z2xiIMB8GA1UdIwQY
MBaAFBZE5sUMtpLftkD2+I4iii2bBsZ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmtUbXhReTJrdC0yUVBiNGppS0tMWnNHeG5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmUxNGUtZjkwMC00YWIwLTkzZmQt
ZmRlYmYxMjViNDhlLzEvbEprLVRZT19VdWVpRHVmaElOOTVYdlBiR0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmUxNGUtZjkwMC00YWIwLTkzZmQtZmRlYmYxMjViNDhl
LzEvRmtUbXhReTJrdC0yUVBiNGppS0tMWnNHeG5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ44MA0G
CSqGSIb3DQEBCwUAA4IBAQCG0E1rL11OnqNM+u2lD66U3PPgIJ8x2yiJ4GHp0zZs
YB0WJXSlTWxU9x/cOvBsE909r03kI2lrEmYlJGapOrAlWxQL19kqxuDWoRBEo+4Q
MsZSjZSFfs/PKOvipPXPLK6Vgsb0VzVIgzForaq2xionsTHW1bVG4nfudYgNHFD0
7DqPi578Fz6MsfhvcyDjr7cDgCEj3Pnb7cdHFGkvqXWOqwnj/rvTky4jGMqSn4v9
nKBlDV13/jJ9DIrRgKsohnLClGmPerBLfbAOnDBIpCU3ptGMYDFBeoPWVbKgtfhJ
4+H4tAa0P6qJZn+65FuMMfdkaMzCbx2btXNX+EQDZETX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:28 2024 by rpki-client on console-ams.rpki-client.org