Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/LA45UhYCXofCb-m-Bwn9Mzh0MBk.roa
File: LA45UhYCXofCb-m-Bwn9Mzh0MBk.roa (raw, json)
Hash identifier: 5SICXVd+MHGZ6hzwCTNB2vChbIyuWVZtV6GeJIhTBlw=
Subject key identifier: 2C:0E:39:52:16:02:5E:87:C2:6F:E9:BE:07:09:FD:33:38:74:30:19
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018EEB5257D45151D92A6946ED4017D9E584
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/LA45UhYCXofCb-m-Bwn9Mzh0MBk.roa
Signing time: Wed 17 Apr 2024 09:10:25 +0000
ROA not before: Wed 17 Apr 2024 09:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.224.0/20 maxlen: 24
46.8.254.0/24 maxlen: 24
188.130.154.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 18 Apr 2024 02:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:52:57:d4:51:51:d9:2a:69:46:ed:40:17:d9:e5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Apr 17 09:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c0e395216025e87c26fe9be0709fd3338743019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ee:3e:69:f3:30:11:73:8c:2b:39:eb:a2:e5:
01:ce:47:14:05:94:eb:f4:4a:c9:5f:04:e2:fe:a9:
74:8d:52:58:f7:46:97:37:99:76:b5:25:cf:72:dc:
76:0c:79:2d:56:8a:46:a4:f0:3f:e2:8c:d5:d7:c2:
5e:d6:80:04:d5:0b:0e:12:6b:57:9b:e6:2b:ab:0c:
fe:d2:8c:36:35:40:25:5e:85:00:b2:29:2d:61:fb:
89:b0:ef:d9:e0:7b:46:1e:ce:78:eb:e6:27:b7:0a:
cd:2c:ff:b7:44:a9:11:a3:b3:7a:12:76:cb:8e:c6:
92:bf:27:14:7e:02:32:2b:e6:30:eb:b0:d5:f1:ad:
de:73:da:89:8d:9e:1f:4f:51:ec:c5:7d:e4:18:f5:
47:54:e1:95:e1:00:03:1a:3b:c8:e0:54:7c:8e:3c:
49:57:9c:68:31:89:e8:c3:55:3a:c2:9c:9d:a7:24:
4a:79:2a:b9:1c:f5:54:a6:2e:9b:1d:7b:fe:51:ed:
fe:14:1b:28:a6:16:d7:47:e4:c2:ff:85:d0:34:5a:
c8:d5:fb:cc:88:84:c2:e2:0a:7b:31:4b:27:90:77:
6f:eb:9b:a7:af:ab:5a:48:05:02:ab:be:65:43:1b:
a3:d5:c0:f8:24:26:08:21:e1:84:b1:a7:e9:7f:02:
b0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0E:39:52:16:02:5E:87:C2:6F:E9:BE:07:09:FD:33:38:74:30:19
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/LA45UhYCXofCb-m-Bwn9Mzh0MBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.224.0/20
46.8.254.0/24
188.130.154.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
78:d1:36:3d:46:c0:14:43:38:8e:2e:e5:42:22:fa:ec:55:15:
9f:63:40:fb:79:61:2d:39:ad:89:a7:09:55:24:7d:f9:15:7d:
11:76:65:28:cf:5d:ee:86:ac:f3:55:d5:41:c3:95:32:c5:0c:
60:4e:0a:fc:0b:bc:01:55:93:47:a5:00:6c:c7:bb:de:c9:07:
e0:e0:3e:09:76:8f:fd:db:36:e0:82:71:b8:d1:7c:cc:7b:6b:
56:09:1f:f4:aa:57:dc:97:67:70:83:3c:4a:aa:5f:bc:21:01:
3e:3d:49:25:16:07:de:76:8b:d9:ce:ac:89:e8:5a:f9:bd:80:
13:5a:bf:f2:a8:4a:db:42:db:17:5e:bc:49:42:9f:7d:d0:09:
d1:62:98:0d:bc:8c:38:e8:88:dc:a6:c2:a4:ee:24:f3:0a:22:
c9:59:ad:93:f5:b3:c1:af:99:34:77:79:f3:2e:03:dc:c5:68:
3e:10:02:25:3b:f5:8d:9d:a6:77:5b:fe:19:1a:95:2b:57:d8:
09:8e:07:1c:d5:38:c5:46:0d:a6:65:32:59:33:74:2e:2c:3f:
ba:eb:e7:ea:37:87:d8:8c:b1:61:6e:16:36:63:b5:5d:47:fc:
21:b2:0a:b7:27:b4:9c:a7:f7:a1:8f:3e:83:96:47:35:97:75:
63:8f:ae:ab
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY7rUlfUUVHZKmlG7UAX2eWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNDE3MDkxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzBlMzk1MjE2MDI1ZTg3YzI2ZmU5YmUwNzA5ZmQzMzM4NzQzMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO4+afMwEXOMKznrouUBzkcUBZTr
9ErJXwTi/ql0jVJY90aXN5l2tSXPctx2DHktVopGpPA/4ozV18Je1oAE1QsOEmtX
m+Yrqwz+0ow2NUAlXoUAsiktYfuJsO/Z4HtGHs546+YntwrNLP+3RKkRo7N6EnbL
jsaSvycUfgIyK+Yw67DV8a3ec9qJjZ4fT1HsxX3kGPVHVOGV4QADGjvI4FR8jjxJ
V5xoMYnow1U6wpydpyRKeSq5HPVUpi6bHXv+Ue3+FBsophbXR+TC/4XQNFrI1fvM
iITC4gp7MUsnkHdv65unr6taSAUCq75lQxuj1cD4JCYIIeGEsafpfwKw/QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCwOOVIWAl6Hwm/pvgcJ/TM4dDAZMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvTEE0NVVoWUNYb2ZDYi1tLUJ3bjlNemgwTUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQELgjgAwQA
Lgj+AwQAvIKaAwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEB
CwUAA4IBAQB40TY9RsAUQziOLuVCIvrsVRWfY0D7eWEtOa2JpwlVJH35FX0RdmUo
z13uhqzzVdVBw5UyxQxgTgr8C7wBVZNHpQBsx7veyQfg4D4Jdo/92zbggnG40XzM
e2tWCR/0qlfcl2dwgzxKql+8IQE+PUklFgfedovZzqyJ6Fr5vYATWr/yqErbQtsX
XrxJQp990AnRYpgNvIw46IjcpsKk7iTzCiLJWa2T9bPBr5k0d3nzLgPcxWg+EAIl
O/WNnaZ3W/4ZGpUrV9gJjgcc1TjFRg2mZTJZM3QuLD+66+fqN4fYjLFhbhY2Y7Vd
R/whsgq3J7Scp/ehjz6Dlkc1l3Vjj66r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org