Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/1bc0cb-dfa4-4151-a61b-335a7e4384b1/1/ELKP4sQA2BD0D4PkPVFTgZGCgMI.roa
File: ELKP4sQA2BD0D4PkPVFTgZGCgMI.roa (raw, json)
Hash identifier: RXsYqpnDFO14Hjn5bjGNl0IjO877S+yFxtkNVbO4GYo=
Subject key identifier: 10:B2:8F:E2:C4:00:D8:10:F4:0F:83:E4:3D:51:53:81:91:82:80:C2
Certificate issuer: /CN=5ad0c41fde99651b132906ff0602b47b5607a5be
Certificate serial: 01906DDED61B28A7A8ED5E8AD1CB61B6B524
Authority key identifier: 5A:D0:C4:1F:DE:99:65:1B:13:29:06:FF:06:02:B4:7B:56:07:A5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtDEH96ZZRsTKQb_BgK0e1YHpb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/1bc0cb-dfa4-4151-a61b-335a7e4384b1/1/ELKP4sQA2BD0D4PkPVFTgZGCgMI.roa
Signing time: Mon 01 Jul 2024 10:37:18 +0000
ROA not before: Mon 01 Jul 2024 10:37:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199919
IP address blocks: 45.153.96.0/22 maxlen: 22
45.153.96.0/24 maxlen: 24
45.153.97.0/24 maxlen: 24
45.153.98.0/24 maxlen: 24
45.153.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:de:d6:1b:28:a7:a8:ed:5e:8a:d1:cb:61:b6:b5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad0c41fde99651b132906ff0602b47b5607a5be
Validity
Not Before: Jul 1 10:37:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10b28fe2c400d810f40f83e43d515381918280c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:00:84:5b:b8:cb:6b:62:e4:51:4b:bd:bd:ab:
6e:91:b4:e2:73:d8:a6:7a:fc:bb:b7:8a:f5:81:f3:
0c:a1:7b:09:7e:00:b5:08:3e:03:12:14:38:a8:08:
03:c5:80:76:39:db:94:f8:52:a5:39:33:56:22:b4:
48:2a:2b:93:5a:c9:e6:c5:fd:d2:63:ac:e0:8c:69:
6d:b0:81:22:b6:b9:f1:ca:58:ec:38:1a:1f:cf:75:
c0:c8:20:41:b9:ae:41:dd:bd:4e:d4:31:2b:a2:0a:
d9:94:f2:42:bf:a7:86:79:43:9e:b0:09:1e:c7:b0:
58:3e:e2:c7:c7:18:04:42:51:71:40:a1:74:de:aa:
7e:33:e2:9b:84:5d:e3:2b:dc:f0:2a:56:be:f3:ec:
21:d2:c9:0e:d5:92:c7:0d:95:4b:c2:ac:bb:5e:05:
51:d7:b1:e9:35:e0:43:19:5e:cc:a4:f1:63:24:27:
cc:5f:7a:ba:6b:5a:e3:a6:65:11:2d:a7:0d:57:bf:
b0:4f:73:93:ed:02:ee:84:9b:cb:8b:c0:cb:41:51:
01:95:c6:73:fa:df:02:60:00:50:2f:65:b3:ef:29:
cc:2c:52:03:2b:48:89:94:b0:89:cb:73:5b:cd:21:
e6:5d:d4:52:ee:ad:04:35:54:ec:e9:34:e0:c9:bd:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B2:8F:E2:C4:00:D8:10:F4:0F:83:E4:3D:51:53:81:91:82:80:C2
X509v3 Authority Key Identifier:
keyid:5A:D0:C4:1F:DE:99:65:1B:13:29:06:FF:06:02:B4:7B:56:07:A5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtDEH96ZZRsTKQb_BgK0e1YHpb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/1bc0cb-dfa4-4151-a61b-335a7e4384b1/1/ELKP4sQA2BD0D4PkPVFTgZGCgMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/1bc0cb-dfa4-4151-a61b-335a7e4384b1/1/WtDEH96ZZRsTKQb_BgK0e1YHpb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.96.0/22
Signature Algorithm: sha256WithRSAEncryption
32:2f:ee:e5:81:ab:9c:ed:d1:27:d3:b2:e5:47:24:98:10:31:
a1:59:ad:ab:af:26:ba:06:38:53:2b:f3:38:cf:3f:8b:02:04:
a7:de:16:33:aa:99:3c:4b:c4:31:01:89:ad:28:12:10:37:b6:
01:22:14:28:3a:da:65:20:c6:d0:7e:d0:f3:ba:b4:ed:47:7e:
0e:ce:f4:7d:13:bf:58:7e:41:86:29:0b:91:5e:34:2f:3e:e4:
ed:13:c1:30:93:5e:69:3b:4f:13:52:3c:1e:84:1a:d3:a2:15:
42:68:2a:34:cd:c8:fd:da:54:ac:9a:19:a7:85:8c:94:23:35:
89:57:68:07:3d:22:c8:73:0f:0b:2e:31:ef:da:8f:74:8b:de:
6a:94:71:73:53:7e:5e:cd:dc:b3:31:8a:29:c9:37:fd:d5:cd:
27:ab:d2:25:f3:57:2f:91:7a:7c:93:0e:28:c6:30:3a:ca:00:
bf:7e:45:86:ba:e5:67:df:0e:fe:84:b0:42:7b:3f:c0:16:11:
22:80:a4:d2:f3:c4:b3:f7:fb:cf:c8:9d:be:0a:79:b1:84:0d:
b1:d1:dd:45:b7:60:7d:0a:9f:53:f6:bb:7d:44:ce:11:0f:20:
ba:8b:fb:6d:55:5a:ce:b5:49:41:80:01:43:61:72:a7:74:1d:
7f:9f:86:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBt3tYbKKeo7V6K0cthtrUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDBjNDFmZGU5OTY1MWIxMzI5MDZmZjA2MDJiNDdiNTYw
N2E1YmUwHhcNMjQwNzAxMTAzNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGIyOGZlMmM0MDBkODEwZjQwZjgzZTQzZDUxNTM4MTkxODI4MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowCEW7jLa2LkUUu9vatukbTic9im
evy7t4r1gfMMoXsJfgC1CD4DEhQ4qAgDxYB2OduU+FKlOTNWIrRIKiuTWsnmxf3S
Y6zgjGltsIEitrnxyljsOBofz3XAyCBBua5B3b1O1DErogrZlPJCv6eGeUOesAke
x7BYPuLHxxgEQlFxQKF03qp+M+KbhF3jK9zwKla+8+wh0skO1ZLHDZVLwqy7XgVR
17HpNeBDGV7MpPFjJCfMX3q6a1rjpmURLacNV7+wT3OT7QLuhJvLi8DLQVEBlcZz
+t8CYABQL2Wz7ynMLFIDK0iJlLCJy3NbzSHmXdRS7q0ENVTs6TTgyb2orwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCyj+LEANgQ9A+D5D1RU4GRgoDCMB8GA1UdIwQY
MBaAFFrQxB/emWUbEykG/wYCtHtWB6W+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RERUg5NlpaUnNUS1FiX0JnSzBlMVlIcGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8xYmMwY2ItZGZhNC00MTUxLWE2MWIt
MzM1YTdlNDM4NGIxLzEvRUxLUDRzUUEyQkQwRDRQa1BWRlRnWkdDZ01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8xYmMwY2ItZGZhNC00MTUxLWE2MWItMzM1YTdlNDM4NGIx
LzEvV3RERUg5NlpaUnNUS1FiX0JnSzBlMVlIcGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZlgMA0G
CSqGSIb3DQEBCwUAA4IBAQAyL+7lgauc7dEn07LlRySYEDGhWa2rrya6BjhTK/M4
zz+LAgSn3hYzqpk8S8QxAYmtKBIQN7YBIhQoOtplIMbQftDzurTtR34OzvR9E79Y
fkGGKQuRXjQvPuTtE8Ewk15pO08TUjwehBrTohVCaCo0zcj92lSsmhmnhYyUIzWJ
V2gHPSLIcw8LLjHv2o90i95qlHFzU35ezdyzMYopyTf91c0nq9Il81cvkXp8kw4o
xjA6ygC/fkWGuuVn3w7+hLBCez/AFhEigKTS88Sz9/vPyJ2+CnmxhA2x0d1Ft2B9
Cp9T9rt9RM4RDyC6i/ttVVrOtUlBgAFDYXKndB1/n4Yv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:53 2025 by rpki-client