Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/lJtxU7OVK3VluXhy1AScFQjPwsw.roa
File: lJtxU7OVK3VluXhy1AScFQjPwsw.roa (raw, json)
Hash identifier: gAFvTlubrDP3ZzBF7ybD8PZDgT0s4/A7uJ2kcDMsmus=
Subject key identifier: 94:9B:71:53:B3:95:2B:75:65:B9:78:72:D4:04:9C:15:08:CF:C2:CC
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018D1105ABAFF881E1C159F9B9DBA0F4FE2D
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/lJtxU7OVK3VluXhy1AScFQjPwsw.roa
Signing time: Tue 16 Jan 2024 06:46:40 +0000
ROA not before: Tue 16 Jan 2024 06:46:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 45.146.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:05:ab:af:f8:81:e1:c1:59:f9:b9:db:a0:f4:fe:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 16 06:46:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=949b7153b3952b7565b97872d4049c1508cfc2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:31:fe:b5:61:97:b3:ce:e5:43:d1:d2:08:2a:
d5:93:bd:bb:ea:68:24:df:48:d3:e1:6d:8f:44:bf:
66:c9:27:78:9f:a0:6b:74:7b:ca:0c:e5:ba:95:79:
0a:6d:57:b4:20:39:95:91:44:75:27:bf:96:ce:b8:
92:a4:9e:28:5d:bb:c1:1a:5a:f3:ba:da:0e:89:9f:
10:f0:44:1b:20:e3:01:7d:da:fc:42:6f:db:7d:55:
71:4e:7f:9d:f9:49:6e:d1:7a:43:29:66:48:25:22:
81:01:3a:13:d1:36:bf:e8:6a:43:3d:e4:43:ae:ac:
2f:0d:f2:9a:76:97:a4:1d:07:63:64:c2:44:cd:e0:
9e:f9:e5:03:33:20:4a:88:0c:9c:71:20:2d:a9:57:
48:73:7e:ab:04:6b:ea:8b:41:c1:dc:f7:9d:6a:f7:
73:f4:2d:9b:71:2d:ad:48:6e:35:19:e8:10:b9:fb:
3b:f8:36:02:c1:c3:0f:ca:5d:55:4e:f1:c8:8d:92:
eb:23:f0:3b:20:82:2c:92:e2:89:09:11:36:d6:26:
d9:9b:c2:d8:90:b0:25:a0:7a:45:62:71:ac:14:05:
51:d5:63:6e:5b:86:dc:cd:3d:58:2e:40:83:d5:be:
75:53:29:1d:5a:fe:8e:92:ff:ab:62:60:b9:e4:76:
f0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9B:71:53:B3:95:2B:75:65:B9:78:72:D4:04:9C:15:08:CF:C2:CC
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/lJtxU7OVK3VluXhy1AScFQjPwsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.203.0/24
Signature Algorithm: sha256WithRSAEncryption
36:24:42:8e:ea:9f:1f:e7:0d:ca:84:30:90:b3:72:dc:63:1f:
e0:ae:93:30:ba:9d:e3:84:0b:19:c4:64:fa:3b:fc:59:5f:1f:
07:09:8d:d1:0d:e0:15:b9:34:8c:44:45:5b:3f:15:21:fa:07:
7d:c3:12:a9:05:dd:d0:44:91:d3:be:7f:58:68:f6:93:2e:d6:
8f:7d:02:5c:da:79:fb:67:51:f6:0b:27:a5:13:e7:6d:e3:7b:
9b:33:e6:61:95:3c:ad:3b:76:46:2a:e8:5a:0c:07:ab:ed:a5:
96:af:e6:bb:45:53:0f:a5:aa:b4:99:4c:9b:60:b3:18:24:ca:
52:92:4e:2d:58:fa:f7:d4:63:14:ef:00:ab:0a:0c:3c:0c:65:
33:8f:e3:a9:6f:58:e2:25:b2:e4:02:ce:e8:a6:1f:83:a1:46:
44:6f:5b:50:4a:93:e0:e6:bb:38:e9:1c:64:7e:dc:56:19:db:
fa:68:fd:a9:97:66:86:d4:0a:b4:ad:9d:4f:fc:2a:ad:92:a7:
d7:85:59:27:12:87:77:40:93:1c:7b:d3:a6:b0:22:77:0c:2a:
01:d3:df:33:1c:a0:31:ff:8a:25:ee:c4:40:3c:62:95:18:63:
92:1f:4c:4f:7b:9e:a2:ed:8c:d7:95:53:21:99:fc:1d:76:f7:
95:e9:a6:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0RBauv+IHhwVn5udug9P4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjQwMTE2MDY0NjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDliNzE1M2IzOTUyYjc1NjViOTc4NzJkNDA0OWMxNTA4Y2ZjMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjH+tWGXs87lQ9HSCCrVk7276mgk
30jT4W2PRL9mySd4n6BrdHvKDOW6lXkKbVe0IDmVkUR1J7+WzriSpJ4oXbvBGlrz
utoOiZ8Q8EQbIOMBfdr8Qm/bfVVxTn+d+Ulu0XpDKWZIJSKBAToT0Ta/6GpDPeRD
rqwvDfKadpekHQdjZMJEzeCe+eUDMyBKiAyccSAtqVdIc36rBGvqi0HB3Pedavdz
9C2bcS2tSG41GegQufs7+DYCwcMPyl1VTvHIjZLrI/A7IIIskuKJCRE21ibZm8LY
kLAloHpFYnGsFAVR1WNuW4bczT1YLkCD1b51UykdWv6Okv+rYmC55HbwQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSbcVOzlSt1Zbl4ctQEnBUIz8LMMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvbEp0eFU3T1ZLM1ZsdVhoeTFBU2NGUWpQd3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZLLMA0G
CSqGSIb3DQEBCwUAA4IBAQA2JEKO6p8f5w3KhDCQs3LcYx/grpMwup3jhAsZxGT6
O/xZXx8HCY3RDeAVuTSMREVbPxUh+gd9wxKpBd3QRJHTvn9YaPaTLtaPfQJc2nn7
Z1H2CyelE+dt43ubM+ZhlTytO3ZGKuhaDAer7aWWr+a7RVMPpaq0mUybYLMYJMpS
kk4tWPr31GMU7wCrCgw8DGUzj+Opb1jiJbLkAs7oph+DoUZEb1tQSpPg5rs46Rxk
ftxWGdv6aP2pl2aG1Aq0rZ1P/CqtkqfXhVknEod3QJMce9OmsCJ3DCoB098zHKAx
/4ol7sRAPGKVGGOSH0xPe56i7YzXlVMhmfwddveV6aYh
-----END CERTIFICATE-----
Generated at Thu Feb 22 15:04:25 2024 by rpki-client on console-fra.rpki-client.org