Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Lbka_iH80VKlFpqrCh_Y7zsiFfg.roa
File: Lbka_iH80VKlFpqrCh_Y7zsiFfg.roa (raw, json)
Hash identifier: aGrzKgVI2PocMvfkhmAQUTJG/11KCgdP7LB7EVPt59Q=
Subject key identifier: 2D:B9:1A:FE:21:FC:D1:52:A5:16:9A:AB:0A:1F:D8:EF:3B:22:15:F8
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86F9D9549E837A514599A397397B3C3
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Lbka_iH80VKlFpqrCh_Y7zsiFfg.roa
Signing time: Tue 02 Jan 2024 04:30:07 +0000
ROA not before: Tue 02 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 45.84.214.0/24 maxlen: 24
2a0f:15c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 19:51:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:9d:95:49:e8:37:a5:14:59:9a:39:73:97:b3:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2db91afe21fcd152a5169aab0a1fd8ef3b2215f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a2:43:da:2b:50:f2:5b:ae:62:8c:7d:bd:0c:
a1:38:93:f7:a1:94:55:73:d9:4d:d5:70:92:c8:e1:
38:3c:81:3c:46:ae:b7:41:2f:b2:f5:24:32:c0:b7:
ed:d9:fb:8f:56:41:35:c9:b6:09:0f:4c:00:0b:8c:
28:38:38:ad:71:8a:3b:6b:31:f7:f8:2c:f8:e7:62:
42:d6:73:9c:5a:fa:6c:ea:3f:7c:96:06:12:76:5e:
c9:42:d9:83:58:52:16:04:59:64:75:d3:26:2d:15:
2f:3e:c6:24:65:40:77:54:4d:0b:6c:b3:f2:5b:33:
73:a2:3e:01:7e:6d:ee:13:0c:b9:0c:a5:56:8e:a6:
bb:52:24:21:88:23:96:a2:c8:2e:44:73:db:8a:17:
7f:83:20:2b:cc:fe:9f:f0:47:47:7d:81:59:2c:55:
24:ea:47:02:a9:57:8b:75:5b:17:d3:0d:df:9a:16:
90:8d:dd:e2:ed:17:17:a0:5d:4b:68:4c:ca:90:f0:
ea:14:61:8f:24:11:61:c2:56:ec:03:e2:8a:65:23:
7c:d5:be:80:88:c1:ac:e1:6d:71:cf:26:95:16:02:
f2:cc:78:76:c1:c5:94:4c:6c:2a:3d:64:3c:ee:1a:
05:4a:97:d7:a6:d5:f5:f2:14:0f:aa:b5:0b:aa:ac:
d7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B9:1A:FE:21:FC:D1:52:A5:16:9A:AB:0A:1F:D8:EF:3B:22:15:F8
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Lbka_iH80VKlFpqrCh_Y7zsiFfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.214.0/24
IPv6:
2a0f:15c0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:29:cb:3a:07:46:86:14:0d:df:ff:a9:f7:20:b1:30:be:ec:
cc:9d:7c:6d:f1:3b:d5:ed:b8:35:2e:58:23:c6:68:c0:2e:ab:
8f:97:ec:1b:8c:40:d6:b5:4f:1b:87:ca:57:69:54:5d:cd:97:
6f:20:ed:dd:66:83:56:a5:b1:dc:f9:46:b3:a3:03:dd:53:f0:
85:d2:35:b9:fd:51:00:29:e0:3e:5f:90:9d:7d:22:f1:86:fb:
4e:de:44:85:81:24:ca:d0:bb:55:5f:c0:e3:45:43:ea:ca:ef:
85:d9:09:4e:00:a9:05:b3:1b:88:78:a6:96:11:96:70:5e:fd:
71:8d:f2:6c:6d:4c:7c:7b:54:0b:5b:c7:42:39:25:17:94:f2:
81:54:23:fc:a0:25:fc:0d:dd:17:d9:e3:22:51:b2:c7:59:ec:
c0:96:6d:0b:2e:db:de:54:27:0d:f1:e1:01:06:18:d9:57:af:
fd:e3:1f:f7:c8:73:1c:ae:a1:7a:21:6e:52:03:d0:80:15:25:
08:69:6c:47:b1:b4:59:68:da:96:1d:f5:46:00:ca:e0:19:ef:
0e:c8:66:ec:9c:66:c3:97:05:59:38:47:19:67:d7:0e:3a:f4:
b3:31:7d:01:18:ac:d6:fc:51:f5:e0:42:25:99:f0:5e:07:c1:
a5:61:9b:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb52VSeg3pRRZmjlzl7PDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGI5MWFmZTIxZmNkMTUyYTUxNjlhYWIwYTFmZDhlZjNiMjIxNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqJD2itQ8luuYox9vQyhOJP3oZRV
c9lN1XCSyOE4PIE8Rq63QS+y9SQywLft2fuPVkE1ybYJD0wAC4woODitcYo7azH3
+Cz452JC1nOcWvps6j98lgYSdl7JQtmDWFIWBFlkddMmLRUvPsYkZUB3VE0LbLPy
WzNzoj4Bfm3uEwy5DKVWjqa7UiQhiCOWosguRHPbihd/gyArzP6f8EdHfYFZLFUk
6kcCqVeLdVsX0w3fmhaQjd3i7RcXoF1LaEzKkPDqFGGPJBFhwlbsA+KKZSN81b6A
iMGs4W1xzyaVFgLyzHh2wcWUTGwqPWQ87hoFSpfXptX18hQPqrULqqzXhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC25Gv4h/NFSpRaaqwof2O87IhX4MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvTGJrYV9pSDgwVktsRnBxckNoX1k3enNpRmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVTWMA0E
AgACMAcDBQAqDxXAMA0GCSqGSIb3DQEBCwUAA4IBAQANKcs6B0aGFA3f/6n3ILEw
vuzMnXxt8TvV7bg1LlgjxmjALquPl+wbjEDWtU8bh8pXaVRdzZdvIO3dZoNWpbHc
+UazowPdU/CF0jW5/VEAKeA+X5CdfSLxhvtO3kSFgSTK0LtVX8DjRUPqyu+F2QlO
AKkFsxuIeKaWEZZwXv1xjfJsbUx8e1QLW8dCOSUXlPKBVCP8oCX8Dd0X2eMiUbLH
WezAlm0LLtveVCcN8eEBBhjZV6/94x/3yHMcrqF6IW5SA9CAFSUIaWxHsbRZaNqW
HfVGAMrgGe8OyGbsnGbDlwVZOEcZZ9cOOvSzMX0BGKzW/FH14EIlmfBeB8GlYZtB
-----END CERTIFICATE-----
Generated at Mon Jan 22 23:12:46 2024 by rpki-client on console-ams.rpki-client.org