Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/LDR-qr6cXWQfFy6-5dlJixFs_1c.roa
File: LDR-qr6cXWQfFy6-5dlJixFs_1c.roa (raw, json)
Hash identifier: 6xsBOnAiidoSTbiKhHoO3HG2nWLGfGDSq+COnXn8SDQ=
Subject key identifier: 2C:34:7E:AA:BE:9C:5D:64:1F:17:2E:BE:E5:D9:49:8B:11:6C:FF:57
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA6C3B160902C24C76D48C8373A247
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/LDR-qr6cXWQfFy6-5dlJixFs_1c.roa
Signing time: Mon 02 Jan 2023 13:44:58 +0000
ROA not before: Mon 02 Jan 2023 13:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48646
IP address blocks: 45.152.124.0/24 maxlen: 24
2a0f:5707:aac0::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:6c:3b:16:09:02:c2:4c:76:d4:8c:83:73:a2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c347eaabe9c5d641f172ebee5d9498b116cff57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:87:c2:20:54:40:0e:24:33:ce:e8:30:f9:f4:
7f:72:a7:74:04:fa:85:34:9c:89:4b:c7:00:37:75:
e9:b2:6d:38:90:bf:38:92:7e:5f:cf:67:d8:65:0e:
6a:b7:89:c2:91:8a:2d:25:fc:5e:45:35:84:94:92:
8c:e0:39:b1:c2:2a:8b:47:f9:9f:23:da:11:2d:db:
da:e8:76:35:bd:43:54:c1:c2:75:8a:59:d4:74:96:
d0:31:99:69:fa:c8:8a:c3:ab:fd:12:53:33:86:0e:
59:51:3a:45:9b:79:a2:62:98:0f:d7:40:ca:7a:10:
63:5a:0a:67:f0:37:1e:78:b5:da:de:5e:a9:94:6d:
b7:eb:35:02:1a:9b:dd:2c:0c:16:b3:26:3b:fa:8f:
db:74:34:e1:a6:6d:5d:1c:20:0e:a5:c3:d9:02:9a:
f8:ab:e7:c5:4b:50:20:de:41:2e:3c:4d:d0:ac:6b:
ca:a8:68:6c:54:82:6c:84:e9:f7:e7:c4:d1:23:2b:
cf:28:4b:1c:9b:44:d5:a8:c7:8e:ad:96:91:c5:be:
1a:e8:88:9e:f7:f2:4d:be:08:2b:f4:77:10:d8:5b:
4e:af:6c:ca:f6:1d:f2:3a:9c:24:30:13:09:9d:1e:
4b:1b:b7:aa:c7:4b:1a:47:a3:0d:86:1d:75:e7:e2:
2b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:34:7E:AA:BE:9C:5D:64:1F:17:2E:BE:E5:D9:49:8B:11:6C:FF:57
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/LDR-qr6cXWQfFy6-5dlJixFs_1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.124.0/24
IPv6:
2a0f:5707:aac0::/44
Signature Algorithm: sha256WithRSAEncryption
b9:ef:3d:3c:e6:f1:3b:4e:56:ac:da:3a:90:4e:1c:2b:2a:8c:
db:c0:bb:68:39:e1:19:1b:cb:e1:81:8b:6d:0b:84:44:e3:a0:
62:aa:aa:93:1c:ac:8e:fd:b8:50:b7:fb:7c:fd:42:b2:1e:68:
0f:1c:1e:41:f1:ef:33:4c:b8:2e:84:d2:17:7a:17:a7:02:b1:
2d:8b:c4:f8:56:43:ec:e4:59:b9:6e:d1:c8:ed:4f:6e:5e:28:
a6:f6:76:3a:58:65:e3:fe:e3:56:90:a3:fb:22:53:ff:48:0a:
60:83:1e:e4:6a:75:c1:01:f3:bd:f4:8e:ec:4f:c9:de:62:96:
08:a3:fd:2c:a9:1c:37:45:60:ad:e4:6a:55:17:68:93:7f:28:
ac:6c:30:79:1c:1a:b6:54:75:56:0a:41:12:4a:f8:a5:cb:36:
e3:22:7e:3d:32:cc:da:70:92:c8:14:f9:cb:48:ed:8b:4d:21:
34:38:b7:0f:45:4a:81:b6:53:90:4d:29:38:37:4b:29:35:fa:
f6:e0:15:a2:7c:e4:30:01:ff:38:57:e5:99:ff:e9:6d:0e:26:
aa:f6:06:4f:ff:7e:13:18:97:ee:a6:72:63:82:08:23:75:84:
9b:e7:d7:ed:05:f2:66:52:05:5f:e4:16:48:ae:19:ed:41:3f:
45:9f:36:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyumw7FgkCwkx21IyDc6JHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM0N2VhYWJlOWM1ZDY0MWYxNzJlYmVlNWQ5NDk4YjExNmNmZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4fCIFRADiQzzugw+fR/cqd0BPqF
NJyJS8cAN3Xpsm04kL84kn5fz2fYZQ5qt4nCkYotJfxeRTWElJKM4DmxwiqLR/mf
I9oRLdva6HY1vUNUwcJ1ilnUdJbQMZlp+siKw6v9ElMzhg5ZUTpFm3miYpgP10DK
ehBjWgpn8DceeLXa3l6plG236zUCGpvdLAwWsyY7+o/bdDThpm1dHCAOpcPZApr4
q+fFS1Ag3kEuPE3QrGvKqGhsVIJshOn358TRIyvPKEscm0TVqMeOrZaRxb4a6Iie
9/JNvggr9HcQ2FtOr2zK9h3yOpwkMBMJnR5LG7eqx0saR6MNhh115+IrfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCw0fqq+nF1kHxcuvuXZSYsRbP9XMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvTERSLXFyNmNYV1FmRnk2LTVkbEppeEZzXzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZh8MA8E
AgACMAkDBwQqD1cHqsAwDQYJKoZIhvcNAQELBQADggEBALnvPTzm8TtOVqzaOpBO
HCsqjNvAu2g54Rkby+GBi20LhETjoGKqqpMcrI79uFC3+3z9QrIeaA8cHkHx7zNM
uC6E0hd6F6cCsS2LxPhWQ+zkWblu0cjtT25eKKb2djpYZeP+41aQo/siU/9ICmCD
HuRqdcEB8730juxPyd5ilgij/SypHDdFYK3kalUXaJN/KKxsMHkcGrZUdVYKQRJK
+KXLNuMifj0yzNpwksgU+ctI7YtNITQ4tw9FSoG2U5BNKTg3Syk1+vbgFaJ85DAB
/zhX5Zn/6W0OJqr2Bk//fhMYl+6mcmOCCCN1hJvn1+0F8mZSBV/kFkiuGe1BP0Wf
Nh4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org