Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/LEh7jwfHSALF8qhTc3a5NX3zK2s.roa
File: LEh7jwfHSALF8qhTc3a5NX3zK2s.roa (raw, json)
Hash identifier: sfjFqkAJ8sGEtbrjvBQuC5tsyTXqhtzMZw0S6rRbQWM=
Subject key identifier: 2C:48:7B:8F:07:C7:48:02:C5:F2:A8:53:73:76:B9:35:7D:F3:2B:6B
Certificate issuer: /CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Certificate serial: 018AF5079E63C41265CBDE0168C46FD91AE4
Authority key identifier: C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/LEh7jwfHSALF8qhTc3a5NX3zK2s.roa
Signing time: Tue 03 Oct 2023 10:13:51 +0000
ROA not before: Tue 03 Oct 2023 10:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 212.8.229.0/24 maxlen: 24
45.134.12.0/24 maxlen: 24
45.134.14.0/24 maxlen: 24
45.134.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:07:9e:63:c4:12:65:cb:de:01:68:c4:6f:d9:1a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Validity
Not Before: Oct 3 10:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c487b8f07c74802c5f2a8537376b9357df32b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ef:ed:6e:8c:7e:f1:96:be:2a:24:e8:11:42:
84:c0:ce:b5:6d:24:cf:3b:3b:33:98:89:e6:a2:8f:
87:96:04:d9:0e:32:df:31:c4:3b:21:23:73:93:c5:
f3:39:80:92:82:80:18:05:64:37:ab:8d:7f:8b:85:
11:b0:bb:3e:dd:01:4e:47:2d:00:85:8c:20:c6:7e:
1a:70:01:92:d1:6a:e5:08:8f:f9:96:c3:ed:d0:94:
d4:4d:a3:08:12:a3:bd:7c:ad:43:34:09:7c:de:68:
8c:c8:a1:c7:6b:25:44:28:e6:d8:fa:94:eb:1f:ed:
33:36:9a:4b:8a:95:34:32:5e:37:21:a8:4a:8b:0e:
0d:43:68:39:6c:a7:18:49:87:34:6e:cc:d1:5a:cf:
11:b0:37:09:cc:ba:0e:ff:52:8d:8a:1f:73:32:74:
d9:fc:d1:e6:f9:0e:8d:e2:64:1f:9d:2a:6e:51:9c:
c0:8e:1e:e4:6d:08:52:72:30:18:0a:c2:9e:be:a9:
1e:89:d5:7e:04:52:15:84:59:e4:f2:aa:08:cd:2b:
5f:8e:9e:56:5d:36:ea:8a:fb:27:d5:01:a4:61:28:
bf:9f:2e:cd:d5:75:a2:32:dd:11:26:70:c3:6c:ed:
3e:8e:7a:00:3f:35:0a:3e:52:01:77:0f:30:f8:2d:
7f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:48:7B:8F:07:C7:48:02:C5:F2:A8:53:73:76:B9:35:7D:F3:2B:6B
X509v3 Authority Key Identifier:
keyid:C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/LEh7jwfHSALF8qhTc3a5NX3zK2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/24
45.134.14.0/23
212.8.229.0/24
Signature Algorithm: sha256WithRSAEncryption
21:29:2d:38:33:92:26:31:0a:fc:ae:1d:7e:78:58:51:04:3b:
45:51:ef:f5:37:1d:27:a1:07:60:e1:18:c1:90:6d:f8:8b:91:
be:5e:e2:f7:c8:d8:08:7c:55:65:0e:a5:bb:cd:5d:da:57:fc:
3d:9d:d4:fa:0c:77:95:bb:b9:80:da:3a:17:ee:d7:a0:08:30:
e0:19:17:5b:f8:78:d7:78:03:9c:38:ef:61:b5:d5:f9:54:a5:
b9:b3:6b:41:79:a2:8b:a6:b1:61:d2:37:41:76:95:db:bc:7e:
27:01:e9:48:79:75:14:44:89:ae:8c:93:c1:ec:b4:94:88:4d:
d0:8c:91:74:c7:40:25:93:7c:bd:bb:ca:5b:45:ce:3f:3f:eb:
04:ed:2d:78:39:16:7e:f5:82:5f:d3:ae:74:9e:33:d3:ba:91:
58:24:62:62:66:37:04:2e:c1:86:08:f8:b3:82:7f:74:c8:e6:
cc:2d:a7:93:14:a9:d0:ba:39:d6:76:1e:11:a9:c9:93:e5:cb:
7b:10:c5:ba:29:01:fa:76:55:f9:df:dd:11:39:aa:c1:b8:89:
72:51:42:ff:f5:ac:2a:e1:ee:82:c1:58:51:ea:93:80:15:93:
44:14:ab:d4:35:e6:d5:c7:28:6c:f6:1b:f4:60:28:91:44:07:
7b:e5:4c:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr1B55jxBJly94BaMRv2RrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTY5NzE2ZDBhZTY0MDY4NzAzMTQwYWEzNzMwZTM3ODhm
ZGQ0YzYwHhcNMjMxMDAzMTAxMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzQ4N2I4ZjA3Yzc0ODAyYzVmMmE4NTM3Mzc2YjkzNTdkZjMyYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO/tbox+8Za+KiToEUKEwM61bSTP
OzszmInmoo+HlgTZDjLfMcQ7ISNzk8XzOYCSgoAYBWQ3q41/i4URsLs+3QFORy0A
hYwgxn4acAGS0WrlCI/5lsPt0JTUTaMIEqO9fK1DNAl83miMyKHHayVEKObY+pTr
H+0zNppLipU0Ml43IahKiw4NQ2g5bKcYSYc0bszRWs8RsDcJzLoO/1KNih9zMnTZ
/NHm+Q6N4mQfnSpuUZzAjh7kbQhScjAYCsKevqkeidV+BFIVhFnk8qoIzStfjp5W
XTbqivsn1QGkYSi/ny7N1XWiMt0RJnDDbO0+jnoAPzUKPlIBdw8w+C1/DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCxIe48Hx0gCxfKoU3N2uTV98ytrMB8GA1UdIwQY
MBaAFMYWlxbQrmQGhwMUCqNzDjeI/dTGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2Yt
MDQyNDQ2YjcwZmIxLzEvTEVoN2p3ZkhTQUxGOHFoVGMzYTVOWDN6SzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2YtMDQyNDQ2YjcwZmIx
LzEveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYYMAwQB
LYYOAwQA1AjlMA0GCSqGSIb3DQEBCwUAA4IBAQAhKS04M5ImMQr8rh1+eFhRBDtF
Ue/1Nx0noQdg4RjBkG34i5G+XuL3yNgIfFVlDqW7zV3aV/w9ndT6DHeVu7mA2joX
7tegCDDgGRdb+HjXeAOcOO9htdX5VKW5s2tBeaKLprFh0jdBdpXbvH4nAelIeXUU
RImujJPB7LSUiE3QjJF0x0Alk3y9u8pbRc4/P+sE7S14ORZ+9YJf0650njPTupFY
JGJiZjcELsGGCPizgn90yObMLaeTFKnQujnWdh4RqcmT5ct7EMW6KQH6dlX5390R
OarBuIlyUUL/9awq4e6CwVhR6pOAFZNEFKvUNebVxyhs9hv0YCiRRAd75Uxa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:34 2024 by rpki-client on console-fra.rpki-client.org