Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ldDb-6FmYnTDzryMl0LtfkPU0vk.roa
File: ldDb-6FmYnTDzryMl0LtfkPU0vk.roa (raw, json)
Hash identifier: S5zCZOPT0EJDxAw3TjdovaTHuBSXyURj9cSmFnwZtW4=
Subject key identifier: 95:D0:DB:FB:A1:66:62:74:C3:CE:BC:8C:97:42:ED:7E:43:D4:D2:F9
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018A0F11E4F3E9F4710DB57DEF48BCFB8804
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ldDb-6FmYnTDzryMl0LtfkPU0vk.roa
Signing time: Sat 19 Aug 2023 18:32:25 +0000
ROA not before: Sat 19 Aug 2023 18:32:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 176.105.231.0/24 maxlen: 24
45.150.55.0/24 maxlen: 24
81.28.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 05:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0f:11:e4:f3:e9:f4:71:0d:b5:7d:ef:48:bc:fb:88:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Aug 19 18:32:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95d0dbfba1666274c3cebc8c9742ed7e43d4d2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:5b:22:b6:28:03:0e:d2:ba:79:a0:14:83:
1a:94:1d:cb:f6:3b:49:dc:e8:dc:09:97:ee:1b:2a:
2c:51:32:f2:f8:72:44:f2:cc:d8:30:43:4d:b9:b2:
e2:89:39:20:a3:53:01:d2:e7:d2:56:df:e1:cd:73:
16:93:60:4c:3f:61:7c:1c:f1:8a:44:a9:65:13:61:
1c:f9:6f:5d:74:80:98:81:56:a2:d2:fb:57:42:0f:
43:77:17:cf:00:a0:4e:9b:75:33:6d:c5:7d:d3:df:
b5:42:7d:7e:65:83:39:3b:ab:58:52:99:4c:48:21:
49:3c:b2:e7:b5:3a:22:31:90:c6:4e:8c:c9:22:89:
16:6d:3e:75:22:ce:62:fa:25:aa:9f:b6:46:1f:62:
c0:2c:53:1e:a2:fa:59:27:6b:c4:eb:92:7b:45:19:
24:72:51:b7:77:4a:09:b1:c6:5c:56:98:fe:1a:06:
33:f6:95:42:80:a6:60:89:ed:be:79:18:f8:09:94:
fa:bf:dd:07:62:03:93:36:b7:3d:7e:84:f8:bd:94:
37:66:49:11:5f:6f:85:e2:c9:1c:f1:07:9e:ed:22:
cf:88:24:88:99:03:65:c6:c9:70:7e:84:87:e0:e4:
f0:2d:2a:5d:1f:98:d9:98:3d:8f:b1:7b:c1:5d:9b:
2f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D0:DB:FB:A1:66:62:74:C3:CE:BC:8C:97:42:ED:7E:43:D4:D2:F9
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ldDb-6FmYnTDzryMl0LtfkPU0vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.55.0/24
81.28.252.0/24
176.105.231.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:14:43:c6:f2:b5:53:36:1a:8e:39:8c:99:ef:16:68:33:c0:
c4:8a:b4:36:ca:5c:b0:80:8c:dd:03:47:f7:10:50:67:b1:b1:
c1:4c:1e:f2:8d:5f:9d:7f:a4:ab:ba:f1:30:18:8b:e1:90:ff:
59:44:b3:10:7f:68:90:22:a8:a6:c8:ad:d2:20:3c:43:d9:79:
c7:9e:27:16:53:ac:cb:71:67:55:e2:a1:ce:b5:08:4d:a6:7c:
91:80:96:2b:80:5c:0b:0a:fc:d9:10:f1:3b:cb:56:2f:ef:1b:
7f:08:15:a2:10:8f:bc:49:dc:9c:72:71:3f:88:1c:58:11:fd:
b9:54:87:71:f0:44:f6:e2:38:77:d1:d9:19:46:56:ee:f2:bc:
f8:f2:09:37:3d:00:0c:c3:b4:e1:91:03:af:1f:40:ba:90:a8:
19:52:ff:4a:8f:0c:f3:e6:49:8c:64:77:cf:19:49:c9:27:3b:
f9:ee:8e:6f:89:de:8d:8e:77:5b:37:1e:26:f5:1a:94:c9:6d:
55:e5:7d:7f:08:bb:f3:59:dd:7e:6c:22:9a:bc:06:cb:10:0b:
6e:8a:bf:80:ff:ff:c7:1a:37:b3:4d:99:09:e9:69:ed:37:0c:
fa:4a:d5:62:82:c6:21:ad:d7:b8:a7:b2:d7:25:c6:fe:58:f9:
48:20:82:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoPEeTz6fRxDbV970i8+4gEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMwODE5MTgzMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQwZGJmYmExNjY2Mjc0YzNjZWJjOGM5NzQyZWQ3ZTQzZDRkMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIJbIrYoAw7SunmgFIMalB3L9jtJ
3OjcCZfuGyosUTLy+HJE8szYMENNubLiiTkgo1MB0ufSVt/hzXMWk2BMP2F8HPGK
RKllE2Ec+W9ddICYgVai0vtXQg9DdxfPAKBOm3UzbcV909+1Qn1+ZYM5O6tYUplM
SCFJPLLntToiMZDGTozJIokWbT51Is5i+iWqn7ZGH2LALFMeovpZJ2vE65J7RRkk
clG3d0oJscZcVpj+GgYz9pVCgKZgie2+eRj4CZT6v90HYgOTNrc9foT4vZQ3ZkkR
X2+F4skc8Qee7SLPiCSImQNlxslwfoSH4OTwLSpdH5jZmD2PsXvBXZsv0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJXQ2/uhZmJ0w868jJdC7X5D1NL5MB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvbGREYi02Rm1ZblREenJ5TWwwTHRma1BVMHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZY3AwQA
URz8AwQAsGnnMA0GCSqGSIb3DQEBCwUAA4IBAQBcFEPG8rVTNhqOOYyZ7xZoM8DE
irQ2ylywgIzdA0f3EFBnsbHBTB7yjV+df6SruvEwGIvhkP9ZRLMQf2iQIqimyK3S
IDxD2XnHnicWU6zLcWdV4qHOtQhNpnyRgJYrgFwLCvzZEPE7y1Yv7xt/CBWiEI+8
SdyccnE/iBxYEf25VIdx8ET24jh30dkZRlbu8rz48gk3PQAMw7ThkQOvH0C6kKgZ
Uv9Kjwzz5kmMZHfPGUnJJzv57o5vid6NjndbNx4m9RqUyW1V5X1/CLvzWd1+bCKa
vAbLEAtuir+A///HGjezTZkJ6WntNwz6StVigsYhrde4p7LXJcb+WPlIIIIJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:49 2024 by rpki-client on console-ams.rpki-client.org