Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lUbQNcgJ5Ff_5VOmH6HpAQ2qHDs.roa
File: lUbQNcgJ5Ff_5VOmH6HpAQ2qHDs.roa (raw, json)
Hash identifier: gnsE/RgHVHTrj8/bg+BRDYDGboXWnei/NTBLRsZnS78=
Subject key identifier: 95:46:D0:35:C8:09:E4:57:FF:E5:53:A6:1F:A1:E9:01:0D:AA:1C:3B
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018BFC2E69E71AB840BD3A29D689F2A37B4C
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lUbQNcgJ5Ff_5VOmH6HpAQ2qHDs.roa
Signing time: Thu 23 Nov 2023 12:36:22 +0000
ROA not before: Thu 23 Nov 2023 12:36:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47895
IP address blocks: 45.132.253.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
45.132.252.0/22 maxlen: 22
45.132.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 16:59:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:2e:69:e7:1a:b8:40:bd:3a:29:d6:89:f2:a3:7b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 23 12:36:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9546d035c809e457ffe553a61fa1e9010daa1c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:39:24:d5:41:fd:08:1d:8a:91:0f:36:80:
4d:01:61:dc:7f:02:de:50:d9:e9:be:e5:01:a4:81:
d0:d3:10:cf:8a:fe:d3:c3:83:96:6b:81:25:09:e7:
7c:51:2b:ff:a8:ee:67:30:5f:a7:25:6a:1e:bc:58:
8f:0b:1d:55:18:68:64:bb:0a:01:85:d8:30:35:48:
43:58:21:88:6c:93:6b:99:3b:d4:ab:40:a6:b5:45:
85:88:3f:cf:76:4f:f2:62:b0:b5:bb:25:96:56:a8:
83:56:d2:5c:12:b8:90:ee:c7:aa:a4:41:50:24:6c:
11:c3:bb:6a:cb:32:35:ca:93:90:05:e6:c5:fe:5a:
c3:8a:ba:e1:95:9e:73:4f:44:af:66:6c:32:ee:36:
2a:c4:b2:2a:ac:b3:0d:2a:b0:08:8a:99:ed:d9:05:
6d:c4:a3:62:ad:33:d2:d6:ce:6a:39:8b:f5:f6:24:
66:95:ca:3d:4c:d1:20:cd:74:0b:41:ef:55:e2:5d:
77:a9:54:16:b9:80:ad:9a:66:d0:32:71:63:f1:97:
4c:c0:e3:29:e5:3e:6f:60:4d:e5:f3:9e:fb:c9:79:
38:a3:d0:22:ae:b1:1f:cc:47:dd:01:70:bd:9e:27:
4c:6e:e8:93:4b:d4:81:c7:11:a2:6d:bf:35:00:e9:
ba:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:46:D0:35:C8:09:E4:57:FF:E5:53:A6:1F:A1:E9:01:0D:AA:1C:3B
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lUbQNcgJ5Ff_5VOmH6HpAQ2qHDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:9e:00:fa:ed:5a:f9:70:21:6f:1d:08:2e:cd:18:c6:94:32:
dd:74:6e:77:78:38:52:b9:1d:29:7b:2c:4d:f0:4f:ee:9d:02:
f5:bc:4e:d1:1f:45:64:08:6c:98:a8:0d:a6:6c:44:16:ed:9b:
fa:0b:35:d8:d5:7e:52:85:d2:96:cb:87:59:80:e4:4b:14:70:
af:a5:a9:f0:43:e5:07:44:5d:4e:c6:6c:7d:7c:c3:a4:19:ab:
49:3a:07:cc:7b:b4:fe:af:53:da:7a:7f:f2:a1:ee:5d:0e:e6:
59:84:51:52:06:04:b6:11:79:18:98:3e:08:dc:c0:33:99:24:
d6:0b:f1:76:40:ca:78:4d:e9:1b:55:96:8a:a5:2b:36:16:d8:
08:6a:68:b2:a7:9c:40:50:16:e1:15:12:be:3d:14:27:d3:7b:
f5:3b:16:ea:6b:e3:3e:00:95:ef:4c:ba:af:2c:29:73:a6:15:
8f:ba:82:91:48:6b:66:72:06:38:68:d5:f9:ea:07:65:9e:85:
5b:47:d4:0a:25:8f:af:75:31:21:20:c3:b9:d8:4e:8e:d1:c9:
47:2d:a7:75:e0:33:e7:e3:8d:51:3e:82:40:3c:33:c1:ac:14:
84:cd:8b:c6:ad:96:07:a0:c1:80:e9:57:b4:37:d3:f4:d8:8c:
f3:6b:a8:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv8LmnnGrhAvTop1onyo3tMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTIzMTIzNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ2ZDAzNWM4MDllNDU3ZmZlNTUzYTYxZmExZTkwMTBkYWExYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf85JNVB/QgdipEPNoBNAWHcfwLe
UNnpvuUBpIHQ0xDPiv7Tw4OWa4ElCed8USv/qO5nMF+nJWoevFiPCx1VGGhkuwoB
hdgwNUhDWCGIbJNrmTvUq0CmtUWFiD/Pdk/yYrC1uyWWVqiDVtJcEriQ7seqpEFQ
JGwRw7tqyzI1ypOQBebF/lrDirrhlZ5zT0SvZmwy7jYqxLIqrLMNKrAIipnt2QVt
xKNirTPS1s5qOYv19iRmlco9TNEgzXQLQe9V4l13qVQWuYCtmmbQMnFj8ZdMwOMp
5T5vYE3l8577yXk4o9AirrEfzEfdAXC9nidMbuiTS9SBxxGibb81AOm68QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVG0DXICeRX/+VTph+h6QENqhw7MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbFViUU5jZ0o1RmZfNVZPbUg2SHBBUTJxSERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYT8MA0G
CSqGSIb3DQEBCwUAA4IBAQCmngD67Vr5cCFvHQguzRjGlDLddG53eDhSuR0peyxN
8E/unQL1vE7RH0VkCGyYqA2mbEQW7Zv6CzXY1X5ShdKWy4dZgORLFHCvpanwQ+UH
RF1Oxmx9fMOkGatJOgfMe7T+r1Paen/yoe5dDuZZhFFSBgS2EXkYmD4I3MAzmSTW
C/F2QMp4TekbVZaKpSs2FtgIamiyp5xAUBbhFRK+PRQn03v1Oxbqa+M+AJXvTLqv
LClzphWPuoKRSGtmcgY4aNX56gdlnoVbR9QKJY+vdTEhIMO52E6O0clHLad14DPn
441RPoJAPDPBrBSEzYvGrZYHoMGA6Ve0N9P02Izza6iF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org