Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/LKUj2p3D7wG_ylz2waQCGaPhGJw.roa
File: LKUj2p3D7wG_ylz2waQCGaPhGJw.roa (raw, json)
Hash identifier: xSbQ1Hfh6TMmACIXHJOrcupUZNO1Rsv9rIIJJSTzdgs=
Subject key identifier: 2C:A5:23:DA:9D:C3:EF:01:BF:CA:5C:F6:C1:A4:02:19:A3:E1:18:9C
Certificate issuer: /CN=7c8e7097990e5a67178e297875a0d9f4605892a6
Certificate serial: 01856DDD3E38398D5C1087C8CF66495CAD21
Authority key identifier: 7C:8E:70:97:99:0E:5A:67:17:8E:29:78:75:A0:D9:F4:60:58:92:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fI5wl5kOWmcXjil4daDZ9GBYkqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/LKUj2p3D7wG_ylz2waQCGaPhGJw.roa
Signing time: Sun 01 Jan 2023 15:04:53 +0000
ROA not before: Sun 01 Jan 2023 15:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208315
IP address blocks: 45.142.240.0/22 maxlen: 22
2a0e:dc40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:3e:38:39:8d:5c:10:87:c8:cf:66:49:5c:ad:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c8e7097990e5a67178e297875a0d9f4605892a6
Validity
Not Before: Jan 1 15:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ca523da9dc3ef01bfca5cf6c1a40219a3e1189c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1c:c7:ff:6d:7c:9d:dd:32:34:cb:ff:99:00:
65:fa:84:cb:d7:1b:32:71:11:09:ed:94:9d:0b:7d:
ef:c9:c5:c0:95:54:e7:8d:b2:ae:77:66:84:e4:2b:
32:c7:ce:90:5b:cb:25:7d:b3:7a:9e:bc:03:15:a9:
8f:de:6f:8c:9e:2d:ca:36:a7:fa:01:2e:2e:73:86:
c2:e9:05:f6:92:85:bf:76:4b:63:4b:d0:14:5d:c6:
ac:f3:c5:ea:13:95:7c:81:81:14:da:7d:9c:69:6c:
d5:15:fb:60:f5:9a:d3:05:2b:3c:3d:1f:cd:0a:fa:
a3:12:70:2b:45:3f:67:44:ef:cc:ad:66:18:af:e4:
97:41:b2:70:51:98:9c:c3:39:ef:cd:91:09:82:68:
6b:3d:93:aa:bf:cf:52:c0:de:be:e7:85:43:9c:ec:
c1:8a:da:0b:37:df:6d:1c:ac:4f:6a:f1:53:9c:fa:
c7:93:b4:b0:60:ce:44:bd:56:66:19:e3:25:34:7d:
69:83:ed:60:56:03:30:9f:96:51:7c:f3:d8:f7:57:
6f:b8:cb:6c:af:8e:cb:67:04:a0:9f:87:73:ef:02:
b5:c7:31:24:7a:3b:34:13:46:c5:15:4f:d7:b8:3b:
f0:45:14:eb:c3:45:3d:a1:66:ad:b6:07:fa:11:a1:
19:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A5:23:DA:9D:C3:EF:01:BF:CA:5C:F6:C1:A4:02:19:A3:E1:18:9C
X509v3 Authority Key Identifier:
keyid:7C:8E:70:97:99:0E:5A:67:17:8E:29:78:75:A0:D9:F4:60:58:92:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fI5wl5kOWmcXjil4daDZ9GBYkqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/LKUj2p3D7wG_ylz2waQCGaPhGJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/fI5wl5kOWmcXjil4daDZ9GBYkqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.240.0/22
IPv6:
2a0e:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
4e:a1:7c:a4:5a:31:55:a2:43:03:7d:7c:9e:d0:26:53:58:41:
ff:18:fa:41:3d:f6:2b:16:c8:c5:79:ae:29:3f:51:6c:f6:2a:
bf:66:24:91:de:fc:f1:38:45:b8:c2:eb:c0:f9:04:84:ae:13:
4c:a8:8a:30:42:00:a3:10:ab:66:e8:61:08:3b:a7:4f:c6:6d:
ae:c8:c4:27:ff:6b:90:27:84:75:5b:79:48:63:47:35:99:ff:
61:19:a6:4a:c2:da:f8:83:b8:bd:5e:3e:56:b9:c3:98:88:a1:
06:fb:0b:8c:e0:68:06:36:12:2b:47:a3:21:e4:8c:d7:59:6a:
73:7f:64:78:a0:2d:ea:81:37:e5:5f:cc:aa:3a:9a:ca:87:1c:
c4:3e:28:c7:c9:94:8a:00:95:6d:12:ac:75:78:11:d0:c8:ed:
dd:d9:03:6f:e7:3e:a2:9a:89:84:2d:ae:00:8e:49:f5:35:53:
67:71:d3:df:42:02:fe:18:ca:4a:66:6a:a7:86:08:70:fb:08:
6d:96:d8:b7:b5:fe:f1:25:c4:14:9d:1c:68:0d:cd:f6:13:35:
81:5c:d8:65:82:c2:49:58:3b:c2:30:7a:1f:68:61:4d:8b:0c:
d1:c6:7f:f5:1a:76:15:f2:9b:1f:51:b8:35:25:9c:0a:11:0a:
89:6b:9d:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt3T44OY1cEIfIz2ZJXK0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOGU3MDk3OTkwZTVhNjcxNzhlMjk3ODc1YTBkOWY0NjA1
ODkyYTYwHhcNMjMwMTAxMTUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2E1MjNkYTlkYzNlZjAxYmZjYTVjZjZjMWE0MDIxOWEzZTExODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphzH/218nd0yNMv/mQBl+oTL1xsy
cREJ7ZSdC33vycXAlVTnjbKud2aE5Csyx86QW8slfbN6nrwDFamP3m+Mni3KNqf6
AS4uc4bC6QX2koW/dktjS9AUXcas88XqE5V8gYEU2n2caWzVFftg9ZrTBSs8PR/N
CvqjEnArRT9nRO/MrWYYr+SXQbJwUZicwznvzZEJgmhrPZOqv89SwN6+54VDnOzB
itoLN99tHKxPavFTnPrHk7SwYM5EvVZmGeMlNH1pg+1gVgMwn5ZRfPPY91dvuMts
r47LZwSgn4dz7wK1xzEkejs0E0bFFU/XuDvwRRTrw0U9oWattgf6EaEZXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCylI9qdw+8Bv8pc9sGkAhmj4RicMB8GA1UdIwQY
MBaAFHyOcJeZDlpnF44peHWg2fRgWJKmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkk1d2w1a09XbWNYamlsNGRhRFo5R0JZa3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84YWNhZjctZTBjYS00MzQ0LTlkZmQt
YThhYzQxODA5ZjVmLzEvTEtVajJwM0Q3d0dfeWx6MndhUUNHYVBoR0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84YWNhZjctZTBjYS00MzQ0LTlkZmQtYThhYzQxODA5ZjVm
LzEvZkk1d2w1a09XbWNYamlsNGRhRFo5R0JZa3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY7wMA0E
AgACMAcDBQMqDtxAMA0GCSqGSIb3DQEBCwUAA4IBAQBOoXykWjFVokMDfXye0CZT
WEH/GPpBPfYrFsjFea4pP1Fs9iq/ZiSR3vzxOEW4wuvA+QSErhNMqIowQgCjEKtm
6GEIO6dPxm2uyMQn/2uQJ4R1W3lIY0c1mf9hGaZKwtr4g7i9Xj5WucOYiKEG+wuM
4GgGNhIrR6Mh5IzXWWpzf2R4oC3qgTflX8yqOprKhxzEPijHyZSKAJVtEqx1eBHQ
yO3d2QNv5z6imomELa4Ajkn1NVNncdPfQgL+GMpKZmqnhghw+whtlti3tf7xJcQU
nRxoDc32EzWBXNhlgsJJWDvCMHofaGFNiwzRxn/1GnYV8psfUbg1JZwKEQqJa51t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:18 2024 by rpki-client on console-ams.rpki-client.org