Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LbDWsS4tRmpkBJcbAs4VBgjbhnI.roa
File: LbDWsS4tRmpkBJcbAs4VBgjbhnI.roa (raw, json)
Hash identifier: 72UfjJk2gXmvvPeBiHgAUGhCiMdIcmXoiK1g1BfLsyE=
Subject key identifier: 2D:B0:D6:B1:2E:2D:46:6A:64:04:97:1B:02:CE:15:06:08:DB:86:72
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0186BC47648D7D423D4EF635262F166B6741
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LbDWsS4tRmpkBJcbAs4VBgjbhnI.roa
Signing time: Tue 07 Mar 2023 13:34:00 +0000
ROA not before: Tue 07 Mar 2023 13:34:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 45.90.16.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Mar 2023 08:33:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:47:64:8d:7d:42:3d:4e:f6:35:26:2f:16:6b:67:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 7 13:34:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2db0d6b12e2d466a6404971b02ce150608db8672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5e:df:bc:97:35:4f:d7:39:86:68:fd:0e:51:
2b:a8:56:5b:bf:df:3f:d4:6c:82:9d:7d:f7:41:7e:
0f:3a:d1:39:20:e8:d8:4f:6b:6d:61:6b:a9:7a:6d:
83:42:c6:b0:0c:0f:11:94:c5:03:bf:6f:6f:20:22:
b7:b7:02:ed:5c:19:28:43:92:70:fe:07:2f:26:b6:
7d:cf:45:83:c7:e1:4a:7c:07:fa:0b:3c:bf:c4:3c:
86:7b:de:78:f4:1a:f9:65:b8:69:60:51:65:52:6f:
b9:ca:1a:ae:a5:f8:30:ba:d7:d6:f6:69:44:bd:b6:
d2:25:f0:c6:d2:10:2e:e8:fe:e8:f1:1b:ea:09:69:
a6:6f:19:98:b8:b3:da:52:f2:4b:0f:9c:18:ea:e4:
c8:37:48:ec:c7:71:1e:d7:ec:ea:a7:50:88:d7:9c:
fc:27:e0:df:7c:9b:1d:26:16:a4:18:36:74:b8:14:
16:80:30:e9:ec:ab:66:d4:aa:fe:9d:04:d3:47:68:
ba:d1:ae:1a:18:ea:10:32:09:4c:63:91:a8:fc:66:
c0:11:ab:11:64:d1:cc:83:3b:a1:6a:d0:54:9d:0f:
b2:c3:6f:7e:70:81:55:7c:5e:09:b1:58:97:90:15:
5b:e6:35:46:5d:3b:d7:9d:fd:ec:b8:76:83:9d:76:
01:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B0:D6:B1:2E:2D:46:6A:64:04:97:1B:02:CE:15:06:08:DB:86:72
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LbDWsS4tRmpkBJcbAs4VBgjbhnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
45.131.134.0/24
193.58.144.0/24
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
52:dd:bb:0e:0a:32:5b:d0:a4:1e:f5:63:46:4e:17:7d:39:f8:
a9:b2:c8:9e:6f:b2:8e:23:d6:75:2a:9a:82:98:62:72:af:01:
ba:f8:bf:e8:36:e0:53:87:08:3b:7e:be:99:10:4a:34:b8:7e:
1a:40:9f:7c:cf:a8:9e:d4:04:c9:36:e7:1b:6d:f8:b2:12:dd:
06:e6:f1:56:b8:a2:19:75:a6:24:7c:f0:c5:0d:f4:b3:36:9e:
b7:2a:14:39:3d:ba:1e:22:58:47:c3:f4:51:dd:71:d2:50:b8:
64:4e:a6:73:96:42:49:ac:f9:e6:01:f3:04:e6:83:5c:03:99:
a5:0d:4c:ca:f0:02:3f:a0:0a:c3:b6:c0:91:a7:5c:e1:a6:c0:
55:31:ab:90:00:32:d9:11:a8:e4:67:e0:28:b8:b5:a6:81:6a:
f2:a8:ba:08:b0:ec:44:f3:91:f8:94:b6:46:cf:6a:ac:f5:5f:
e8:c1:d3:c7:fe:2c:8c:e6:a5:65:7c:69:9f:10:8b:51:02:8b:
ab:f0:b4:fd:16:4c:af:9e:63:43:61:2e:a7:3a:cf:3b:d4:46:
7b:01:54:0c:e6:69:7a:dc:4a:29:ce:5d:86:de:c1:af:af:7d:
9c:64:c2:0a:b5:50:88:08:5d:b3:5d:05:10:4c:88:e9:7b:a9:
38:06:a7:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYa8R2SNfUI9TvY1Ji8Wa2dBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMzA3MTMzNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIwZDZiMTJlMmQ0NjZhNjQwNDk3MWIwMmNlMTUwNjA4ZGI4NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl7fvJc1T9c5hmj9DlErqFZbv98/
1GyCnX33QX4POtE5IOjYT2ttYWupem2DQsawDA8RlMUDv29vICK3twLtXBkoQ5Jw
/gcvJrZ9z0WDx+FKfAf6Czy/xDyGe9549Br5ZbhpYFFlUm+5yhqupfgwutfW9mlE
vbbSJfDG0hAu6P7o8RvqCWmmbxmYuLPaUvJLD5wY6uTIN0jsx3Ee1+zqp1CI15z8
J+DffJsdJhakGDZ0uBQWgDDp7Ktm1Kr+nQTTR2i60a4aGOoQMglMY5Go/GbAEasR
ZNHMgzuhatBUnQ+yw29+cIFVfF4JsViXkBVb5jVGXTvXnf3suHaDnXYBPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC2w1rEuLUZqZASXGwLOFQYI24ZyMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTGJEV3NTNHRSbXBrQkpjYkFzNFZCZ2piaG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVoQAwQA
LYOGAwQAwTqQAwQAwpMQMA0GCSqGSIb3DQEBCwUAA4IBAQBS3bsOCjJb0KQe9WNG
Thd9Ofipssieb7KOI9Z1KpqCmGJyrwG6+L/oNuBThwg7fr6ZEEo0uH4aQJ98z6ie
1ATJNucbbfiyEt0G5vFWuKIZdaYkfPDFDfSzNp63KhQ5PboeIlhHw/RR3XHSULhk
TqZzlkJJrPnmAfME5oNcA5mlDUzK8AI/oArDtsCRp1zhpsBVMauQADLZEajkZ+Ao
uLWmgWryqLoIsOxE85H4lLZGz2qs9V/owdPH/iyM5qVlfGmfEItRAour8LT9Fkyv
nmNDYS6nOs871EZ7AVQM5ml63Eopzl2G3sGvr32cZMIKtVCICF2zXQUQTIjpe6k4
Bqeb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org