Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Lpgt48s3pbOYpH7XmUrkTg-D4Xc.roa
File: Lpgt48s3pbOYpH7XmUrkTg-D4Xc.roa (raw, json)
Hash identifier: dj9ncfoMf0CbrR79yRvmbFk3cWL4zlHVM/StN+vs6n0=
Subject key identifier: 2E:98:2D:E3:CB:37:A5:B3:98:A4:7E:D7:99:4A:E4:4E:0F:83:E1:77
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188D56FA5DA06A3406009865A55254DCA25
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Lpgt48s3pbOYpH7XmUrkTg-D4Xc.roa
Signing time: Mon 19 Jun 2023 20:54:03 +0000
ROA not before: Mon 19 Jun 2023 20:54:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.226.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 20 Jun 2023 08:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d5:6f:a5:da:06:a3:40:60:09:86:5a:55:25:4d:ca:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 19 20:54:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e982de3cb37a5b398a47ed7994ae44e0f83e177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6e:12:1b:46:2f:96:36:a0:0c:8d:1a:9c:5b:
2f:50:9f:f3:e9:5f:7d:80:77:e5:02:6a:99:0f:12:
3e:ab:39:d7:6e:a6:b3:da:6b:57:81:7b:b0:c9:47:
0a:d0:bb:72:e7:5a:a2:30:36:5e:a2:a9:24:35:f6:
44:06:fb:57:8d:b6:33:81:ba:0b:01:a6:0c:65:75:
68:83:7b:46:dc:2e:1e:e1:5b:d6:b2:d2:4f:56:24:
85:b0:45:e9:fe:df:03:6d:f5:24:26:e0:89:21:b7:
30:ab:fd:d7:16:b8:ea:3d:c5:47:e2:62:c8:dd:09:
f3:94:97:bf:95:36:5f:2a:a3:4a:79:86:3a:7d:b1:
32:e3:af:8f:18:7d:e5:d0:ad:7b:31:46:83:d7:82:
5b:33:7c:36:ca:d7:c2:1b:c2:fa:e2:41:7c:65:66:
18:df:6b:f2:1d:b7:31:af:5d:61:e8:8d:b3:1d:cb:
4e:94:40:c7:02:a6:e0:c3:c1:8e:c9:0a:07:e7:a1:
71:ba:e6:be:b0:97:51:6a:38:8c:ec:ee:ab:2c:13:
60:b9:fb:d7:44:63:32:70:8a:ac:86:f3:7a:50:05:
c7:01:44:75:63:03:6a:01:41:62:c4:d8:01:17:d7:
35:76:22:24:65:0a:4e:62:ab:5a:c1:95:c3:5a:62:
fc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:98:2D:E3:CB:37:A5:B3:98:A4:7E:D7:99:4A:E4:4E:0F:83:E1:77
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Lpgt48s3pbOYpH7XmUrkTg-D4Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
45.147.226.0/24
185.225.0.0/23
185.246.112.0/24
193.58.145.0-193.58.147.255
194.147.16.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:5c:47:0e:41:c1:dd:d7:3d:06:3d:ce:7f:c2:f0:0b:b0:cb:
62:24:35:ed:f5:09:ce:72:ca:7b:92:9d:4b:c6:37:d9:95:df:
e5:cb:93:a1:94:c7:1f:a6:66:b6:c8:10:4c:91:fd:36:40:14:
3e:a0:fb:39:03:e7:ef:6c:7c:f3:2f:ad:4d:2a:b1:4c:bc:5d:
87:ea:c6:65:16:a2:74:3d:a5:ce:f9:ae:8c:db:fb:38:5e:34:
40:33:3b:a1:dd:d9:16:78:b8:95:9f:50:ba:9e:cd:f4:19:7b:
68:16:77:b8:e8:2e:8a:d7:77:4b:31:96:49:1e:e3:6f:79:c1:
ca:4c:33:2c:27:42:6f:6b:90:87:95:52:d0:4b:d2:2f:a0:aa:
01:7e:18:0d:7b:66:45:df:4d:17:af:ab:97:e0:8e:5b:20:b1:
d6:02:2c:1c:aa:4f:b4:36:83:01:ca:d2:41:f5:a7:33:e5:e7:
6d:7b:a0:ee:5e:66:4f:2e:3b:cb:c9:b1:97:a2:95:43:44:66:
26:20:6e:3e:4a:59:af:9d:42:4b:0b:8d:76:7c:de:a7:3a:ab:
4e:d9:58:71:82:76:6f:ec:77:9f:d6:77:63:b3:f6:27:ef:b3:
60:26:49:10:19:cf:3c:d2:08:07:e3:b5:ec:77:2b:9f:91:11:
83:51:2b:d1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYjVb6XaBqNAYAmGWlUlTcolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjE5MjA1NDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTk4MmRlM2NiMzdhNWIzOThhNDdlZDc5OTRhZTQ0ZTBmODNlMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG4SG0YvljagDI0anFsvUJ/z6V99
gHflAmqZDxI+qznXbqaz2mtXgXuwyUcK0Lty51qiMDZeoqkkNfZEBvtXjbYzgboL
AaYMZXVog3tG3C4e4VvWstJPViSFsEXp/t8DbfUkJuCJIbcwq/3XFrjqPcVH4mLI
3QnzlJe/lTZfKqNKeYY6fbEy46+PGH3l0K17MUaD14JbM3w2ytfCG8L64kF8ZWYY
32vyHbcxr11h6I2zHctOlEDHAqbgw8GOyQoH56Fxuua+sJdRajiM7O6rLBNgufvX
RGMycIqshvN6UAXHAUR1YwNqAUFixNgBF9c1diIkZQpOYqtawZXDWmL8zwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFC6YLePLN6WzmKR+15lK5E4Pg+F3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTHBndDQ4czNwYk9ZcEg3WG1VcmtUZy1ENFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQgVAwQA
LZPgAwQALZPiAwQBueEAAwQAufZwMAwDBADBOpEDBALBOpADBAHCkxAwDQYJKoZI
hvcNAQELBQADggEBAFpcRw5Bwd3XPQY9zn/C8Auwy2IkNe31Cc5yynuSnUvGN9mV
3+XLk6GUxx+mZrbIEEyR/TZAFD6g+zkD5+9sfPMvrU0qsUy8XYfqxmUWonQ9pc75
rozb+zheNEAzO6Hd2RZ4uJWfULqezfQZe2gWd7joLorXd0sxlkke4295wcpMMywn
Qm9rkIeVUtBL0i+gqgF+GA17ZkXfTRevq5fgjlsgsdYCLByqT7Q2gwHK0kH1pzPl
5217oO5eZk8uO8vJsZeilUNEZiYgbj5KWa+dQksLjXZ83qc6q07ZWHGCdm/sd5/W
d2Oz9ifvs2AmSRAZzzzSCAfjtex3K5+REYNRK9E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org