Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c3b570-ed44-4ecb-9af7-dcce563f603f/1/lkXdrX18PC52KMZoB6vGspcqjOI.roa
File: lkXdrX18PC52KMZoB6vGspcqjOI.roa (raw, json)
Hash identifier: QDRF+8lOHw4XsxMhXyFWtw5Tv7Pnqb5fL6Q4IvbPqiI=
Subject key identifier: 96:45:DD:AD:7D:7C:3C:2E:76:28:C6:68:07:AB:C6:B2:97:2A:8C:E2
Certificate issuer: /CN=11f23f1c7f321099ac27745d8caf64bc528a3e92
Certificate serial: 018ADA5A5301DE83ACAA941C831831B1BFCD
Authority key identifier: 11:F2:3F:1C:7F:32:10:99:AC:27:74:5D:8C:AF:64:BC:52:8A:3E:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EfI_HH8yEJmsJ3RdjK9kvFKKPpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c3b570-ed44-4ecb-9af7-dcce563f603f/1/lkXdrX18PC52KMZoB6vGspcqjOI.roa
Signing time: Thu 28 Sep 2023 05:54:27 +0000
ROA not before: Thu 28 Sep 2023 05:54:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39699
IP address blocks: 45.152.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:5a:53:01:de:83:ac:aa:94:1c:83:18:31:b1:bf:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11f23f1c7f321099ac27745d8caf64bc528a3e92
Validity
Not Before: Sep 28 05:54:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9645ddad7d7c3c2e7628c66807abc6b2972a8ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0c:cf:8e:47:5f:f1:05:d7:e0:ff:a0:68:3a:
4c:91:d1:bf:4b:6f:6a:32:78:72:b4:d1:87:4c:de:
49:79:de:88:37:03:c9:11:f8:40:c4:a0:27:f4:61:
b6:c6:45:50:a6:15:11:b7:65:55:39:43:34:0d:0d:
53:36:b3:8a:fb:f1:75:0f:0a:f4:b1:10:f2:ef:64:
9b:cc:4d:e3:40:96:79:6e:9c:c5:64:54:23:6b:37:
e2:fd:b8:b1:f6:4f:3b:fd:9e:79:00:f5:e0:96:b1:
e1:9d:d4:b8:c9:22:82:97:18:99:65:1c:d1:4a:fc:
a9:2f:9b:5f:46:3f:4d:e2:e9:f6:73:3f:6d:6f:a5:
8f:2d:40:31:c9:0a:34:a8:6d:ce:dd:7f:64:db:5d:
57:68:13:30:8b:af:c3:d4:a3:c6:8f:b3:cc:75:fa:
f4:e5:de:22:e1:a5:08:0b:7d:a7:15:ad:17:a7:19:
66:73:28:77:c9:28:3d:4a:a1:28:0c:0b:d9:40:30:
f7:f0:7d:73:81:75:99:9b:fb:36:05:be:ec:b7:3f:
87:94:4b:36:de:0d:f0:9d:38:e9:b7:b8:8e:b2:16:
1f:5d:1d:cf:08:8f:dd:73:8e:8d:9a:98:c8:14:79:
e3:7e:0f:48:d2:73:8f:3d:6b:d0:35:dc:a1:da:2c:
5c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:45:DD:AD:7D:7C:3C:2E:76:28:C6:68:07:AB:C6:B2:97:2A:8C:E2
X509v3 Authority Key Identifier:
keyid:11:F2:3F:1C:7F:32:10:99:AC:27:74:5D:8C:AF:64:BC:52:8A:3E:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EfI_HH8yEJmsJ3RdjK9kvFKKPpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c3b570-ed44-4ecb-9af7-dcce563f603f/1/lkXdrX18PC52KMZoB6vGspcqjOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c3b570-ed44-4ecb-9af7-dcce563f603f/1/EfI_HH8yEJmsJ3RdjK9kvFKKPpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.104.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:fb:4f:f4:17:54:ab:2d:cf:61:1c:28:f1:b7:c2:ed:38:ae:
3f:73:b2:94:71:33:a9:bc:4e:a2:f8:63:d5:55:1e:07:24:8b:
d6:bf:b1:2c:99:a2:83:cd:1f:9c:31:15:74:a3:57:89:d8:4c:
61:65:9b:a2:48:9c:05:e6:56:72:02:3f:35:b9:3f:a7:df:74:
b7:47:75:ea:8d:10:cd:a3:33:fa:b8:2e:e5:d5:25:e7:95:00:
1d:04:69:27:c7:8f:6b:6f:cc:33:50:37:95:f0:b4:12:27:71:
2b:ef:de:19:9c:2c:de:91:93:d8:a1:fa:95:1c:aa:e1:91:38:
73:1a:9b:2b:e2:6b:16:1f:bf:01:15:2a:ee:1b:1c:3b:72:3a:
34:a5:c0:90:f5:4b:14:91:88:44:75:b2:66:53:da:86:28:dd:
a0:83:44:a0:c8:f0:eb:d4:8b:da:f1:ca:c9:46:7b:17:d9:3c:
32:4b:e8:2e:c8:2f:da:b9:fd:77:01:d7:e6:d3:af:f6:cf:11:
59:6a:b3:67:04:60:dc:46:af:ec:19:0c:c4:17:d7:25:d8:f5:
ee:14:3d:c9:09:fd:75:1b:ec:a2:c2:5c:b6:ba:e8:6a:c6:ee:
1d:de:3b:0a:e2:8a:16:87:c2:a4:ba:97:ab:31:ea:ef:32:99:
f7:1f:33:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYraWlMB3oOsqpQcgxgxsb/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZjIzZjFjN2YzMjEwOTlhYzI3NzQ1ZDhjYWY2NGJjNTI4
YTNlOTIwHhcNMjMwOTI4MDU1NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQ1ZGRhZDdkN2MzYzJlNzYyOGM2NjgwN2FiYzZiMjk3MmE4Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQzPjkdf8QXX4P+gaDpMkdG/S29q
MnhytNGHTN5Jed6INwPJEfhAxKAn9GG2xkVQphURt2VVOUM0DQ1TNrOK+/F1Dwr0
sRDy72SbzE3jQJZ5bpzFZFQjazfi/bix9k87/Z55APXglrHhndS4ySKClxiZZRzR
SvypL5tfRj9N4un2cz9tb6WPLUAxyQo0qG3O3X9k211XaBMwi6/D1KPGj7PMdfr0
5d4i4aUIC32nFa0Xpxlmcyh3ySg9SqEoDAvZQDD38H1zgXWZm/s2Bb7stz+HlEs2
3g3wnTjpt7iOshYfXR3PCI/dc46NmpjIFHnjfg9I0nOPPWvQNdyh2ixcRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZF3a19fDwudijGaAerxrKXKoziMB8GA1UdIwQY
MBaAFBHyPxx/MhCZrCd0XYyvZLxSij6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWZJX0hIOHlFSm1zSjNSZGpLOWt2RktLUHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jM2I1NzAtZWQ0NC00ZWNiLTlhZjct
ZGNjZTU2M2Y2MDNmLzEvbGtYZHJYMThQQzUyS01ab0I2dkdzcGNxak9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jM2I1NzAtZWQ0NC00ZWNiLTlhZjctZGNjZTU2M2Y2MDNm
LzEvRWZJX0hIOHlFSm1zSjNSZGpLOWt2RktLUHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZhoMA0G
CSqGSIb3DQEBCwUAA4IBAQA6+0/0F1SrLc9hHCjxt8LtOK4/c7KUcTOpvE6i+GPV
VR4HJIvWv7EsmaKDzR+cMRV0o1eJ2ExhZZuiSJwF5lZyAj81uT+n33S3R3XqjRDN
ozP6uC7l1SXnlQAdBGknx49rb8wzUDeV8LQSJ3Er794ZnCzekZPYofqVHKrhkThz
Gpsr4msWH78BFSruGxw7cjo0pcCQ9UsUkYhEdbJmU9qGKN2gg0SgyPDr1Iva8crJ
RnsX2TwyS+guyC/auf13Adfm06/2zxFZarNnBGDcRq/sGQzEF9cl2PXuFD3JCf11
G+yiwly2uuhqxu4d3jsK4ooWh8KkuperMervMpn3HzMd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:21 2024 by rpki-client on console-fra.rpki-client.org