Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LyPKUFPNuiSf5ZNy5sCKUh2r-zI.roa
File: LyPKUFPNuiSf5ZNy5sCKUh2r-zI.roa (raw, json)
Hash identifier: SNHPWRQVxTuxBiJmp5E2f3w73WALD7Cvv2oi5Lz3Ijk=
Subject key identifier: 2F:23:CA:50:53:CD:BA:24:9F:E5:93:72:E6:C0:8A:52:1D:AB:FB:32
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018DC5FBA62362D41100BF730233EE0C98FA
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LyPKUFPNuiSf5ZNy5sCKUh2r-zI.roa
Signing time: Tue 20 Feb 2024 10:07:00 +0000
ROA not before: Tue 20 Feb 2024 10:07:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 12:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:fb:a6:23:62:d4:11:00:bf:73:02:33:ee:0c:98:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 20 10:07:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f23ca5053cdba249fe59372e6c08a521dabfb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:64:47:d7:db:8a:fa:dd:8c:0b:88:e7:15:48:
f7:60:ad:ac:b8:90:03:69:39:82:0f:0f:40:cf:bf:
36:55:36:fc:7f:6f:5b:97:c8:51:88:82:41:a6:7f:
f6:7b:91:b5:d5:cf:bb:34:4a:55:b9:d0:e7:98:f0:
b5:cf:5f:46:d1:e7:6a:e4:37:ad:2d:d8:4b:0c:d4:
9a:b0:f8:b1:0a:d8:ff:97:29:66:9c:34:a1:d5:ca:
e9:4d:92:dc:1c:60:43:de:32:ec:e5:a7:a6:7e:f2:
b8:8f:87:40:e1:23:a8:86:a3:fe:b7:92:59:eb:c1:
20:90:d4:1c:a3:42:18:fb:6b:3d:61:ac:9e:0f:fb:
f3:50:dc:1b:e2:bf:40:2c:b3:c2:00:7e:23:29:fd:
52:74:13:88:c4:a7:89:dc:2c:01:99:45:51:8d:0b:
50:b8:41:73:7f:55:e3:7b:cb:c1:17:86:1f:c4:68:
58:b2:c5:ac:bb:10:84:80:17:66:0b:e1:f7:61:0c:
01:fe:78:41:bd:73:4a:d8:4d:a1:16:0d:95:93:3e:
3b:b7:b8:3e:eb:97:c4:59:eb:06:84:15:ca:d2:dd:
93:59:74:2f:ce:60:cd:91:f0:a3:16:72:aa:fb:4c:
79:d2:d1:cc:44:17:f9:13:f9:ff:47:ba:04:52:1a:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:23:CA:50:53:CD:BA:24:9F:E5:93:72:E6:C0:8A:52:1D:AB:FB:32
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LyPKUFPNuiSf5ZNy5sCKUh2r-zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
91.92.35.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b6:88:29:d4:3e:6e:f8:03:4e:ac:4a:89:70:3f:62:06:54:
b8:10:83:b2:f5:21:2d:56:e8:f0:a8:0a:0e:11:f7:6b:bb:90:
59:60:8e:d3:7d:bd:c4:a8:e5:eb:fe:de:de:ab:32:bd:d8:a6:
a5:20:05:af:67:04:0a:5e:e5:51:29:a9:79:e4:d7:90:32:8a:
2b:c9:cc:76:1e:9b:a6:90:71:12:36:d8:a5:a5:93:5b:3b:42:
20:63:16:42:18:c0:94:c4:05:a9:e5:27:cc:dc:86:72:c3:e6:
3d:fa:b2:36:78:9b:e3:ab:8b:f6:c7:25:62:ac:bd:22:c8:da:
03:35:69:00:fc:2e:34:36:50:d6:9b:05:f1:2b:40:c6:a8:23:
a9:54:26:bf:b3:89:13:66:6e:1d:44:6d:0d:e2:6e:e1:3b:c2:
80:29:b7:68:86:17:7b:4c:ef:60:9b:e6:52:bc:4a:9e:37:98:
e1:9e:16:ba:0a:6d:4a:f7:85:c5:d7:81:f6:08:a5:a0:a4:cf:
16:f3:cc:47:be:17:e3:41:2a:43:63:84:02:e6:80:28:45:3c:
f8:f1:0d:28:23:32:14:7c:30:ee:c4:9c:ac:d2:46:cb:07:e9:
b5:af:28:58:95:95:b8:20:ab:3a:82:85:5b:3c:1f:39:74:34:
82:f6:6f:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3F+6YjYtQRAL9zAjPuDJj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMjIwMTAwNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjIzY2E1MDUzY2RiYTI0OWZlNTkzNzJlNmMwOGE1MjFkYWJmYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmRH19uK+t2MC4jnFUj3YK2suJAD
aTmCDw9Az782VTb8f29bl8hRiIJBpn/2e5G11c+7NEpVudDnmPC1z19G0edq5Det
LdhLDNSasPixCtj/lylmnDSh1crpTZLcHGBD3jLs5aemfvK4j4dA4SOohqP+t5JZ
68EgkNQco0IY+2s9YayeD/vzUNwb4r9ALLPCAH4jKf1SdBOIxKeJ3CwBmUVRjQtQ
uEFzf1Xje8vBF4YfxGhYssWsuxCEgBdmC+H3YQwB/nhBvXNK2E2hFg2Vkz47t7g+
65fEWesGhBXK0t2TWXQvzmDNkfCjFnKq+0x50tHMRBf5E/n/R7oEUhpt+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC8jylBTzbokn+WTcubAilIdq/syMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvTHlQS1VGUE51aVNmNVpOeTVzQ0tVaDJyLXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY3oAwQA
LY3rAwQAW1wjMA0GCSqGSIb3DQEBCwUAA4IBAQAWtogp1D5u+ANOrEqJcD9iBlS4
EIOy9SEtVujwqAoOEfdru5BZYI7Tfb3EqOXr/t7eqzK92KalIAWvZwQKXuVRKal5
5NeQMoorycx2HpumkHESNtilpZNbO0IgYxZCGMCUxAWp5SfM3IZyw+Y9+rI2eJvj
q4v2xyVirL0iyNoDNWkA/C40NlDWmwXxK0DGqCOpVCa/s4kTZm4dRG0N4m7hO8KA
Kbdohhd7TO9gm+ZSvEqeN5jhnha6Cm1K94XF14H2CKWgpM8W88xHvhfjQSpDY4QC
5oAoRTz48Q0oIzIUfDDuxJys0kbLB+m1ryhYlZW4IKs6goVbPB85dDSC9m+V
-----END CERTIFICATE-----
Generated at Tue Feb 27 16:20:22 2024 by rpki-client on console-ams.rpki-client.org