Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/lAdYWCA5-NI7Y_7g5p9Iz5Tbueg.roa
File: lAdYWCA5-NI7Y_7g5p9Iz5Tbueg.roa (raw, json)
Hash identifier: cKIK5V12zaxqRIDOsBx3fph84AkJO9ZeYufN29CJ41I=
Subject key identifier: 94:07:58:58:20:39:F8:D2:3B:63:FE:E0:E6:9F:48:CF:94:DB:B9:E8
Certificate issuer: /CN=8251e7fb6b960d406b2236d25e4e20e245359db2
Certificate serial: 01856F39116611FAF34B12CB8AAD2898A4B2
Authority key identifier: 82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/lAdYWCA5-NI7Y_7g5p9Iz5Tbueg.roa
Signing time: Sun 01 Jan 2023 21:24:48 +0000
ROA not before: Sun 01 Jan 2023 21:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60610
IP address blocks: 45.13.152.0/24 maxlen: 24
45.13.153.0/24 maxlen: 24
45.13.154.0/24 maxlen: 24
45.13.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:11:66:11:fa:f3:4b:12:cb:8a:ad:28:98:a4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8251e7fb6b960d406b2236d25e4e20e245359db2
Validity
Not Before: Jan 1 21:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=940758582039f8d23b63fee0e69f48cf94dbb9e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:02:04:9c:fd:66:df:81:e9:49:8c:44:29:33:
81:50:12:b5:9e:81:ae:b8:f3:8e:d1:06:b7:09:0d:
c5:eb:4e:ca:18:c7:3f:c9:1f:68:91:ce:a3:68:94:
de:e0:ae:e5:d4:1b:60:9d:77:8e:26:d3:a3:2b:40:
8c:22:dd:e6:1f:44:b4:af:0f:db:69:a0:9b:aa:1d:
d8:12:51:6a:25:14:ce:d3:fd:3b:f1:35:df:d4:08:
ba:43:ec:08:76:3e:e5:f3:fa:da:1b:3d:3b:21:b7:
ed:57:99:13:78:40:1c:d9:d7:70:72:af:d8:69:ce:
6b:09:03:42:7a:e1:e2:cf:14:bf:9b:38:fc:9d:e2:
d6:f2:94:b7:3f:28:a2:87:36:b7:fa:6b:04:56:7d:
d9:34:e7:29:36:7c:eb:c8:c3:6e:ae:7c:98:79:08:
b7:f4:d7:f8:05:b5:0f:b2:18:f3:37:5c:6d:e0:ad:
3c:a5:77:c5:4e:f9:83:e5:62:81:e7:dd:07:8a:03:
54:8b:1b:1e:a7:94:0f:0b:5d:e6:3a:1e:f6:63:b3:
01:d0:f0:6a:dd:fa:2f:e5:3d:6a:0b:7d:76:e6:08:
91:90:40:42:fa:f9:ba:92:4e:24:b1:19:dd:bc:d1:
09:d8:b6:31:04:6e:76:eb:fb:77:27:20:2b:90:ba:
0a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:07:58:58:20:39:F8:D2:3B:63:FE:E0:E6:9F:48:CF:94:DB:B9:E8
X509v3 Authority Key Identifier:
keyid:82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/lAdYWCA5-NI7Y_7g5p9Iz5Tbueg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/glHn-2uWDUBrIjbSXk4g4kU1nbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.152.0/22
Signature Algorithm: sha256WithRSAEncryption
01:5e:8d:5e:9e:67:ae:19:4f:19:50:76:52:91:10:5a:4e:dc:
a9:bf:e6:fe:77:c2:16:8a:c8:23:6f:48:09:67:6e:1a:66:6f:
dc:e7:b4:42:0d:78:38:c1:e9:47:53:d3:f2:33:f6:0c:6d:27:
cb:8f:60:6a:28:15:e0:92:c9:d5:22:ee:31:dc:4a:9a:49:9c:
f3:c5:f3:7e:46:e6:45:63:00:cd:69:ea:0a:b9:06:a1:27:ed:
db:fe:17:64:2e:c8:cf:f6:82:1d:c5:c6:f8:36:e5:99:87:66:
c4:d1:64:41:82:a6:6c:22:91:18:45:4e:b6:cf:51:73:c0:ed:
29:46:0b:2b:5c:10:01:ce:cf:a2:5b:ce:41:b4:12:02:67:99:
52:8d:5d:fa:bc:2c:cf:e8:c7:50:eb:3f:32:60:d0:c7:69:85:
19:a6:c5:ae:fc:c2:4d:60:fc:a0:c2:ba:b8:be:91:7e:ab:a8:
5e:f6:c8:26:5f:41:58:92:ed:b1:af:01:e2:0c:1f:b6:71:dd:
5f:f6:5b:78:a5:77:f3:fe:8e:f7:d7:1f:29:cd:e4:f1:61:d2:
cc:30:64:53:6e:d1:bd:a0:5b:57:74:23:62:eb:e8:78:3a:d5:
91:be:ed:d6:1b:ba:07:dc:40:85:e0:e9:62:c5:36:33:db:99:
29:49:03:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvORFmEfrzSxLLiq0omKSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNTFlN2ZiNmI5NjBkNDA2YjIyMzZkMjVlNGUyMGUyNDUz
NTlkYjIwHhcNMjMwMTAxMjEyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA3NTg1ODIwMzlmOGQyM2I2M2ZlZTBlNjlmNDhjZjk0ZGJiOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAIEnP1m34HpSYxEKTOBUBK1noGu
uPOO0Qa3CQ3F607KGMc/yR9okc6jaJTe4K7l1BtgnXeOJtOjK0CMIt3mH0S0rw/b
aaCbqh3YElFqJRTO0/078TXf1Ai6Q+wIdj7l8/raGz07IbftV5kTeEAc2ddwcq/Y
ac5rCQNCeuHizxS/mzj8neLW8pS3Pyiihza3+msEVn3ZNOcpNnzryMNurnyYeQi3
9Nf4BbUPshjzN1xt4K08pXfFTvmD5WKB590HigNUixsep5QPC13mOh72Y7MB0PBq
3fov5T1qC3125giRkEBC+vm6kk4ksRndvNEJ2LYxBG526/t3JyArkLoK6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQHWFggOfjSO2P+4OafSM+U27noMB8GA1UdIwQY
MBaAFIJR5/trlg1AayI20l5OIOJFNZ2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2xIbi0ydVdEVUJySWpiU1hrNGc0a1UxbmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mZjBlNjEtMWM5Mi00MThjLTkyNjct
ZDNhNDg3Mjk1NDkxLzEvbEFkWVdDQTUtTkk3WV83ZzVwOUl6NVRidWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mZjBlNjEtMWM5Mi00MThjLTkyNjctZDNhNDg3Mjk1NDkx
LzEvZ2xIbi0ydVdEVUJySWpiU1hrNGc0a1UxbmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ2YMA0G
CSqGSIb3DQEBCwUAA4IBAQABXo1enmeuGU8ZUHZSkRBaTtypv+b+d8IWisgjb0gJ
Z24aZm/c57RCDXg4welHU9PyM/YMbSfLj2BqKBXgksnVIu4x3EqaSZzzxfN+RuZF
YwDNaeoKuQahJ+3b/hdkLsjP9oIdxcb4NuWZh2bE0WRBgqZsIpEYRU62z1FzwO0p
RgsrXBABzs+iW85BtBICZ5lSjV36vCzP6MdQ6z8yYNDHaYUZpsWu/MJNYPygwrq4
vpF+q6he9sgmX0FYku2xrwHiDB+2cd1f9lt4pXfz/o731x8pzeTxYdLMMGRTbtG9
oFtXdCNi6+h4OtWRvu3WG7oH3ECF4OlixTYz25kpSQMu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:43 2024 by rpki-client on console-fra.rpki-client.org