Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/ibydLrdg--fgedgcerXHoYO_lps.roa
File: ibydLrdg--fgedgcerXHoYO_lps.roa (raw, json)
Hash identifier: jWBQ8eJcwY4OHe7WZZZNZ6sOotLgwJOir7RB+N3ZDDc=
Subject key identifier: 89:BC:9D:2E:B7:60:FB:E7:E0:79:D8:1C:7A:B5:C7:A1:83:BF:96:9B
Certificate issuer: /CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Certificate serial: 018E5AD669F70403F57B45AEFB98BBA26EF4
Authority key identifier: ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/ibydLrdg--fgedgcerXHoYO_lps.roa
Signing time: Wed 20 Mar 2024 07:49:45 +0000
ROA not before: Wed 20 Mar 2024 07:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.89.128.0/22 maxlen: 22
2a0b:a200::/40 maxlen: 40
2a0b:a200:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 25 Mar 2024 13:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5a:d6:69:f7:04:03:f5:7b:45:ae:fb:98:bb:a2:6e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Validity
Not Before: Mar 20 07:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89bc9d2eb760fbe7e079d81c7ab5c7a183bf969b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f4:11:3d:fd:79:04:31:f0:f6:14:9f:67:4d:
3c:a1:84:18:2e:0d:7b:69:0a:fc:3f:59:03:d5:91:
56:81:47:e0:ab:b0:7e:de:ec:72:c1:04:35:d1:5a:
1b:c0:be:a7:e6:8c:a0:9c:f9:32:6b:48:aa:3a:73:
c6:b8:e4:10:60:f6:3f:e8:8a:f0:b2:54:9b:3c:02:
4a:ad:b9:13:31:27:c2:3e:c6:84:28:f1:7c:54:c4:
d7:0d:d6:13:2f:61:bc:74:8a:51:97:e3:33:3b:53:
c7:25:43:84:06:2f:54:4a:d8:44:04:40:6c:20:e9:
60:4a:aa:fd:35:5b:4a:4a:76:79:23:03:81:3a:d1:
79:cb:c9:a7:ad:ad:4f:2d:f0:1b:1b:48:07:4c:30:
31:11:62:af:c6:ab:69:72:e3:cf:cd:5f:2a:2a:5f:
f1:f6:a3:db:fa:72:4a:8e:4b:42:d2:6c:0f:37:78:
88:aa:82:b1:ec:fd:83:be:1c:b1:44:d4:62:b0:99:
77:f1:1f:79:2b:d1:9b:93:39:bc:1d:2e:7c:fb:64:
30:6d:85:41:3b:c4:01:b0:31:0e:82:5a:7e:14:0a:
87:15:39:ba:46:cf:72:41:10:e9:3b:ac:bd:ce:1e:
66:13:b0:f4:41:d4:71:79:3f:cd:6c:f7:a0:cd:07:
7a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BC:9D:2E:B7:60:FB:E7:E0:79:D8:1C:7A:B5:C7:A1:83:BF:96:9B
X509v3 Authority Key Identifier:
keyid:ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/ibydLrdg--fgedgcerXHoYO_lps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.128.0/22
IPv6:
2a0b:a200::/39
Signature Algorithm: sha256WithRSAEncryption
70:f1:46:d3:8c:e4:19:51:ca:e0:90:ee:18:03:75:62:a4:05:
a6:b5:a9:18:1b:49:50:1e:3e:0b:17:0b:70:6c:44:1c:b8:58:
fa:2d:d4:10:97:a9:44:25:4f:4f:d4:f3:96:03:22:bf:e7:1b:
53:cb:3e:e2:f3:da:46:aa:29:4f:16:84:f1:7a:43:af:fa:cb:
a2:9f:c1:c3:e7:9a:7d:09:85:83:82:1a:e1:4a:d8:9e:66:30:
01:8d:cf:6d:c5:10:90:f2:08:2b:f0:5f:04:02:c2:c2:46:69:
ac:ab:dc:ba:e3:15:ee:e8:5d:00:c5:a4:58:09:65:f0:b3:0d:
96:28:26:8f:a7:d3:1f:5e:4f:99:29:41:72:48:ed:db:f3:b9:
13:f9:d3:9d:77:9c:7e:f8:94:69:d5:e8:35:e7:1a:ec:85:13:
7e:60:25:da:f0:53:53:c6:39:2c:37:b3:e0:8c:13:e4:e7:7b:
74:39:d5:f9:07:ce:2f:1e:84:80:0d:26:b9:cf:c9:11:85:5c:
7a:09:e3:6b:b3:29:17:71:c6:0b:48:94:a7:ec:87:50:22:13:
27:9f:e9:4c:53:e4:83:4c:66:a8:ba:dc:75:ae:0d:37:0f:5c:
44:ad:42:49:df:ea:a8:dd:27:62:89:03:d6:1c:b6:9e:d5:ff:
67:23:28:04
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY5a1mn3BAP1e0Wu+5i7om70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjI0YzU5MDAyN2E1YThjOWVlYjM2OTcyNmU0YTYzMGNk
ZjQxNGMwHhcNMjQwMzIwMDc0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJjOWQyZWI3NjBmYmU3ZTA3OWQ4MWM3YWI1YzdhMTgzYmY5NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfQRPf15BDHw9hSfZ008oYQYLg17
aQr8P1kD1ZFWgUfgq7B+3uxywQQ10VobwL6n5oygnPkya0iqOnPGuOQQYPY/6Irw
slSbPAJKrbkTMSfCPsaEKPF8VMTXDdYTL2G8dIpRl+MzO1PHJUOEBi9USthEBEBs
IOlgSqr9NVtKSnZ5IwOBOtF5y8mnra1PLfAbG0gHTDAxEWKvxqtpcuPPzV8qKl/x
9qPb+nJKjktC0mwPN3iIqoKx7P2DvhyxRNRisJl38R95K9Gbkzm8HS58+2QwbYVB
O8QBsDEOglp+FAqHFTm6Rs9yQRDpO6y9zh5mE7D0QdRxeT/NbPegzQd6ZQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIm8nS63YPvn4HnYHHq1x6GDv5abMB8GA1UdIwQY
MBaAFO1iTFkAJ6Woye6zaXJuSmMM30FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5Nzgt
YTdiZTVmYTBmZjY1LzEvaWJ5ZExyZGctLWZnZWRnY2VyWEhvWU9fbHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5NzgtYTdiZTVmYTBmZjY1
LzEvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLVmAMA4E
AgACMAgDBgEqC6IAADANBgkqhkiG9w0BAQsFAAOCAQEAcPFG04zkGVHK4JDuGAN1
YqQFprWpGBtJUB4+CxcLcGxEHLhY+i3UEJepRCVPT9TzlgMiv+cbU8s+4vPaRqop
TxaE8XpDr/rLop/Bw+eafQmFg4Ia4UrYnmYwAY3PbcUQkPIIK/BfBALCwkZprKvc
uuMV7uhdAMWkWAll8LMNligmj6fTH15PmSlBckjt2/O5E/nTnXecfviUadXoNeca
7IUTfmAl2vBTU8Y5LDez4IwT5Od7dDnV+QfOLx6EgA0muc/JEYVcegnja7MpF3HG
C0iUp+yHUCITJ5/pTFPkg0xmqLrcda4NNw9cRK1CSd/qqN0nYokD1hy2ntX/ZyMo
BA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:07 2024 by rpki-client on console-fra.rpki-client.org