Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/KlbXcG_prxr7bJUGHRqGTvfnAMY.roa
File: KlbXcG_prxr7bJUGHRqGTvfnAMY.roa (raw, json)
Hash identifier: p5dgOFihd2fMN4gJ3JFSwIiYaJ2o+/5Uq3kpaTifxDw=
Subject key identifier: 2A:56:D7:70:6F:E9:AF:1A:FB:6C:95:06:1D:1A:86:4E:F7:E7:00:C6
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 0188FC1CF82D66B655D2EEB09A985F8A9E36
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/KlbXcG_prxr7bJUGHRqGTvfnAMY.roa
Signing time: Tue 27 Jun 2023 09:08:56 +0000
ROA not before: Tue 27 Jun 2023 09:08:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134450
IP address blocks: 45.114.208.0/22 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Jul 2023 05:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:1c:f8:2d:66:b6:55:d2:ee:b0:9a:98:5f:8a:9e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jun 27 09:08:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a56d7706fe9af1afb6c95061d1a864ef7e700c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:37:d0:c4:fe:dd:25:21:08:42:a9:6a:f4:4b:
fd:6d:74:3d:4f:e8:5c:2e:7d:0e:5b:f3:d3:72:1b:
33:55:3a:83:b5:ec:8f:64:f5:5d:d0:88:73:87:8f:
1c:60:4f:82:3a:89:d9:b6:2f:50:60:b0:0b:2e:84:
b0:da:f6:e2:85:07:f7:21:24:f5:d3:80:03:29:9b:
d1:e2:fc:a0:de:4b:bc:b3:e3:c8:d0:01:3a:d7:47:
1a:4a:dc:33:32:6c:c2:c3:a0:b2:58:f6:b5:21:47:
46:5d:45:75:27:de:55:da:23:32:ef:d6:01:73:20:
28:39:16:ad:c4:4f:f8:8d:41:55:67:71:db:b7:f8:
dc:0d:c2:c7:ef:3a:1c:58:c3:2a:b1:5b:b3:0b:72:
ae:1f:02:c5:c9:97:9e:e5:d6:50:8a:0e:bf:c0:4d:
cf:14:5b:5f:b1:72:e1:b0:72:fd:66:ea:b7:1b:9c:
b2:d9:50:54:03:6d:3b:72:c4:48:24:dd:65:67:ce:
96:74:1d:e0:31:97:51:3e:56:33:ee:22:6e:dd:13:
39:a0:ce:51:92:f0:4f:76:af:e8:20:7b:3a:05:76:
9f:24:57:26:d0:3e:45:9a:59:28:18:c4:3c:5f:48:
0f:60:cf:85:39:e1:88:8f:9c:a5:e6:85:05:8f:b5:
21:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:56:D7:70:6F:E9:AF:1A:FB:6C:95:06:1D:1A:86:4E:F7:E7:00:C6
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/KlbXcG_prxr7bJUGHRqGTvfnAMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.208.0/22
Signature Algorithm: sha256WithRSAEncryption
56:7d:23:46:9a:31:9e:ee:07:be:9a:57:03:e3:bd:da:b2:7d:
7e:bb:6e:b6:e5:50:15:16:8d:8c:71:0b:76:bd:03:23:06:ef:
db:22:78:99:73:b8:cd:80:87:83:b4:f9:da:e5:e9:19:61:68:
55:dd:fa:67:87:b9:d7:a8:78:8c:1e:d4:46:5f:b5:fa:f7:4a:
91:0d:29:52:fb:03:cf:33:cc:59:7b:96:46:f5:aa:07:a8:db:
0d:a1:4c:4a:46:80:bb:d0:1b:d8:0f:89:9a:03:90:cf:be:64:
d0:68:b7:35:0f:c2:bf:9d:8d:b8:1f:bd:aa:97:55:bd:4c:bf:
d9:31:e6:76:89:0a:b6:de:b2:f0:95:0e:b1:83:e6:12:4b:12:
1d:7b:59:ab:75:07:94:86:d6:3f:a7:32:22:5b:3a:2b:da:3d:
86:97:20:37:6f:be:2f:a0:d1:5f:4a:91:c1:38:43:af:28:88:
f5:ec:61:77:eb:4d:e5:b5:01:ba:ab:be:07:04:bb:65:00:7d:
05:9c:c1:3d:8e:9f:45:f3:c0:37:e3:29:ac:ae:b9:19:78:81:
c3:06:50:ca:7c:60:99:d2:85:07:8a:9c:29:38:c5:44:5f:75:
18:81:1e:f9:22:06:b3:cc:33:0a:ca:2a:a8:c4:77:6a:e3:63:
b5:64:2e:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYj8HPgtZrZV0u6wmphfip42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwNjI3MDkwODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU2ZDc3MDZmZTlhZjFhZmI2Yzk1MDYxZDFhODY0ZWY3ZTcwMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTfQxP7dJSEIQqlq9Ev9bXQ9T+hc
Ln0OW/PTchszVTqDteyPZPVd0Ihzh48cYE+COonZti9QYLALLoSw2vbihQf3IST1
04ADKZvR4vyg3ku8s+PI0AE610caStwzMmzCw6CyWPa1IUdGXUV1J95V2iMy79YB
cyAoORatxE/4jUFVZ3Hbt/jcDcLH7zocWMMqsVuzC3KuHwLFyZee5dZQig6/wE3P
FFtfsXLhsHL9Zuq3G5yy2VBUA207csRIJN1lZ86WdB3gMZdRPlYz7iJu3RM5oM5R
kvBPdq/oIHs6BXafJFcm0D5FmlkoGMQ8X0gPYM+FOeGIj5yl5oUFj7UhgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpW13Bv6a8a+2yVBh0ahk735wDGMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvS2xiWGNHX3ByeHI3YkpVR0hScUdUdmZuQU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLXLQMA0G
CSqGSIb3DQEBCwUAA4IBAQBWfSNGmjGe7ge+mlcD473asn1+u2625VAVFo2McQt2
vQMjBu/bIniZc7jNgIeDtPna5ekZYWhV3fpnh7nXqHiMHtRGX7X690qRDSlS+wPP
M8xZe5ZG9aoHqNsNoUxKRoC70BvYD4maA5DPvmTQaLc1D8K/nY24H72ql1W9TL/Z
MeZ2iQq23rLwlQ6xg+YSSxIde1mrdQeUhtY/pzIiWzor2j2GlyA3b74voNFfSpHB
OEOvKIj17GF3603ltQG6q74HBLtlAH0FnME9jp9F88A34ymsrrkZeIHDBlDKfGCZ
0oUHipwpOMVEX3UYgR75IgazzDMKyiqoxHdq42O1ZC5t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org