Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/Kw30McfkZA3i5Gnt1SUROJ_tIGQ.roa
File: Kw30McfkZA3i5Gnt1SUROJ_tIGQ.roa (raw, json)
Hash identifier: IxAmFnJgPurxDRKLuvDPw8G4Y5EEJpmRDFtCybMSD2Y=
Subject key identifier: 2B:0D:F4:31:C7:E4:64:0D:E2:E4:69:ED:D5:25:11:38:9F:ED:20:64
Certificate issuer: /CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
Certificate serial: 01856B9C6BFB00719009D7BF0949B923A666
Authority key identifier: 4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/Kw30McfkZA3i5Gnt1SUROJ_tIGQ.roa
Signing time: Sun 01 Jan 2023 04:34:51 +0000
ROA not before: Sun 01 Jan 2023 04:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 45.82.201.0/24 maxlen: 24
185.208.139.0/24 maxlen: 24
185.208.136.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:6b:fb:00:71:90:09:d7:bf:09:49:b9:23:a6:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
Validity
Not Before: Jan 1 04:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b0df431c7e4640de2e469edd52511389fed2064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:01:22:5d:9b:9f:cf:c0:fe:9d:1d:8c:0d:69:
25:07:a7:29:78:43:e3:e0:c3:63:05:c5:2e:b8:69:
b6:c3:d7:42:d9:6d:e5:c7:eb:07:ee:c0:53:f8:57:
80:dc:f6:94:88:67:9c:24:ed:cf:da:c1:5a:ba:38:
bd:7d:e5:02:d8:c9:b2:97:e6:97:8c:57:3a:7e:da:
8a:2b:cb:a2:8d:a2:2a:4b:38:cf:53:ae:a6:5d:b4:
7b:10:e7:9d:0b:70:e1:65:12:06:9f:41:31:8b:97:
cd:b7:78:60:f0:a8:7f:21:5d:90:a7:8c:c1:88:6a:
b9:a9:f0:57:8f:dc:44:34:41:5c:13:a2:81:08:44:
82:95:45:9b:ff:d2:71:e5:26:81:aa:00:d2:96:25:
ea:3c:e2:b3:2a:e0:d5:68:39:e3:63:c4:94:ab:34:
4b:42:04:ca:56:7a:08:84:f2:13:88:63:51:6f:10:
c2:2f:37:2f:46:8d:f5:f3:d2:0b:57:79:da:49:db:
37:dc:b7:1b:2a:d8:00:ca:64:b0:08:46:89:23:d9:
b5:db:18:82:47:94:e5:c7:11:91:76:b8:51:b0:55:
0f:d0:35:af:89:23:69:be:80:46:ec:0c:c1:50:69:
ab:04:60:44:ad:92:11:a3:08:f9:e5:96:07:3a:41:
f3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0D:F4:31:C7:E4:64:0D:E2:E4:69:ED:D5:25:11:38:9F:ED:20:64
X509v3 Authority Key Identifier:
keyid:4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/Kw30McfkZA3i5Gnt1SUROJ_tIGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.201.0/24
185.208.136.0/23
185.208.139.0/24
Signature Algorithm: sha256WithRSAEncryption
96:19:52:7e:a0:28:9b:81:b3:07:38:a2:3d:32:19:86:d5:1f:
a5:9c:c0:a6:65:b7:45:0d:97:d0:1a:5b:6e:d5:8f:39:83:0f:
85:4e:6b:2e:f3:3b:ac:07:f1:90:dc:fc:95:00:3e:bb:c9:19:
f6:bc:61:ff:b1:a9:dd:8a:81:9e:9f:15:c0:99:c2:33:7c:cc:
92:d1:27:c0:a0:6b:39:16:26:df:37:35:28:6e:60:75:5b:41:
c0:4a:9e:c9:59:70:f0:0e:8f:4c:e5:7b:aa:13:c6:71:06:a9:
5d:74:c2:66:a2:96:6a:17:21:b5:94:a7:c0:01:a2:73:f7:a0:
23:cf:d8:2a:6f:3f:46:c7:72:f0:9e:d9:bc:8f:2f:6d:2d:80:
13:25:b7:98:0d:89:a1:8d:57:93:83:1d:c0:3c:00:7a:64:7e:
df:10:91:c6:fa:09:15:c2:92:ec:a0:96:9e:6e:5d:cd:ce:eb:
ff:1b:3b:9b:3a:aa:aa:1e:05:ca:66:7f:fd:7f:92:44:5d:e7:
50:09:0d:b2:33:2e:85:29:09:ba:38:32:53:e2:df:9b:e7:c4:
c7:55:fc:21:42:b4:2c:42:92:3f:d9:ba:20:f4:c7:6a:74:8b:
40:2d:20:e6:ae:66:83:0a:37:92:1c:11:5d:7e:52:1b:fd:b2:
fe:68:94:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrnGv7AHGQCde/CUm5I6ZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZWNjYzlkMWE3NmU5MTQ2OWNiNjNiMTJiZjcyNWQ3ZGVi
YWZiMWIwHhcNMjMwMTAxMDQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBkZjQzMWM3ZTQ2NDBkZTJlNDY5ZWRkNTI1MTEzODlmZWQyMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQEiXZufz8D+nR2MDWklB6cpeEPj
4MNjBcUuuGm2w9dC2W3lx+sH7sBT+FeA3PaUiGecJO3P2sFauji9feUC2Mmyl+aX
jFc6ftqKK8uijaIqSzjPU66mXbR7EOedC3DhZRIGn0Exi5fNt3hg8Kh/IV2Qp4zB
iGq5qfBXj9xENEFcE6KBCESClUWb/9Jx5SaBqgDSliXqPOKzKuDVaDnjY8SUqzRL
QgTKVnoIhPITiGNRbxDCLzcvRo3189ILV3naSds33LcbKtgAymSwCEaJI9m12xiC
R5TlxxGRdrhRsFUP0DWviSNpvoBG7AzBUGmrBGBErZIRowj55ZYHOkHzUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCsN9DHH5GQN4uRp7dUlETif7SBkMB8GA1UdIwQY
MBaAFEvszJ0adukUactjsSv3JdfeuvsbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTkt
NGY0Yjk5NGUwZWIyLzEvS3czME1jZmtaQTNpNUdudDFTVVJPSl90SUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTktNGY0Yjk5NGUwZWIy
LzEvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVLJAwQB
udCIAwQAudCLMA0GCSqGSIb3DQEBCwUAA4IBAQCWGVJ+oCibgbMHOKI9MhmG1R+l
nMCmZbdFDZfQGltu1Y85gw+FTmsu8zusB/GQ3PyVAD67yRn2vGH/sandioGenxXA
mcIzfMyS0SfAoGs5FibfNzUobmB1W0HASp7JWXDwDo9M5XuqE8ZxBqlddMJmopZq
FyG1lKfAAaJz96Ajz9gqbz9Gx3Lwntm8jy9tLYATJbeYDYmhjVeTgx3APAB6ZH7f
EJHG+gkVwpLsoJaebl3Nzuv/GzubOqqqHgXKZn/9f5JEXedQCQ2yMy6FKQm6ODJT
4t+b58THVfwhQrQsQpI/2bog9MdqdItALSDmrmaDCjeSHBFdflIb/bL+aJRg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org