Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/k0w0GWbwIRoNXIvh4h1J4b2MBw0.roa
File: k0w0GWbwIRoNXIvh4h1J4b2MBw0.roa (raw, json)
Hash identifier: 6yETtTUFfSWwmQHXpsJE1bIH/j9uwGV+mtv6fPTwM/w=
Subject key identifier: 93:4C:34:19:66:F0:21:1A:0D:5C:8B:E1:E2:1D:49:E1:BD:8C:07:0D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D5BAB74CFFF49794C161AC423F768033F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/k0w0GWbwIRoNXIvh4h1J4b2MBw0.roa
Signing time: Tue 30 Jan 2024 18:39:39 +0000
ROA not before: Tue 30 Jan 2024 18:39:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 18:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:ab:74:cf:ff:49:79:4c:16:1a:c4:23:f7:68:03:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 30 18:39:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=934c341966f0211a0d5c8be1e21d49e1bd8c070d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:43:db:05:9c:05:95:df:7b:c2:9f:5d:0b:c1:
52:f1:0d:8e:0d:b3:de:34:ab:76:ef:e9:ed:5a:12:
7b:4a:4c:9e:d8:d0:02:b5:e7:ff:59:00:9c:95:b9:
3a:80:1e:33:e1:73:2e:89:8b:14:b3:1f:26:af:f0:
7f:b5:2b:40:51:76:c7:5f:9a:80:bb:e8:e7:e5:a8:
a5:88:cf:f2:7f:22:36:96:c9:ee:25:8a:1b:75:a7:
9b:e8:03:5c:6c:e7:b2:40:77:db:80:b3:f2:ca:fa:
a4:31:1a:b9:7e:ec:21:c8:f9:86:08:4f:f2:fe:9b:
9c:1e:e4:ff:98:36:7d:30:bb:b0:83:aa:ff:32:a0:
86:2a:72:96:d7:cb:b2:78:78:48:40:14:a4:46:35:
18:49:fe:b8:dc:fe:58:f4:1e:6f:e5:eb:42:91:a8:
a8:7a:92:22:00:28:6f:d9:02:73:17:91:5a:fc:1b:
af:89:c1:48:23:40:31:14:3f:cf:37:33:6f:10:bc:
0e:a3:59:0e:55:80:7d:2e:bf:78:b1:b7:a8:77:af:
8c:f5:d2:40:76:95:ef:b7:14:03:b7:6f:5f:9f:fe:
8a:59:6f:5c:25:6c:d4:e1:fe:74:1e:d4:a8:f4:d2:
2e:6d:4b:da:d3:76:63:d3:71:b2:f9:0d:bd:d7:96:
f7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4C:34:19:66:F0:21:1A:0D:5C:8B:E1:E2:1D:49:E1:BD:8C:07:0D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/k0w0GWbwIRoNXIvh4h1J4b2MBw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
45.94.171.0/24
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:2b:5f:15:77:65:7b:9f:01:4b:88:75:a5:ac:bb:76:bc:ba:
9c:68:75:97:72:3e:dc:e7:ae:9a:5e:7d:34:40:96:74:20:12:
7f:34:f8:0b:e1:f3:21:8b:85:ae:22:fe:e7:95:1d:37:c5:dc:
e2:47:7c:1c:db:eb:11:50:5c:af:ed:e2:4f:5f:53:e9:4b:e5:
70:58:42:d9:a3:82:61:6c:a1:e0:d9:7a:5f:ba:1a:20:9a:08:
0f:ec:36:06:d2:db:ef:f0:3e:60:26:e4:3a:a3:33:f5:df:74:
69:aa:d0:95:2d:1f:ae:91:f1:a1:53:a8:ae:f8:e1:87:b5:ff:
4c:89:77:8e:71:8e:e6:c5:da:e9:ce:87:0a:be:f2:c7:43:ba:
3e:45:52:e1:2b:2d:65:7a:42:06:3d:6d:e3:ee:b3:a5:29:ce:
6a:2f:46:f3:fb:f1:0d:3d:54:ca:57:72:51:47:ca:8d:86:d7:
49:4b:9b:c1:b8:7a:cf:eb:0d:d8:5f:d5:9a:27:dd:4a:2d:32:
5f:17:ec:e4:d4:cd:60:e2:72:60:e9:0d:c4:95:fb:b1:1f:7c:
dd:27:8b:ff:58:56:6d:78:95:fb:2b:3a:76:0c:a9:b0:60:2b:
03:b2:15:f5:ac:3c:0d:f9:8d:f8:25:fb:6c:04:0e:06:f7:be:
18:5e:e2:b8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY1bq3TP/0l5TBYaxCP3aAM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTMwMTgzOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRjMzQxOTY2ZjAyMTFhMGQ1YzhiZTFlMjFkNDllMWJkOGMwNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkPbBZwFld97wp9dC8FS8Q2ODbPe
NKt27+ntWhJ7Skye2NACtef/WQCclbk6gB4z4XMuiYsUsx8mr/B/tStAUXbHX5qA
u+jn5ailiM/yfyI2lsnuJYobdaeb6ANcbOeyQHfbgLPyyvqkMRq5fuwhyPmGCE/y
/pucHuT/mDZ9MLuwg6r/MqCGKnKW18uyeHhIQBSkRjUYSf643P5Y9B5v5etCkaio
epIiAChv2QJzF5Fa/BuvicFII0AxFD/PNzNvELwOo1kOVYB9Lr94sbeod6+M9dJA
dpXvtxQDt29fn/6KWW9cJWzU4f50HtSo9NIubUva03Zj03Gy+Q2915b3gQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJNMNBlm8CEaDVyL4eIdSeG9jAcNMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvazB3MEdXYndJUm9OWEl2aDRoMUo0YjJNQncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALViLAwQA
LV6rAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQAvK18Vd2V7nwFLiHWlrLt2vLqcaHWXcj7c566aXn00QJZ0IBJ/NPgL4fMh
i4WuIv7nlR03xdziR3wc2+sRUFyv7eJPX1PpS+VwWELZo4JhbKHg2XpfuhogmggP
7DYG0tvv8D5gJuQ6ozP133RpqtCVLR+ukfGhU6iu+OGHtf9MiXeOcY7mxdrpzocK
vvLHQ7o+RVLhKy1lekIGPW3j7rOlKc5qL0bz+/ENPVTKV3JRR8qNhtdJS5vBuHrP
6w3YX9WaJ91KLTJfF+zk1M1g4nJg6Q3ElfuxH3zdJ4v/WFZteJX7Kzp2DKmwYCsD
shX1rDwN+Y34JftsBA4G974YXuK4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org