Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/khkI2DAyUMqcPN48hEk47XR-3SE.roa
File: khkI2DAyUMqcPN48hEk47XR-3SE.roa (raw, json)
Hash identifier: 3SqiR28KcodCdzzY+ZR1Ff7/oTh0VAJeAOr/c3yPYSI=
Subject key identifier: 92:19:08:D8:30:32:50:CA:9C:3C:DE:3C:84:49:38:ED:74:7E:DD:21
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CFD74D23C19EF84634D4B6C517077A346
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/khkI2DAyUMqcPN48hEk47XR-3SE.roa
Signing time: Fri 12 Jan 2024 11:35:40 +0000
ROA not before: Fri 12 Jan 2024 11:35:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
193.57.41.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 14:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:74:d2:3c:19:ef:84:63:4d:4b:6c:51:70:77:a3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 12 11:35:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=921908d8303250ca9c3cde3c844938ed747edd21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a0:a4:8f:67:12:33:2d:6d:1a:04:09:4a:43:
44:09:27:db:1b:1a:b8:37:a3:6d:6d:d1:10:93:14:
9e:2f:4f:13:9b:21:1c:c1:d6:58:03:50:24:41:c7:
de:58:bb:89:11:eb:ac:7f:fe:57:1c:ec:93:87:e8:
93:2e:a3:b6:51:95:69:93:ab:c3:0d:e4:b5:ce:3f:
80:d3:d3:90:85:de:79:9d:20:cd:b2:a9:dd:15:eb:
3b:78:24:07:dc:ef:9f:9e:87:c3:e1:4c:48:38:e4:
28:d2:38:1a:a6:cd:58:c0:11:16:d1:95:10:38:79:
15:f1:bc:08:6e:92:73:90:dd:12:bf:0a:59:0e:57:
91:db:24:bb:a6:03:37:80:5e:d5:9b:b4:a5:17:5e:
d9:05:cd:c5:2e:6c:c7:18:a5:c2:aa:45:a7:0b:5a:
c1:dc:d6:4a:4a:dd:06:e4:72:f9:b4:c5:dd:52:59:
8b:82:6d:97:bb:08:9c:97:d0:d1:88:cd:9e:03:cd:
dd:f3:aa:2e:84:2d:36:d6:48:2b:8f:2c:6f:69:77:
75:c1:c6:ae:95:7c:47:45:61:68:3e:75:4a:fe:81:
9e:8f:6e:d7:2b:e7:9e:f8:7f:a0:9e:27:ce:46:50:
f5:36:7c:1e:d1:88:d9:1b:bd:73:be:5e:b7:fc:f8:
51:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:19:08:D8:30:32:50:CA:9C:3C:DE:3C:84:49:38:ED:74:7E:DD:21
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/khkI2DAyUMqcPN48hEk47XR-3SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.112.0/24
45.81.115.0/24
45.88.139.0/24
45.94.170.0/23
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:09:c8:ad:e8:66:ce:de:47:9e:ce:e5:22:1d:21:72:f9:07:
b4:b6:6c:2e:36:02:62:56:4e:5a:da:5a:70:8c:3a:a4:c9:93:
04:b3:3e:a1:4d:e4:e9:0d:46:58:7d:ef:86:75:29:84:ef:0d:
38:ae:fb:07:a4:d0:4a:71:25:b2:4f:54:32:b6:16:e0:52:fa:
67:db:24:7b:f7:38:8d:63:90:fb:bd:8d:af:f3:b8:ba:5f:1f:
fd:e8:9e:6a:07:45:e4:21:22:62:1f:57:cd:a4:86:57:44:df:
c8:c8:6e:5b:ad:36:6d:4a:f2:c3:65:99:1a:da:6f:67:28:ee:
1b:23:4b:14:fc:80:cd:a1:79:10:8b:bd:d9:01:ff:f0:a1:09:
4f:0b:58:9f:71:60:bc:c7:31:52:4b:43:85:7f:0c:ec:df:fc:
1c:0d:2f:09:1b:f5:32:3f:6b:e0:28:d6:c0:42:16:c5:ca:76:
fc:2c:fb:67:e3:f5:b0:eb:73:65:73:9a:9d:ae:62:73:cd:c1:
38:5e:0d:e9:e9:0f:f7:db:9d:72:dd:c1:5a:56:a6:94:31:56:
8d:00:40:b0:e7:b3:05:f5:10:0f:d4:60:ce:12:f1:bc:de:d5:
86:ee:fe:da:56:ae:6b:76:85:a1:da:1a:a2:5e:74:67:c1:c4:
af:21:c0:15
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYz9dNI8Ge+EY01LbFFwd6NGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTEyMTEzNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE5MDhkODMwMzI1MGNhOWMzY2RlM2M4NDQ5MzhlZDc0N2VkZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6Ckj2cSMy1tGgQJSkNECSfbGxq4
N6NtbdEQkxSeL08TmyEcwdZYA1AkQcfeWLuJEeusf/5XHOyTh+iTLqO2UZVpk6vD
DeS1zj+A09OQhd55nSDNsqndFes7eCQH3O+fnofD4UxIOOQo0jgaps1YwBEW0ZUQ
OHkV8bwIbpJzkN0SvwpZDleR2yS7pgM3gF7Vm7SlF17ZBc3FLmzHGKXCqkWnC1rB
3NZKSt0G5HL5tMXdUlmLgm2Xuwicl9DRiM2eA83d86ouhC021kgrjyxvaXd1wcau
lXxHRWFoPnVK/oGej27XK+ee+H+gnifORlD1Nnwe0YjZG71zvl63/PhR4wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJIZCNgwMlDKnDzePIRJOO10ft0hMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEva2hrSTJEQXlVTXFjUE40OGhFazQ3WFItM1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVFwAwQA
LVFzAwQALViLAwQBLV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0G
CSqGSIb3DQEBCwUAA4IBAQBcCcit6GbO3keezuUiHSFy+Qe0tmwuNgJiVk5a2lpw
jDqkyZMEsz6hTeTpDUZYfe+GdSmE7w04rvsHpNBKcSWyT1QythbgUvpn2yR79ziN
Y5D7vY2v87i6Xx/96J5qB0XkISJiH1fNpIZXRN/IyG5brTZtSvLDZZka2m9nKO4b
I0sU/IDNoXkQi73ZAf/woQlPC1ifcWC8xzFSS0OFfwzs3/wcDS8JG/UyP2vgKNbA
QhbFynb8LPtn4/Ww63Nlc5qdrmJzzcE4Xg3p6Q/3251y3cFaVqaUMVaNAECw57MF
9RAP1GDOEvG83tWG7v7aVq5rdoWh2hqiXnRnwcSvIcAV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org