Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/knIikaHE2HoJYV8VA1sl1Y8REpA.roa
File: knIikaHE2HoJYV8VA1sl1Y8REpA.roa (raw, json)
Hash identifier: 4V5Pn/htOQxfYTmRQ09UDgyOru7IBrCjRZYs3YDccdI=
Subject key identifier: 92:72:22:91:A1:C4:D8:7A:09:61:5F:15:03:5B:25:D5:8F:11:12:90
Certificate issuer: /CN=c7e9c7aa534b1300bf724fff0f0c1b0519d505bb
Certificate serial: 018572FA5EF0527FCDE4969DC9AB15558C3A
Authority key identifier: C7:E9:C7:AA:53:4B:13:00:BF:72:4F:FF:0F:0C:1B:05:19:D5:05:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-nHqlNLEwC_ck__DwwbBRnVBbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/knIikaHE2HoJYV8VA1sl1Y8REpA.roa
Signing time: Mon 02 Jan 2023 14:54:48 +0000
ROA not before: Mon 02 Jan 2023 14:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32338
IP address blocks: 185.213.88.0/22 maxlen: 24
45.84.30.0/24 maxlen: 24
45.84.28.0/23 maxlen: 23
185.149.132.0/23 maxlen: 23
185.149.134.0/23 maxlen: 23
185.73.220.0/22 maxlen: 24
2a0b:85c0::/29 maxlen: 32
2a05:44c0::/29 maxlen: 32
2a0e:9480::/29 maxlen: 32
2a07:68c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 May 2023 13:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5e:f0:52:7f:cd:e4:96:9d:c9:ab:15:55:8c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7e9c7aa534b1300bf724fff0f0c1b0519d505bb
Validity
Not Before: Jan 2 14:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92722291a1c4d87a09615f15035b25d58f111290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:14:fb:c4:19:53:7a:80:fa:e2:0f:41:04:
d3:e6:9e:fb:a6:b5:26:27:bc:b8:dd:72:ad:bc:53:
27:f7:d1:40:79:c9:69:ef:98:6f:3f:a5:49:41:38:
f7:75:30:2a:45:98:18:db:8b:3d:db:90:c8:42:e7:
8b:d4:4c:7a:cc:74:d0:65:3b:f1:f0:5a:0d:2d:7a:
04:26:f2:c4:06:cf:3a:fa:0d:60:77:a2:25:02:af:
e8:cd:f7:24:31:09:91:13:58:1a:3c:c8:48:b6:60:
2d:43:1c:f7:51:fb:7d:f1:b5:73:01:ee:bb:0f:a6:
62:d4:fd:28:c6:48:7b:56:4f:ab:b7:2b:c1:65:f3:
01:c1:16:a4:be:2e:ea:16:83:f2:56:9c:59:cc:2d:
36:ce:f7:c1:c9:49:90:77:b4:bd:f3:f3:78:64:67:
04:61:0b:37:33:87:92:f3:5c:b5:d5:b2:ce:97:e2:
fa:34:66:4a:5f:8f:f9:b1:33:88:49:dd:95:f5:6a:
67:50:f2:76:55:39:f0:17:c8:06:8e:b5:c1:53:ba:
f1:08:d4:33:8b:21:dd:c8:09:e2:30:39:f8:dc:d4:
1d:e7:c4:62:e8:81:7a:67:33:db:1a:ad:58:e8:73:
c2:34:90:f0:a8:10:0c:41:1c:fc:73:9b:b5:8a:a1:
07:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:72:22:91:A1:C4:D8:7A:09:61:5F:15:03:5B:25:D5:8F:11:12:90
X509v3 Authority Key Identifier:
keyid:C7:E9:C7:AA:53:4B:13:00:BF:72:4F:FF:0F:0C:1B:05:19:D5:05:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-nHqlNLEwC_ck__DwwbBRnVBbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/knIikaHE2HoJYV8VA1sl1Y8REpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/x-nHqlNLEwC_ck__DwwbBRnVBbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.28.0-45.84.30.255
185.73.220.0/22
185.149.132.0/22
185.213.88.0/22
IPv6:
2a05:44c0::/29
2a07:68c0::/29
2a0b:85c0::/29
2a0e:9480::/29
Signature Algorithm: sha256WithRSAEncryption
64:6b:02:90:df:b5:b4:5a:ac:d6:ee:40:c9:6f:9c:66:4a:33:
04:a3:01:da:3e:07:51:e6:5d:71:22:e2:db:32:8f:c1:ab:cd:
67:43:e5:01:e5:5c:fb:38:06:64:98:83:e3:7a:97:66:dd:94:
56:b5:3c:b0:27:6b:d3:89:81:14:5c:5f:e8:a6:45:bf:6b:2c:
f7:6f:67:43:44:ce:ee:09:bb:f9:dd:d5:ef:f1:e7:25:70:0a:
26:3f:e6:6b:9d:17:99:f4:5c:e9:05:2f:ec:bd:f4:83:ba:63:
c7:f3:08:9b:91:39:15:37:25:05:78:95:49:59:f6:a5:a9:c9:
49:eb:7d:39:e2:a3:19:5a:b7:aa:59:77:6c:ad:7d:10:dd:80:
a2:b7:9b:6a:75:33:8f:9d:3f:2f:da:11:92:6a:8b:dc:55:ef:
0c:f6:79:3e:9b:7e:39:30:5f:8a:e9:c6:c6:70:cb:5a:cc:fd:
f7:c7:b6:a7:8c:18:63:01:37:35:4c:7c:b5:48:ed:db:9e:2f:
4d:bb:02:44:05:67:f3:b6:11:db:33:41:41:0b:19:63:9f:dc:
68:59:30:b7:a3:d7:57:4c:70:de:92:e6:91:5f:d7:18:00:e6:
61:ab:18:2b:4c:e6:3b:af:04:17:99:78:44:fc:e4:03:3b:da:
3d:17:fe:33
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYVy+l7wUn/N5JadyasVVYw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZTljN2FhNTM0YjEzMDBiZjcyNGZmZjBmMGMxYjA1MTlk
NTA1YmIwHhcNMjMwMTAyMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjcyMjI5MWExYzRkODdhMDk2MTVmMTUwMzViMjVkNThmMTExMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf4U+8QZU3qA+uIPQQTT5p77prUm
J7y43XKtvFMn99FAeclp75hvP6VJQTj3dTAqRZgY24s925DIQueL1Ex6zHTQZTvx
8FoNLXoEJvLEBs86+g1gd6IlAq/ozfckMQmRE1gaPMhItmAtQxz3Uft98bVzAe67
D6Zi1P0oxkh7Vk+rtyvBZfMBwRakvi7qFoPyVpxZzC02zvfByUmQd7S98/N4ZGcE
YQs3M4eS81y11bLOl+L6NGZKX4/5sTOISd2V9WpnUPJ2VTnwF8gGjrXBU7rxCNQz
iyHdyAniMDn43NQd58Ri6IF6ZzPbGq1Y6HPCNJDwqBAMQRz8c5u1iqEH0QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJJyIpGhxNh6CWFfFQNbJdWPERKQMB8GA1UdIwQY
MBaAFMfpx6pTSxMAv3JP/w8MGwUZ1QW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC1uSHFsTkxFd0NfY2tfX0R3d2JCUm5WQmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC81MGFiZWYtMzc0Yy00ZWE2LWI3ZDQt
Y2U1MDA4MjdmZjdmLzEva25JaWthSEUySG9KWVY4VkExc2wxWThSRXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC81MGFiZWYtMzc0Yy00ZWE2LWI3ZDQtY2U1MDA4MjdmZjdm
LzEveC1uSHFsTkxFd0NfY2tfX0R3d2JCUm5WQmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAmBAIAATAgMAwDBAItVBwD
BAAtVB4DBAK5SdwDBAK5lYQDBAK51VgwIgQCAAIwHAMFAyoFRMADBQMqB2jAAwUD
KguFwAMFAyoOlIAwDQYJKoZIhvcNAQELBQADggEBAGRrApDftbRarNbuQMlvnGZK
MwSjAdo+B1HmXXEi4tsyj8GrzWdD5QHlXPs4BmSYg+N6l2bdlFa1PLAna9OJgRRc
X+imRb9rLPdvZ0NEzu4Ju/nd1e/x5yVwCiY/5mudF5n0XOkFL+y99IO6Y8fzCJuR
ORU3JQV4lUlZ9qWpyUnrfTnioxlat6pZd2ytfRDdgKK3m2p1M4+dPy/aEZJqi9xV
7wz2eT6bfjkwX4rpxsZwy1rM/ffHtqeMGGMBNzVMfLVI7dueL027AkQFZ/O2Edsz
QUELGWOf3GhZMLej11dMcN6S5pFf1xgA5mGrGCtM5juvBBeZeET85AM72j0X/jM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:04 2024 by rpki-client on console-ams.rpki-client.org