Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/krx9zSFvjIBkp0LUlfpQoGX07oo.roa
File: krx9zSFvjIBkp0LUlfpQoGX07oo.roa (raw, json)
Hash identifier: sqK1FgR7iY23mkNMCtezMKIpO5ZXWtkEleqMoKzH1Rs=
Subject key identifier: 92:BC:7D:CD:21:6F:8C:80:64:A7:42:D4:95:FA:50:A0:65:F4:EE:8A
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018AFA5AEEEDD88EF1A5DAF04C8C4EDB2644
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/krx9zSFvjIBkp0LUlfpQoGX07oo.roa
Signing time: Wed 04 Oct 2023 11:02:57 +0000
ROA not before: Wed 04 Oct 2023 11:02:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.92.0/24 maxlen: 24
45.66.94.0/23 maxlen: 23
37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
192.145.53.0/24 maxlen: 24
192.145.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 12:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:5a:ee:ed:d8:8e:f1:a5:da:f0:4c:8c:4e:db:26:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Oct 4 11:02:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92bc7dcd216f8c8064a742d495fa50a065f4ee8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e7:53:d5:4b:08:8e:1d:74:95:f3:11:1f:b9:
f9:f6:23:10:0b:ea:b5:e2:df:25:57:d3:4b:fa:89:
42:6e:fa:06:ec:d2:17:e6:53:5f:93:b7:b5:a5:cd:
0c:47:81:56:3e:23:34:02:4c:69:1a:5c:a4:5b:77:
93:2f:6e:ae:2f:c6:16:ff:21:7f:97:1b:a3:74:84:
d8:cd:b0:47:76:0a:f0:e9:31:02:af:1a:c5:a3:a0:
e1:ba:33:12:fe:25:cf:5f:42:24:e9:10:0e:50:9a:
41:a7:d9:5d:f4:fb:eb:68:77:c8:67:17:bf:36:0a:
a0:86:a4:13:72:5a:c6:01:0a:2b:6d:c0:33:11:52:
a6:cb:70:99:3d:ad:ec:b6:f6:01:bc:45:40:94:60:
3b:2c:90:59:76:5d:47:e4:1f:de:b7:5b:95:1d:a3:
d3:df:d7:d3:0c:c9:94:e1:9b:a6:db:f2:08:5f:a4:
17:81:11:bb:b6:2a:c1:4c:ab:4d:62:45:53:ab:d5:
fd:55:28:ba:92:52:6d:4d:7d:d6:57:7d:5f:0b:d8:
91:ef:28:1c:3f:54:82:96:70:cb:bf:71:78:6c:1e:
b8:ee:96:bb:e4:4e:32:02:a1:e6:4c:cc:1d:95:d2:
3b:da:0b:5f:ca:d0:5e:7e:dd:f3:78:43:d4:9c:79:
b1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BC:7D:CD:21:6F:8C:80:64:A7:42:D4:95:FA:50:A0:65:F4:EE:8A
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/krx9zSFvjIBkp0LUlfpQoGX07oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/24
45.66.94.0/23
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:f3:9a:e1:49:56:be:f2:28:c7:d0:b7:07:a0:cc:22:7f:c5:
35:bb:7b:73:5b:a7:c0:6f:6c:fc:63:42:5f:fc:5f:f7:cb:1e:
3b:7a:b0:dd:62:ea:86:5c:b4:b7:5e:8f:59:f0:63:bc:20:57:
07:75:e0:05:40:25:97:72:70:91:38:fb:18:4a:44:c3:a7:45:
a9:60:39:67:7e:92:42:14:bc:d0:41:ce:e4:32:af:03:5f:de:
b5:b7:03:34:45:4c:76:34:3c:ab:6c:13:27:e2:f3:81:23:5c:
73:77:f0:ff:c8:47:00:cc:c7:d7:bc:a8:52:52:8a:fc:b9:b8:
fc:38:22:0a:7e:7e:0d:eb:d3:c4:bd:af:5c:77:84:b6:ab:64:
57:fc:bd:7d:a2:f6:83:65:4d:20:a4:6e:3c:f9:9d:3b:a3:d9:
60:76:7b:73:fe:cc:d6:d0:b2:d9:15:30:08:a3:df:ef:0f:e5:
a0:b8:0f:2d:c2:7b:77:aa:a4:e7:c3:5d:93:9c:55:10:16:25:
5b:47:ca:bd:60:e7:b0:f5:d5:90:1c:c0:e8:9d:a7:5f:4a:96:
c7:da:c1:a6:b5:50:2c:0f:c1:56:14:bb:cf:02:58:4e:4f:d4:
78:35:87:49:5c:5d:ec:60:a9:57:c0:19:c1:09:07:65:23:86:
fc:0b:57:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr6Wu7t2I7xpdrwTIxO2yZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMxMDA0MTEwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmJjN2RjZDIxNmY4YzgwNjRhNzQyZDQ5NWZhNTBhMDY1ZjRlZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkudT1UsIjh10lfMRH7n59iMQC+q1
4t8lV9NL+olCbvoG7NIX5lNfk7e1pc0MR4FWPiM0AkxpGlykW3eTL26uL8YW/yF/
lxujdITYzbBHdgrw6TECrxrFo6DhujMS/iXPX0Ik6RAOUJpBp9ld9PvraHfIZxe/
NgqghqQTclrGAQorbcAzEVKmy3CZPa3stvYBvEVAlGA7LJBZdl1H5B/et1uVHaPT
39fTDMmU4Zum2/IIX6QXgRG7tirBTKtNYkVTq9X9VSi6klJtTX3WV31fC9iR7ygc
P1SClnDLv3F4bB647pa75E4yAqHmTMwdldI72gtfytBeft3zeEPUnHmxKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJK8fc0hb4yAZKdC1JX6UKBl9O6KMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEva3J4OXpTRnZqSUJrcDBMVWxmcFFvR1gwN29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJSzkAwQA
LUJcAwQBLUJeAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQBq85rhSVa+8ijH0LcH
oMwif8U1u3tzW6fAb2z8Y0Jf/F/3yx47erDdYuqGXLS3Xo9Z8GO8IFcHdeAFQCWX
cnCROPsYSkTDp0WpYDlnfpJCFLzQQc7kMq8DX961twM0RUx2NDyrbBMn4vOBI1xz
d/D/yEcAzMfXvKhSUor8ubj8OCIKfn4N69PEva9cd4S2q2RX/L19ovaDZU0gpG48
+Z07o9lgdntz/szW0LLZFTAIo9/vD+WguA8twnt3qqTnw12TnFUQFiVbR8q9YOew
9dWQHMDonadfSpbH2sGmtVAsD8FWFLvPAlhOT9R4NYdJXF3sYKlXwBnBCQdlI4b8
C1dW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org