Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/KhWEAXqnps8dKYsG-VcTtKBqen8.roa
File: KhWEAXqnps8dKYsG-VcTtKBqen8.roa (raw, json)
Hash identifier: /Aemo5ERxXvNgIVn7QtiFKIy6H7clntdOm2wx5rHd7Y=
Subject key identifier: 2A:15:84:01:7A:A7:A6:CF:1D:29:8B:06:F9:57:13:B4:A0:6A:7A:7F
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 018FF4A9EBDA08736A057D6176124124A2E8
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/KhWEAXqnps8dKYsG-VcTtKBqen8.roa
Signing time: Fri 07 Jun 2024 21:45:27 +0000
ROA not before: Fri 07 Jun 2024 21:45:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 45.83.200.0/22 maxlen: 22
185.114.158.0/24 maxlen: 24
185.114.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 12:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f4:a9:eb:da:08:73:6a:05:7d:61:76:12:41:24:a2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jun 7 21:45:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a1584017aa7a6cf1d298b06f95713b4a06a7a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e3:10:33:43:59:e4:d3:00:73:b9:00:ec:5b:
14:0e:8f:85:5c:5b:50:d9:9f:ce:88:1f:fe:78:f1:
cc:ad:4a:e9:eb:85:19:54:50:d3:94:6a:98:54:13:
0c:4e:42:09:a6:66:d1:e4:fc:60:ae:56:11:fe:91:
5b:27:e3:71:e3:09:ff:cb:d4:ed:23:36:21:b2:37:
2e:e6:b9:33:42:55:2b:07:ce:9b:5c:f4:6b:7e:50:
23:ef:e9:8b:ed:eb:4c:d3:cf:ec:b3:a4:b2:5e:b4:
22:e5:b7:32:f3:0a:60:ca:ba:4f:33:7d:39:a1:e4:
fa:4f:d9:84:45:37:0b:73:a6:53:2d:ec:7b:c2:35:
30:ef:6d:a8:71:82:4c:e3:91:b8:42:58:88:7d:86:
58:d5:b3:99:42:39:8a:65:b7:e0:62:c1:ad:19:0f:
74:c6:e7:cd:58:e9:c8:56:9b:34:7d:af:78:ee:90:
b0:b1:fe:a0:c0:59:80:a2:d1:c6:66:6a:c3:b8:be:
d2:58:da:57:06:55:69:78:49:c3:84:ec:ad:4d:e1:
d6:76:e6:aa:62:fc:3b:bc:37:21:76:9e:20:b7:b4:
52:54:9b:13:77:f1:98:5b:93:d5:2a:67:82:c5:2b:
48:ff:85:56:41:67:ed:a5:86:8e:f6:7a:d3:63:56:
86:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:15:84:01:7A:A7:A6:CF:1D:29:8B:06:F9:57:13:B4:A0:6A:7A:7F
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/KhWEAXqnps8dKYsG-VcTtKBqen8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.200.0/22
185.114.158.0/23
Signature Algorithm: sha256WithRSAEncryption
48:ad:ee:47:82:06:5e:2a:35:f3:23:f9:33:98:50:3d:90:6b:
79:6c:19:c2:1f:f1:81:c4:dd:1d:53:88:3e:d7:e4:31:4b:bc:
61:a4:77:a9:60:ef:66:01:7f:bb:ab:3a:7b:32:b7:c3:f0:47:
a0:3d:dd:0f:1e:73:4c:dc:c1:cf:4c:6c:9d:8b:75:fa:09:98:
79:5a:02:a3:a4:6e:80:4b:5e:4a:00:f9:b2:7e:c7:d7:0c:00:
29:1b:40:15:f6:fa:5b:3f:71:85:89:e8:77:f7:db:77:8e:0f:
61:ec:00:f2:73:61:88:bd:5c:88:7d:42:ec:8b:42:e8:4a:86:
3b:94:3f:48:13:89:7e:91:6d:a1:08:00:3e:8c:9c:5c:2c:c5:
05:a3:37:89:a9:81:c5:96:4e:4b:57:22:d9:80:4c:29:45:16:
c9:23:52:49:67:c2:71:fd:f8:2a:09:5b:2c:62:b9:a4:46:98:
f4:5b:f7:47:9e:98:9b:5b:b5:59:fa:93:77:f6:83:5e:0b:bb:
c5:b1:e0:29:4c:f3:47:cb:e0:65:23:ff:0c:5f:5c:f1:21:af:
c8:34:01:05:7a:54:5d:53:7d:2e:46:50:d3:3c:82:21:46:98:
c0:55:4b:45:5e:b1:1d:97:bb:52:70:8d:5b:ad:b0:41:68:41:
a6:ca:5c:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/0qevaCHNqBX1hdhJBJKLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwNjA3MjE0NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE1ODQwMTdhYTdhNmNmMWQyOThiMDZmOTU3MTNiNGEwNmE3YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOMQM0NZ5NMAc7kA7FsUDo+FXFtQ
2Z/OiB/+ePHMrUrp64UZVFDTlGqYVBMMTkIJpmbR5PxgrlYR/pFbJ+Nx4wn/y9Tt
IzYhsjcu5rkzQlUrB86bXPRrflAj7+mL7etM08/ss6SyXrQi5bcy8wpgyrpPM305
oeT6T9mERTcLc6ZTLex7wjUw722ocYJM45G4QliIfYZY1bOZQjmKZbfgYsGtGQ90
xufNWOnIVps0fa947pCwsf6gwFmAotHGZmrDuL7SWNpXBlVpeEnDhOytTeHWduaq
Yvw7vDchdp4gt7RSVJsTd/GYW5PVKmeCxStI/4VWQWftpYaO9nrTY1aG+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCoVhAF6p6bPHSmLBvlXE7Sganp/MB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvS2hXRUFYcW5wczhkS1lzRy1WY1R0S0JxZW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVPIAwQB
uXKeMA0GCSqGSIb3DQEBCwUAA4IBAQBIre5HggZeKjXzI/kzmFA9kGt5bBnCH/GB
xN0dU4g+1+QxS7xhpHepYO9mAX+7qzp7MrfD8EegPd0PHnNM3MHPTGydi3X6CZh5
WgKjpG6AS15KAPmyfsfXDAApG0AV9vpbP3GFieh399t3jg9h7ADyc2GIvVyIfULs
i0LoSoY7lD9IE4l+kW2hCAA+jJxcLMUFozeJqYHFlk5LVyLZgEwpRRbJI1JJZ8Jx
/fgqCVssYrmkRpj0W/dHnpibW7VZ+pN39oNeC7vFseApTPNHy+BlI/8MX1zxIa/I
NAEFelRdU30uRlDTPIIhRpjAVUtFXrEdl7tScI1brbBBaEGmylxx
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:28 2024 by rpki-client on console-ams.rpki-client.org