Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1KunBuXvVFSQinvjy-HYv1giZ9o.roa
File: 1KunBuXvVFSQinvjy-HYv1giZ9o.roa (raw, json)
Hash identifier: RJAzaoaI0HK3X1MMhUrZjMonxvTDYm9MhjLyO7lsWqA=
Subject key identifier: D4:AB:A7:06:E5:EF:54:54:90:8A:7B:E3:CB:E1:D8:BF:58:22:67:DA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FEDF8FA3D806CB332DED47D3A7E1E061C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1KunBuXvVFSQinvjy-HYv1giZ9o.roa
Signing time: Thu 06 Jun 2024 14:34:27 +0000
ROA not before: Thu 06 Jun 2024 14:34:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 45.66.229.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:38:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:f8:fa:3d:80:6c:b3:32:de:d4:7d:3a:7e:1e:06:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 6 14:34:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4aba706e5ef5454908a7be3cbe1d8bf582267da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:02:e1:60:79:63:0a:cc:61:bf:21:45:cb:60:
d4:4a:a0:ea:f3:ed:1f:f5:fe:50:8b:9a:26:5f:10:
b7:2b:49:d5:68:a6:9f:6c:52:18:c4:69:61:29:74:
6a:7a:7c:a4:4f:60:67:4d:f2:9d:75:c9:0f:8d:ac:
cb:4a:ef:85:5a:ad:b5:7b:a2:cf:90:60:2b:4c:f3:
3a:32:e5:58:0c:27:c9:0d:0e:20:19:ba:55:bd:58:
4c:9f:a1:c4:4a:d1:33:c3:a1:8b:93:ae:dc:fe:88:
12:ab:86:94:58:58:2e:e6:fe:c8:52:c1:6b:07:7a:
70:4c:97:a7:cd:46:a1:4f:7c:e4:b2:b6:f8:ae:16:
7c:49:da:c7:2a:76:c9:14:f4:e3:59:6d:2a:d0:43:
1b:44:8d:ca:db:2a:09:7e:02:71:38:30:ce:cd:da:
53:c7:5a:da:43:15:f4:b5:d2:8c:de:09:a7:be:a4:
a5:67:88:da:fd:f5:3c:00:cd:95:1d:a6:6b:88:58:
77:d7:26:06:db:45:18:1b:a3:ee:fd:42:11:53:be:
7d:e9:25:b2:54:cc:29:04:3c:91:06:12:65:bd:17:
78:ff:7c:ca:2d:7a:31:5a:0e:47:84:ee:99:02:9f:
43:6a:d0:16:88:a0:ae:c6:b6:c8:48:62:dc:76:06:
d6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AB:A7:06:E5:EF:54:54:90:8A:7B:E3:CB:E1:D8:BF:58:22:67:DA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1KunBuXvVFSQinvjy-HYv1giZ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
84.21.173.0/24
185.222.160.0/24
Signature Algorithm: sha256WithRSAEncryption
09:8f:97:02:bd:5f:f9:f8:58:8f:d8:d8:0b:9c:0a:11:7a:e1:
12:d7:09:9e:63:c5:bc:2e:54:54:37:52:5b:b0:b3:e0:fb:ba:
fe:15:07:dc:b2:70:db:c6:8a:fd:7c:54:d6:de:43:15:f9:ca:
72:63:d6:db:ba:20:80:4b:d7:f9:9a:6f:ab:c9:9e:5c:21:fd:
ff:cd:11:56:82:17:df:45:a3:51:4e:e6:2b:6e:b0:32:65:da:
73:1f:c0:64:08:4d:db:e5:d5:f0:37:53:5c:7c:ba:da:4d:5f:
1b:e0:be:62:5f:ee:89:69:f0:19:6b:3f:8a:3d:c5:bb:c1:4e:
48:64:3a:7a:8f:61:9b:7a:ab:70:9f:f0:2d:37:cc:63:4f:61:
58:96:b0:9e:36:99:65:2c:6b:c0:fd:a1:5f:e4:0e:6e:f9:8e:
3c:55:52:b2:35:cd:9f:cd:e9:b8:a0:f1:6c:11:6e:86:33:4c:
64:08:f8:a8:ec:e5:0f:c7:76:7f:8d:29:32:b9:80:28:62:37:
6b:b8:df:d2:bb:8a:c5:aa:34:0f:fd:3e:cf:7f:12:2c:88:06:
34:f1:1c:a8:b5:91:c7:9b:0c:44:ac:e4:38:c8:77:fd:d5:63:
95:09:d6:5e:c3:64:85:84:a0:fa:9b:ac:78:9c:1b:06:5d:aa:
5c:ba:59:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/t+Po9gGyzMt7UfTp+HgYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjA2MTQzNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFiYTcwNmU1ZWY1NDU0OTA4YTdiZTNjYmUxZDhiZjU4MjI2N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArALhYHljCsxhvyFFy2DUSqDq8+0f
9f5Qi5omXxC3K0nVaKafbFIYxGlhKXRqenykT2BnTfKddckPjazLSu+FWq21e6LP
kGArTPM6MuVYDCfJDQ4gGbpVvVhMn6HEStEzw6GLk67c/ogSq4aUWFgu5v7IUsFr
B3pwTJenzUahT3zksrb4rhZ8SdrHKnbJFPTjWW0q0EMbRI3K2yoJfgJxODDOzdpT
x1raQxX0tdKM3gmnvqSlZ4ja/fU8AM2VHaZriFh31yYG20UYG6Pu/UIRU7596SWy
VMwpBDyRBhJlvRd4/3zKLXoxWg5HhO6ZAp9DatAWiKCuxrbISGLcdgbW4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNSrpwbl71RUkIp748vh2L9YImfaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMUt1bkJ1WHZWRlNRaW52anktSFl2MWdpWjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALULlAwQA
VBWtAwQAud6gMA0GCSqGSIb3DQEBCwUAA4IBAQAJj5cCvV/5+FiP2NgLnAoReuES
1wmeY8W8LlRUN1JbsLPg+7r+FQfcsnDbxor9fFTW3kMV+cpyY9bbuiCAS9f5mm+r
yZ5cIf3/zRFWghffRaNRTuYrbrAyZdpzH8BkCE3b5dXwN1NcfLraTV8b4L5iX+6J
afAZaz+KPcW7wU5IZDp6j2Gbeqtwn/AtN8xjT2FYlrCeNpllLGvA/aFf5A5u+Y48
VVKyNc2fzem4oPFsEW6GM0xkCPio7OUPx3Z/jSkyuYAoYjdruN/Su4rFqjQP/T7P
fxIsiAY08RyotZHHmwxErOQ4yHf91WOVCdZew2SFhKD6m6x4nBsGXapculkh
-----END CERTIFICATE-----
Generated at Tue Jun 11 10:55:56 2024 by rpki-client on console-fra.rpki-client.org