Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/CKKF4xS_r6rqkpEAGePC2vTGu5Q.roa
File: CKKF4xS_r6rqkpEAGePC2vTGu5Q.roa (raw, json)
Hash identifier: SAqZ3AWvJHEnpBZqMrwPmw+EEOtBREY92JGfSyvpQCE=
Subject key identifier: 08:A2:85:E3:14:BF:AF:AA:EA:92:91:00:19:E3:C2:DA:F4:C6:BB:94
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C1BB4C7F3FEB34BA1156C678E782D0500
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/CKKF4xS_r6rqkpEAGePC2vTGu5Q.roa
Signing time: Wed 29 Nov 2023 15:31:21 +0000
ROA not before: Wed 29 Nov 2023 15:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204402
IP address blocks: 45.157.200.0/24 maxlen: 24
45.157.201.0/24 maxlen: 24
45.152.10.0/24 maxlen: 24
45.152.38.0/24 maxlen: 24
45.159.192.0/24 maxlen: 24
45.152.39.0/24 maxlen: 24
45.159.193.0/24 maxlen: 24
45.159.194.0/24 maxlen: 24
2a0b:3c40:24::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:b4:c7:f3:fe:b3:4b:a1:15:6c:67:8e:78:2d:05:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Nov 29 15:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08a285e314bfafaaea92910019e3c2daf4c6bb94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:30:21:4b:5d:9c:ef:f4:de:94:e7:9b:40:9e:
c0:0e:e4:b5:2c:29:0f:16:c2:6e:aa:a4:1d:75:3c:
67:bb:e8:80:53:2b:55:b5:30:f9:22:81:e1:e2:d4:
45:5c:f3:0a:0c:ab:80:7f:a9:cf:eb:0f:7c:b7:fe:
14:b3:1c:d2:03:52:69:41:a2:cd:cc:88:c8:6d:b3:
67:84:bb:9a:51:e5:43:f9:37:c8:9d:37:8b:b4:8a:
aa:80:c6:e5:34:2f:9f:43:ec:4a:95:30:5c:53:d2:
ca:8f:a7:14:22:e9:09:12:95:5c:60:03:60:82:31:
40:76:f4:ef:2b:0e:e9:18:01:00:7e:cd:d1:97:79:
57:58:d2:3f:a5:0f:0a:ae:e5:a8:a5:ee:07:32:23:
de:3d:4f:36:33:fd:27:a2:e5:85:72:10:f9:ee:71:
8d:ac:74:86:18:11:57:df:1d:10:9a:7f:74:ab:5f:
f5:7d:34:d7:d1:f5:27:22:d5:4c:7b:6b:02:9f:c8:
24:15:d9:47:1f:e1:be:52:fe:fb:3c:56:ca:2a:c5:
b2:e0:f0:b6:e3:33:28:7b:a9:6d:89:b7:02:1c:a5:
32:71:11:15:a8:7f:6f:e9:29:6b:15:82:55:c6:5f:
b7:af:3f:98:d0:b8:ff:ee:2a:af:54:83:ec:d9:3f:
b3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A2:85:E3:14:BF:AF:AA:EA:92:91:00:19:E3:C2:DA:F4:C6:BB:94
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/CKKF4xS_r6rqkpEAGePC2vTGu5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.10.0/24
45.152.38.0/23
45.157.200.0/23
45.159.192.0-45.159.194.255
IPv6:
2a0b:3c40:24::/48
Signature Algorithm: sha256WithRSAEncryption
53:0c:82:a9:6f:50:b1:a6:7b:96:52:9e:ae:67:64:c4:ca:e1:
2d:91:3b:6f:78:06:7e:5f:50:3d:f5:56:05:c4:e8:4d:b9:0f:
79:c6:a1:48:bb:a2:42:c8:70:73:cb:06:23:d0:2c:d8:97:59:
fe:8d:be:a5:44:4a:a7:90:25:d4:ac:25:97:98:da:e2:77:77:
ec:29:72:f7:d1:20:7c:3b:01:60:02:21:cf:8b:50:f9:fc:35:
82:4a:4d:06:fc:22:24:27:45:d4:77:85:22:5f:60:7e:e8:73:
09:c7:6b:12:80:d1:4e:c7:33:71:17:e3:c6:64:6e:79:64:d7:
e8:06:2c:44:6e:66:1b:04:4b:a3:d9:d3:63:cf:33:2d:25:e5:
a3:94:c7:ec:e1:b9:5f:f9:2a:48:88:c3:9d:e0:49:75:e7:7c:
7d:d1:08:fb:d3:bf:53:97:f5:68:60:40:7e:18:35:b9:4f:70:
d5:f8:b6:bb:42:1d:70:8c:a7:76:43:3b:33:4d:5f:87:6f:89:
d0:f2:2b:53:7c:9f:58:4b:73:be:84:e5:32:4c:c7:d1:ae:ee:
d0:57:46:7d:35:8e:27:5f:2e:7e:4b:2b:0e:43:05:d0:84:57:
06:a1:03:a2:fd:72:d1:7d:5c:d1:fa:0f:06:b8:9c:3f:de:d0:
f0:94:19:f6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYwbtMfz/rNLoRVsZ454LQUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMTI5MTUzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGEyODVlMzE0YmZhZmFhZWE5MjkxMDAxOWUzYzJkYWY0YzZiYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzAhS12c7/TelOebQJ7ADuS1LCkP
FsJuqqQddTxnu+iAUytVtTD5IoHh4tRFXPMKDKuAf6nP6w98t/4UsxzSA1JpQaLN
zIjIbbNnhLuaUeVD+TfInTeLtIqqgMblNC+fQ+xKlTBcU9LKj6cUIukJEpVcYANg
gjFAdvTvKw7pGAEAfs3Rl3lXWNI/pQ8KruWope4HMiPePU82M/0nouWFchD57nGN
rHSGGBFX3x0Qmn90q1/1fTTX0fUnItVMe2sCn8gkFdlHH+G+Uv77PFbKKsWy4PC2
4zMoe6ltibcCHKUycREVqH9v6SlrFYJVxl+3rz+Y0Lj/7iqvVIPs2T+zMQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAiiheMUv6+q6pKRABnjwtr0xruUMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvQ0tLRjR4U19yNnJxa3BFQUdlUEMydlRHdTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQALZgKAwQB
LZgmAwQBLZ3IMAwDBAYtn8ADBAAtn8IwDwQCAAIwCQMHACoLPEAAJDANBgkqhkiG
9w0BAQsFAAOCAQEAUwyCqW9QsaZ7llKermdkxMrhLZE7b3gGfl9QPfVWBcToTbkP
ecahSLuiQshwc8sGI9As2JdZ/o2+pURKp5Al1Kwll5ja4nd37Cly99EgfDsBYAIh
z4tQ+fw1gkpNBvwiJCdF1HeFIl9gfuhzCcdrEoDRTsczcRfjxmRueWTX6AYsRG5m
GwRLo9nTY88zLSXlo5TH7OG5X/kqSIjDneBJded8fdEI+9O/U5f1aGBAfhg1uU9w
1fi2u0IdcIyndkM7M01fh2+J0PIrU3yfWEtzvoTlMkzH0a7u0FdGfTWOJ18ufksr
DkMF0IRXBqEDov1y0X1c0foPBricP97Q8JQZ9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org