Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/kKLKbYIeF0cYhXT8J0KbLdt__FU.roa
File: kKLKbYIeF0cYhXT8J0KbLdt__FU.roa (raw, json)
Hash identifier: uUEoglW7G4XEjpBNLclfQ/eKTwy40dr/dOEhkOC2KQ8=
Subject key identifier: 90:A2:CA:6D:82:1E:17:47:18:85:74:FC:27:42:9B:2D:DB:7F:FC:55
Certificate issuer: /CN=b011022187e3395a1524fa1a7541ea793285afc2
Certificate serial: 01857227C4C23F28DC55B6A0ABFE219FF227
Authority key identifier: B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/kKLKbYIeF0cYhXT8J0KbLdt__FU.roa
Signing time: Mon 02 Jan 2023 11:04:46 +0000
ROA not before: Mon 02 Jan 2023 11:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39308
IP address blocks: 46.21.80.0/20 maxlen: 20
185.56.96.0/22 maxlen: 24
176.12.64.0/20 maxlen: 20
109.109.32.0/19 maxlen: 19
89.144.128.0/18 maxlen: 20
89.144.130.0/24 maxlen: 24
109.109.48.0/24 maxlen: 24
159.20.96.0/20 maxlen: 20
2a00:1570::/32 maxlen: 64
Validation: Failed, certificate revoked on Wed 04 Jan 2023 09:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:c4:c2:3f:28:dc:55:b6:a0:ab:fe:21:9f:f2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b011022187e3395a1524fa1a7541ea793285afc2
Validity
Not Before: Jan 2 11:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90a2ca6d821e1747188574fc27429b2ddb7ffc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:9b:88:ba:91:79:34:4b:e5:92:5f:02:61:
7e:e4:e1:a3:23:ea:70:19:65:36:e1:40:8e:19:5e:
c0:33:53:fb:33:e0:38:2b:97:76:d4:e0:86:a0:19:
84:84:e8:1e:1a:e3:17:27:3e:f0:9b:97:60:6e:70:
85:50:3c:14:38:12:0d:22:2f:77:e6:7b:17:80:78:
b8:1f:ba:26:36:31:bb:e3:5e:58:dc:8f:25:85:1c:
f4:5c:0c:85:d1:f2:8a:dc:6b:55:6f:ce:da:c6:19:
9c:8a:cd:a0:b2:f6:2a:92:ea:5d:d8:76:21:5d:2a:
2e:a6:17:3f:a2:be:c4:c4:32:b0:51:cd:c5:c5:59:
72:16:2c:06:1b:2f:15:57:b5:fd:02:e5:09:db:36:
fe:cf:62:b1:98:3e:73:81:8e:43:be:b7:63:20:fc:
aa:e2:6e:c4:c9:8e:11:0c:e9:5f:47:99:d9:bf:86:
8f:85:74:59:16:1d:c8:a6:4d:42:57:78:2a:92:ae:
30:38:0d:da:e6:64:83:ab:03:e6:65:82:4f:eb:00:
5f:f9:21:b3:50:d0:df:da:5a:8f:6d:4f:68:59:a1:
da:63:b0:4a:d7:bf:f5:19:b3:af:85:d9:e6:f3:66:
7a:80:41:6f:c9:ac:02:54:bb:c7:6c:a4:ab:a9:5f:
38:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A2:CA:6D:82:1E:17:47:18:85:74:FC:27:42:9B:2D:DB:7F:FC:55
X509v3 Authority Key Identifier:
keyid:B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/kKLKbYIeF0cYhXT8J0KbLdt__FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.80.0/20
89.144.128.0/18
109.109.32.0/19
159.20.96.0/20
176.12.64.0/20
185.56.96.0/22
IPv6:
2a00:1570::/32
Signature Algorithm: sha256WithRSAEncryption
b5:02:e2:1e:20:c0:83:7c:c7:98:d5:e7:78:8d:cf:b1:e6:83:
a1:52:db:cc:73:2e:b3:50:76:e6:26:65:85:a9:21:49:e6:84:
13:bc:c9:67:a5:b3:b7:d1:bf:5d:c0:e5:ed:2a:60:54:50:ff:
c0:59:73:ee:8a:47:2f:93:42:1d:58:b1:b3:8e:94:42:8f:d3:
22:68:a0:e8:f2:54:ca:33:74:5d:c7:23:b0:b8:44:83:4c:cb:
73:17:12:69:72:65:09:6f:2c:7c:a2:6a:ea:94:ec:9e:35:0c:
0c:47:b3:fa:69:e4:08:8f:1c:c0:aa:a6:84:8e:21:0e:24:4d:
bf:a9:63:ac:af:e3:12:9d:81:83:08:00:46:9e:70:c9:98:bc:
f1:ef:44:21:0c:11:14:69:f2:d0:b6:16:0b:2e:c1:de:89:09:
2d:75:64:e6:8d:5c:cb:3c:37:3a:a3:44:0e:a4:30:0b:51:76:
27:78:8c:7d:05:f9:55:64:a1:e6:e9:16:0c:67:86:ea:e6:eb:
45:18:47:7a:f0:10:a6:92:6c:f3:5f:3e:32:3d:b0:18:04:c4:
9b:34:c2:79:86:fd:45:6e:9f:19:f7:56:18:be:9e:a1:2e:66:
bd:91:15:c3:15:21:6f:b4:24:39:a5:62:35:66:76:2c:e5:27:
de:03:10:19
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVyJ8TCPyjcVbagq/4hn/InMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMTEwMjIxODdlMzM5NWExNTI0ZmExYTc1NDFlYTc5MzI4
NWFmYzIwHhcNMjMwMTAyMTEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGEyY2E2ZDgyMWUxNzQ3MTg4NTc0ZmMyNzQyOWIyZGRiN2ZmYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupabiLqReTRL5ZJfAmF+5OGjI+pw
GWU24UCOGV7AM1P7M+A4K5d21OCGoBmEhOgeGuMXJz7wm5dgbnCFUDwUOBINIi93
5nsXgHi4H7omNjG7415Y3I8lhRz0XAyF0fKK3GtVb87axhmcis2gsvYqkupd2HYh
XSouphc/or7ExDKwUc3FxVlyFiwGGy8VV7X9AuUJ2zb+z2KxmD5zgY5DvrdjIPyq
4m7EyY4RDOlfR5nZv4aPhXRZFh3Ipk1CV3gqkq4wOA3a5mSDqwPmZYJP6wBf+SGz
UNDf2lqPbU9oWaHaY7BK17/1GbOvhdnm82Z6gEFvyawCVLvHbKSrqV84jQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJCiym2CHhdHGIV0/CdCmy3bf/xVMB8GA1UdIwQY
MBaAFLARAiGH4zlaFST6GnVB6nkyha/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAt
NTMzNGU2YjhjNWZlLzEva0tMS2JZSWVGMGNZaFhUOEowS2JMZHRfX0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAtNTMzNGU2YjhjNWZl
LzEvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQELhVQAwQG
WZCAAwQFbW0gAwQEnxRgAwQEsAxAAwQCuThgMA0EAgACMAcDBQAqABVwMA0GCSqG
SIb3DQEBCwUAA4IBAQC1AuIeIMCDfMeY1ed4jc+x5oOhUtvMcy6zUHbmJmWFqSFJ
5oQTvMlnpbO30b9dwOXtKmBUUP/AWXPuikcvk0IdWLGzjpRCj9MiaKDo8lTKM3Rd
xyOwuESDTMtzFxJpcmUJbyx8omrqlOyeNQwMR7P6aeQIjxzAqqaEjiEOJE2/qWOs
r+MSnYGDCABGnnDJmLzx70QhDBEUafLQthYLLsHeiQktdWTmjVzLPDc6o0QOpDAL
UXYneIx9BflVZKHm6RYMZ4bq5utFGEd68BCmkmzzXz4yPbAYBMSbNMJ5hv1Fbp8Z
91YYvp6hLma9kRXDFSFvtCQ5pWI1ZnYs5SfeAxAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:23 2024 by rpki-client on console-ams.rpki-client.org