Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kQJVPghRXN8hzPA7ae1GFgQrra0.roa
File: kQJVPghRXN8hzPA7ae1GFgQrra0.roa (raw, json)
Hash identifier: IkU2DzjDGunjfAffHLlcL1qpE8e/4mRyuzw6PO8UUsw=
Subject key identifier: 91:02:55:3E:08:51:5C:DF:21:CC:F0:3B:69:ED:46:16:04:2B:AD:AD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019082CF3F03528CCBADB65280D91766458D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kQJVPghRXN8hzPA7ae1GFgQrra0.roa
Signing time: Fri 05 Jul 2024 12:12:18 +0000
ROA not before: Fri 05 Jul 2024 12:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 45.151.3.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
2a07:9200::/32 maxlen: 32
2a07:9205::/32 maxlen: 32
2a0c:a582::/32 maxlen: 32
2a0c:a583::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 Jul 2024 15:38:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:cf:3f:03:52:8c:cb:ad:b6:52:80:d9:17:66:45:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 5 12:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9102553e08515cdf21ccf03b69ed4616042badad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f4:e9:24:fe:76:dd:01:16:85:bc:00:d3:a3:
a2:bd:81:d0:14:60:37:3e:3e:f4:10:e6:99:71:15:
e5:e0:35:70:3e:15:80:51:49:e4:88:99:94:95:69:
45:c0:e7:86:ea:35:4e:8b:f7:54:76:90:5f:3d:a1:
1f:16:da:79:b6:ed:48:3b:fc:5b:18:fb:d5:4e:67:
68:49:e5:5d:de:e3:a9:0e:34:69:5d:bd:ab:8a:3d:
a0:72:d9:31:2d:7e:c1:f7:d8:84:ad:c6:30:de:48:
ff:ea:d4:c4:eb:ec:ab:14:5c:de:1c:3b:90:17:f8:
9b:5b:5c:b9:88:c6:18:f6:4b:dd:3f:d7:c2:de:41:
d6:0f:de:f0:cb:39:41:4b:e7:73:e0:f6:f0:9a:b0:
da:d4:31:17:d3:be:f0:0e:46:d2:82:09:cf:fc:6c:
5d:85:74:3b:13:3d:9a:fa:58:00:44:36:bc:e2:66:
73:a5:45:dc:33:30:c0:49:d1:83:8f:17:e0:fa:e8:
9a:7e:1c:51:43:d5:3d:57:fe:4e:65:75:3d:ce:7a:
80:cc:ae:47:d8:c8:fd:7b:7d:b2:d1:cc:89:a4:14:
63:fa:1c:54:c5:0c:2f:19:ef:72:07:67:3c:29:de:
9f:4e:5f:fd:fd:16:95:b6:28:ca:ac:ee:5d:5b:c4:
a9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:02:55:3E:08:51:5C:DF:21:CC:F0:3B:69:ED:46:16:04:2B:AD:AD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kQJVPghRXN8hzPA7ae1GFgQrra0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.3.0/24
146.19.125.0/24
IPv6:
2a07:9200::/32
2a07:9205::/32
2a0c:a582::/31
Signature Algorithm: sha256WithRSAEncryption
b4:7a:d1:8a:9e:fa:ac:b8:93:d2:1b:15:e0:ed:80:13:a3:81:
b8:62:8b:de:d2:a8:65:36:4b:7e:72:b3:5c:51:5e:1c:a7:c8:
e6:af:ab:4d:93:bb:19:bf:67:69:2c:81:cd:f0:54:3b:5f:13:
a1:ab:c4:13:7f:e2:44:22:db:d8:00:a8:93:80:a5:26:0c:57:
92:93:14:0f:ea:58:36:49:ea:b4:42:02:5e:00:f0:67:ed:16:
16:22:1e:c8:20:05:79:50:2a:09:dd:84:fb:67:af:9c:4a:39:
30:75:e2:89:7d:5b:54:e2:9a:3b:e8:e9:5f:6f:2c:9c:fd:45:
0a:cf:93:33:1e:01:c1:db:7d:c8:cb:7b:11:cc:1f:39:16:82:
1c:c2:32:b1:7d:0c:59:e5:3c:91:9a:5d:c3:43:f4:70:4d:ae:
67:61:e8:17:e8:fb:b9:00:27:ed:93:eb:b3:45:5b:4a:5c:df:
a9:90:4e:69:89:f5:9d:70:3a:da:87:94:eb:96:82:c3:53:04:
49:30:0e:67:c4:c0:af:b1:e6:66:6b:06:36:37:ee:db:d9:fb:
53:bc:4e:b4:cd:ee:6b:34:b2:af:3b:c3:b4:54:28:02:f6:98:
4f:77:dc:78:94:90:2a:0e:e7:09:6f:15:62:dd:f0:d6:ff:81:
23:5b:2d:19
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZCCzz8DUozLrbZSgNkXZkWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzA1MTIxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTAyNTUzZTA4NTE1Y2RmMjFjY2YwM2I2OWVkNDYxNjA0MmJhZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vTpJP523QEWhbwA06OivYHQFGA3
Pj70EOaZcRXl4DVwPhWAUUnkiJmUlWlFwOeG6jVOi/dUdpBfPaEfFtp5tu1IO/xb
GPvVTmdoSeVd3uOpDjRpXb2rij2gctkxLX7B99iErcYw3kj/6tTE6+yrFFzeHDuQ
F/ibW1y5iMYY9kvdP9fC3kHWD97wyzlBS+dz4PbwmrDa1DEX077wDkbSggnP/Gxd
hXQ7Ez2a+lgARDa84mZzpUXcMzDASdGDjxfg+uiafhxRQ9U9V/5OZXU9znqAzK5H
2Mj9e32y0cyJpBRj+hxUxQwvGe9yB2c8Kd6fTl/9/RaVtijKrO5dW8SpAwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJECVT4IUVzfIczwO2ntRhYEK62tMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEva1FKVlBnaFJYTjhoelBBN2FlMUdGZ1FycmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQALZcDAwQA
khN9MBsEAgACMBUDBQAqB5IAAwUAKgeSBQMFASoMpYIwDQYJKoZIhvcNAQELBQAD
ggEBALR60Yqe+qy4k9IbFeDtgBOjgbhii97SqGU2S35ys1xRXhynyOavq02Tuxm/
Z2ksgc3wVDtfE6GrxBN/4kQi29gAqJOApSYMV5KTFA/qWDZJ6rRCAl4A8GftFhYi
HsggBXlQKgndhPtnr5xKOTB14ol9W1Timjvo6V9vLJz9RQrPkzMeAcHbfcjLexHM
HzkWghzCMrF9DFnlPJGaXcND9HBNrmdh6Bfo+7kAJ+2T67NFW0pc36mQTmmJ9Z1w
OtqHlOuWgsNTBEkwDmfEwK+x5mZrBjY37tvZ+1O8TrTN7ms0sq87w7RUKAL2mE93
3HiUkCoO5wlvFWLd8Nb/gSNbLRk=
-----END CERTIFICATE-----
Generated at Mon Jul 15 18:57:41 2024 by rpki-client on console-fra.rpki-client.org