Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kptcSkDfqJ5B7mFr0zSRFi_74tk.roa
File: kptcSkDfqJ5B7mFr0zSRFi_74tk.roa (raw, json)
Hash identifier: ZRHlqWspcTvGehwhicGjtOFnFeCd9IAI1P0DOqaJQxo=
Subject key identifier: 92:9B:5C:4A:40:DF:A8:9E:41:EE:61:6B:D3:34:91:16:2F:FB:E2:D9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E2828DC248890D7023EA44ADC3DB693EB
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kptcSkDfqJ5B7mFr0zSRFi_74tk.roa
Signing time: Sun 10 Mar 2024 11:39:10 +0000
ROA not before: Sun 10 Mar 2024 11:39:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 09:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:28:dc:24:88:90:d7:02:3e:a4:4a:dc:3d:b6:93:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 10 11:39:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=929b5c4a40dfa89e41ee616bd33491162ffbe2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a8:0a:36:50:16:95:dc:e1:03:45:00:10:9e:
26:ce:65:aa:76:5c:8a:0c:49:32:41:bf:af:a2:33:
1b:e8:e6:44:9a:ab:21:a4:fe:7c:4c:ea:e7:55:f8:
0b:cc:d0:26:0d:6a:33:32:e8:c0:6b:c0:a3:47:13:
4d:71:d6:24:74:a4:f8:f0:03:a2:2c:e8:fb:e1:a8:
4a:d2:97:a4:bb:20:99:a0:91:58:2e:f0:e1:e1:8c:
62:04:e0:5e:98:8b:17:60:6f:c5:2e:0d:57:ac:e2:
81:6c:43:53:59:56:26:74:bd:2d:15:df:e5:ca:22:
c9:51:08:5e:d4:96:54:b3:e5:55:24:64:8c:19:8d:
f8:b9:68:c1:94:a8:89:f1:89:a5:58:32:04:50:48:
40:52:fe:ba:a7:f3:a5:01:11:3e:1d:dc:c6:e4:ec:
fb:b7:c5:be:74:c4:0b:de:52:18:53:79:a4:48:b5:
eb:c2:06:d7:46:0b:34:0d:a0:46:a2:1a:aa:d3:d4:
6b:40:1a:8a:08:57:3c:fe:77:d9:15:b3:29:06:1c:
c3:fe:3b:9a:f0:3e:95:f5:b9:ae:b9:1f:f6:5a:11:
b4:4b:87:3c:a3:69:fa:cb:3c:3c:2d:de:84:04:22:
98:14:34:43:34:60:c2:da:a9:e4:26:9e:4e:32:5c:
f5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9B:5C:4A:40:DF:A8:9E:41:EE:61:6B:D3:34:91:16:2F:FB:E2:D9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kptcSkDfqJ5B7mFr0zSRFi_74tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.88.139.0/24
45.94.170.0/23
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a4:55:96:1a:ec:f8:da:37:0a:01:9e:c7:66:b0:ec:d5:50:
2a:57:0d:f3:5b:eb:76:d4:fb:06:da:7a:1b:61:eb:81:86:c8:
9e:99:eb:2f:20:25:c5:17:f1:e3:c9:89:a7:25:bd:0d:12:e6:
d6:fb:c6:e3:7a:2a:ff:73:79:5d:87:17:5d:10:d7:23:f8:cc:
8f:3b:78:dd:30:f1:7a:de:65:e0:3a:0b:a3:e8:e6:fe:27:94:
5b:c1:30:82:5d:29:f4:0a:65:39:62:39:76:bb:dd:14:ed:1e:
b9:9d:a6:f2:c7:79:ef:5d:cf:b4:85:32:d4:e2:b7:42:d2:f3:
22:d5:ef:08:e6:8c:b6:61:47:b9:3b:88:88:ac:89:8e:a1:80:
94:2b:77:34:e6:31:0e:99:f9:d8:1c:27:11:06:86:37:99:1d:
c6:80:09:9c:a1:8c:23:cf:f3:a1:f8:44:47:f2:6c:ab:d1:6e:
fa:7a:3d:ca:00:42:ca:fa:09:72:b6:ce:67:18:23:06:30:20:
6e:e1:5c:65:60:c4:39:45:84:41:fe:48:fc:79:7c:47:9d:7c:
33:7f:51:27:32:ff:e7:7a:75:2b:9f:95:6c:81:89:a7:1b:88:
b8:35:4e:aa:b1:3c:50:f3:bd:62:9a:a9:62:b5:30:41:43:5c:
6d:ff:32:6f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY4oKNwkiJDXAj6kStw9tpPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzEwMTEzOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjliNWM0YTQwZGZhODllNDFlZTYxNmJkMzM0OTExNjJmZmJlMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjagKNlAWldzhA0UAEJ4mzmWqdlyK
DEkyQb+vojMb6OZEmqshpP58TOrnVfgLzNAmDWozMujAa8CjRxNNcdYkdKT48AOi
LOj74ahK0pekuyCZoJFYLvDh4YxiBOBemIsXYG/FLg1XrOKBbENTWVYmdL0tFd/l
yiLJUQhe1JZUs+VVJGSMGY34uWjBlKiJ8YmlWDIEUEhAUv66p/OlARE+HdzG5Oz7
t8W+dMQL3lIYU3mkSLXrwgbXRgs0DaBGohqq09RrQBqKCFc8/nfZFbMpBhzD/jua
8D6V9bmuuR/2WhG0S4c8o2n6yzw8Ld6EBCKYFDRDNGDC2qnkJp5OMlz1SwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJKbXEpA36ieQe5ha9M0kRYv++LZMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEva3B0Y1NrRGZxSjVCN21GcjB6U1JGaV83NHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBBbVUAwQA
BbVXAwQALViLAwQBLV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0G
CSqGSIb3DQEBCwUAA4IBAQAWpFWWGuz42jcKAZ7HZrDs1VAqVw3zW+t21PsG2nob
YeuBhsiemesvICXFF/HjyYmnJb0NEubW+8bjeir/c3ldhxddENcj+MyPO3jdMPF6
3mXgOguj6Ob+J5RbwTCCXSn0CmU5Yjl2u90U7R65nabyx3nvXc+0hTLU4rdC0vMi
1e8I5oy2YUe5O4iIrImOoYCUK3c05jEOmfnYHCcRBoY3mR3GgAmcoYwjz/Oh+ERH
8myr0W76ej3KAELK+glyts5nGCMGMCBu4VxlYMQ5RYRB/kj8eXxHnXwzf1EnMv/n
enUrn5VsgYmnG4i4NU6qsTxQ871imqlitTBBQ1xt/zJv
-----END CERTIFICATE-----
Generated at Mon Mar 11 12:10:45 2024 by rpki-client on console-ams.rpki-client.org