Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/K4jiYYxjI1dLGNS73MBVdwKnTwU.roa
File: K4jiYYxjI1dLGNS73MBVdwKnTwU.roa (raw, json)
Hash identifier: hnfZ1xDzUXChDS+8jZ/c5NQUu0DXwVPk3LmDhJrSOfg=
Subject key identifier: 2B:88:E2:61:8C:63:23:57:4B:18:D4:BB:DC:C0:55:77:02:A7:4F:05
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0192CDEB85164240DE4CFF826ECD205AD30B
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/K4jiYYxjI1dLGNS73MBVdwKnTwU.roa
Signing time: Sun 27 Oct 2024 12:20:16 +0000
ROA not before: Sun 27 Oct 2024 12:20:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60150
IP address blocks: 45.12.100.0/22 maxlen: 24
185.96.56.0/22 maxlen: 24
185.136.16.0/22 maxlen: 24
194.38.48.0/22 maxlen: 24
2a05:ff00::/29 maxlen: 48
2a07:5b40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Oct 2024 09:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:cd:eb:85:16:42:40:de:4c:ff:82:6e:cd:20:5a:d3:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Oct 27 12:20:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b88e2618c6323574b18d4bbdcc0557702a74f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:66:2d:f5:18:34:46:ec:d4:ee:51:77:92:3a:
88:c7:0f:4d:e1:85:61:1f:71:1f:ed:a6:7a:86:64:
4a:4d:f4:ae:9a:4b:4a:a1:c0:9a:4e:c2:f7:1f:a2:
b0:ba:93:d0:25:c1:91:35:29:ce:c4:09:b3:a7:f6:
b8:b6:2e:82:41:91:32:be:47:7e:22:32:72:be:5f:
6a:75:36:a0:9a:33:0c:eb:88:f3:0e:55:9b:c3:94:
63:ac:4d:83:1d:0a:7e:92:cb:ed:e8:9e:fe:89:a1:
88:2d:a9:c0:5f:77:a7:8a:62:25:e3:be:c0:72:77:
d4:f0:b7:bb:d9:ec:9a:44:36:73:57:42:cf:b6:26:
6d:f5:3e:40:39:df:d4:73:19:c6:d1:3c:c1:f4:ef:
f7:1b:72:3e:12:7a:eb:26:e3:30:21:b1:84:44:8c:
b5:54:a6:26:f3:8a:a8:93:48:33:b5:19:52:1b:32:
b9:8a:e0:16:59:4b:ff:09:7a:ce:a1:11:76:cc:ce:
91:f2:80:c7:38:e6:ed:0f:31:87:a5:3c:1d:cb:50:
82:23:15:72:30:90:c9:b6:ec:03:0f:39:a4:19:27:
50:c3:28:09:fd:ea:63:d9:d2:09:02:c6:bc:8c:63:
4c:c8:ae:1e:76:77:89:47:5b:f8:dd:d5:90:d3:fe:
1e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:88:E2:61:8C:63:23:57:4B:18:D4:BB:DC:C0:55:77:02:A7:4F:05
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/K4jiYYxjI1dLGNS73MBVdwKnTwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.100.0/22
185.96.56.0/22
185.136.16.0/22
194.38.48.0/22
IPv6:
2a05:ff00::/29
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
a6:64:5c:92:16:7f:50:28:f8:78:33:a5:55:9c:9f:5a:89:c0:
b2:82:b0:b0:a2:d7:ea:a3:c7:75:71:91:17:37:c1:1a:b3:d8:
bb:31:6d:b1:07:51:fe:4a:f3:a8:1e:8b:2b:13:30:20:79:68:
ab:df:9a:50:65:97:b3:80:2c:84:68:ed:19:a9:9a:29:77:6f:
18:02:24:af:07:c7:8e:b3:2b:83:07:08:7b:e4:bb:d0:b8:2a:
45:47:f1:75:ea:ef:d6:b4:24:57:51:6d:95:7f:83:3d:36:18:
e2:55:16:99:54:1f:b0:d9:82:2f:7b:a7:06:92:b4:7b:28:c3:
5d:65:8c:43:42:6c:73:94:60:7d:3d:d4:b2:7c:43:46:f6:b5:
09:bc:d2:6f:d2:45:63:fe:db:75:8f:da:65:cc:a3:4c:54:fc:
4b:d1:f5:b6:a1:84:d9:bb:87:13:0b:73:d4:c4:c4:fc:80:83:
70:60:db:f9:87:51:d8:7d:e4:35:a5:ff:b3:02:38:63:53:61:
72:d8:92:6c:d3:0b:a4:37:c0:6c:65:0a:18:50:8f:87:73:ce:
a5:60:57:f9:70:61:74:1d:03:9e:b3:49:16:b8:d5:d2:67:4d:
4f:a3:58:94:82:67:a6:5b:98:ad:70:55:56:20:0e:68:fe:6a:
f5:f4:6a:17
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZLN64UWQkDeTP+Cbs0gWtMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMDI3MTIyMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg4ZTI2MThjNjMyMzU3NGIxOGQ0YmJkY2MwNTU3NzAyYTc0ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGYt9Rg0RuzU7lF3kjqIxw9N4YVh
H3Ef7aZ6hmRKTfSumktKocCaTsL3H6KwupPQJcGRNSnOxAmzp/a4ti6CQZEyvkd+
IjJyvl9qdTagmjMM64jzDlWbw5RjrE2DHQp+ksvt6J7+iaGILanAX3enimIl477A
cnfU8Le72eyaRDZzV0LPtiZt9T5AOd/UcxnG0TzB9O/3G3I+EnrrJuMwIbGERIy1
VKYm84qok0gztRlSGzK5iuAWWUv/CXrOoRF2zM6R8oDHOObtDzGHpTwdy1CCIxVy
MJDJtuwDDzmkGSdQwygJ/epj2dIJAsa8jGNMyK4edneJR1v43dWQ0/4eXQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCuI4mGMYyNXSxjUu9zAVXcCp08FMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvSzRqaVlZeGpJMWRMR05TNzNNQlZkd0tuVHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLQxkAwQC
uWA4AwQCuYgQAwQCwiYwMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkqhkiG9w0B
AQsFAAOCAQEApmRckhZ/UCj4eDOlVZyfWonAsoKwsKLX6qPHdXGRFzfBGrPYuzFt
sQdR/krzqB6LKxMwIHloq9+aUGWXs4AshGjtGamaKXdvGAIkrwfHjrMrgwcIe+S7
0LgqRUfxderv1rQkV1FtlX+DPTYY4lUWmVQfsNmCL3unBpK0eyjDXWWMQ0Jsc5Rg
fT3UsnxDRva1CbzSb9JFY/7bdY/aZcyjTFT8S9H1tqGE2buHEwtz1MTE/ICDcGDb
+YdR2H3kNaX/swI4Y1NhctiSbNMLpDfAbGUKGFCPh3POpWBX+XBhdB0DnrNJFrjV
0mdNT6NYlIJnpluYrXBVViAOaP5q9fRqFw==
-----END CERTIFICATE-----
Generated at Mon Oct 28 12:39:13 2024 by rpki-client on console-fra.rpki-client.org