Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/KtHKTXgZlFkeTc8Bg4Leq1sscLo.roa
File: KtHKTXgZlFkeTc8Bg4Leq1sscLo.roa (raw, json)
Hash identifier: 6JR5ZDDnRodjB9KSBj8AdUzxMiBsac6FTxn+T7vkWYA=
Subject key identifier: 2A:D1:CA:4D:78:19:94:59:1E:4D:CF:01:83:82:DE:AB:5B:2C:70:BA
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018D7756898564F92F91810ED0031CED4E16
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/KtHKTXgZlFkeTc8Bg4Leq1sscLo.roa
Signing time: Mon 05 Feb 2024 03:36:16 +0000
ROA not before: Mon 05 Feb 2024 03:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 45.128.144.0/24 maxlen: 24
45.128.145.0/24 maxlen: 24
45.131.176.0/24 maxlen: 24
45.131.177.0/24 maxlen: 24
45.132.236.0/24 maxlen: 24
45.132.237.0/24 maxlen: 24
45.137.8.0/24 maxlen: 24
45.137.9.0/24 maxlen: 24
45.153.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 02:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:56:89:85:64:f9:2f:91:81:0e:d0:03:1c:ed:4e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Feb 5 03:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ad1ca4d781994591e4dcf018382deab5b2c70ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:5b:4c:7f:d5:2d:d1:e9:52:e0:40:d9:f6:
cf:ca:66:d8:cf:fb:47:02:e5:ef:4a:81:60:ac:3a:
0e:03:47:c0:d1:85:08:cf:3a:f7:09:33:2e:e4:25:
a6:59:f4:91:b6:71:ab:bf:54:96:6d:f1:da:72:07:
17:bc:1e:34:13:e5:e6:06:ef:68:33:1c:5e:18:57:
f2:93:61:3a:55:30:59:ba:cc:b8:84:51:1d:75:2a:
43:55:5f:6e:73:65:05:0c:09:1c:a8:ef:a9:31:ed:
02:09:96:9a:88:ac:48:5b:03:ec:e6:9f:06:93:33:
6b:2a:18:ad:7b:aa:e1:d0:29:e2:8e:d0:43:20:79:
af:e3:d3:45:35:3f:bc:b6:e4:87:cd:d3:c7:f5:1e:
7c:39:b2:18:aa:05:e4:04:61:a0:dc:a6:8a:9b:cd:
b9:13:4c:39:84:2e:a0:f2:7e:92:bc:e1:c0:17:61:
66:64:cc:e7:e8:99:7b:c7:ab:90:41:04:94:f8:fa:
80:31:a9:04:a1:16:4d:79:e6:19:32:29:9b:e8:e4:
69:4b:b9:5b:ee:b0:9d:60:04:89:f3:c4:6a:2b:cd:
df:bc:06:72:c6:cd:fe:72:c0:36:50:01:8d:43:ea:
eb:91:71:83:51:e1:72:67:47:26:29:f4:f7:d5:a3:
da:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D1:CA:4D:78:19:94:59:1E:4D:CF:01:83:82:DE:AB:5B:2C:70:BA
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/KtHKTXgZlFkeTc8Bg4Leq1sscLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.144.0/23
45.131.176.0/23
45.132.236.0/23
45.137.8.0/23
45.153.124.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:a2:12:a0:7e:dc:e0:e0:55:5d:80:40:9b:d1:8a:81:14:91:
24:a6:b1:08:ce:7e:56:69:75:c0:c4:e3:42:ca:06:36:f2:a3:
96:e0:08:1c:d6:dd:84:52:1b:d6:c4:a3:a7:dc:4c:6d:22:25:
7f:5c:14:0d:81:8a:cb:49:fd:34:ab:5a:23:93:85:7b:3d:e0:
90:30:de:b0:23:dc:e7:96:fd:12:27:5e:ad:37:b6:38:40:cf:
b4:39:78:82:1d:16:25:8e:fb:99:8c:6b:f3:ad:e6:18:6c:f5:
5a:b9:49:4d:c6:ab:e5:d6:45:7c:bd:f9:d3:b1:86:10:3f:1a:
31:14:9f:15:9c:d9:25:f7:96:db:12:dc:eb:c2:21:4d:35:02:
74:a7:77:43:8d:2a:a5:f3:80:91:a6:4d:53:2f:2a:cd:11:8f:
75:37:6e:79:4f:42:0c:36:57:ed:01:bd:3e:0e:d1:c8:15:12:
f6:f7:f8:46:66:18:fe:c4:ec:96:f8:ef:33:57:30:82:94:58:
25:47:32:2c:ad:ef:41:8c:a2:06:bb:3d:49:00:bb:7b:2b:d9:
85:2b:df:53:e9:2b:1a:bd:57:20:a4:7f:2f:32:47:cd:b3:47:
f9:35:d1:f1:6b:a0:43:36:0b:36:90:84:8d:ab:af:18:01:18:
e0:d6:d1:fd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY13VomFZPkvkYEO0AMc7U4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMjA1MDMzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQxY2E0ZDc4MTk5NDU5MWU0ZGNmMDE4MzgyZGVhYjViMmM3MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidNbTH/VLdHpUuBA2fbPymbYz/tH
AuXvSoFgrDoOA0fA0YUIzzr3CTMu5CWmWfSRtnGrv1SWbfHacgcXvB40E+XmBu9o
MxxeGFfyk2E6VTBZusy4hFEddSpDVV9uc2UFDAkcqO+pMe0CCZaaiKxIWwPs5p8G
kzNrKhite6rh0CnijtBDIHmv49NFNT+8tuSHzdPH9R58ObIYqgXkBGGg3KaKm825
E0w5hC6g8n6SvOHAF2FmZMzn6Jl7x6uQQQSU+PqAMakEoRZNeeYZMimb6ORpS7lb
7rCdYASJ88RqK83fvAZyxs3+csA2UAGNQ+rrkXGDUeFyZ0cmKfT31aPaZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCrRyk14GZRZHk3PAYOC3qtbLHC6MB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvS3RIS1RYZ1psRmtlVGM4Qmc0TGVxMXNzY0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYCQAwQB
LYOwAwQBLYTsAwQBLYkIAwQALZl8MA0GCSqGSIb3DQEBCwUAA4IBAQDSohKgftzg
4FVdgECb0YqBFJEkprEIzn5WaXXAxONCygY28qOW4Agc1t2EUhvWxKOn3ExtIiV/
XBQNgYrLSf00q1ojk4V7PeCQMN6wI9znlv0SJ16tN7Y4QM+0OXiCHRYljvuZjGvz
reYYbPVauUlNxqvl1kV8vfnTsYYQPxoxFJ8VnNkl95bbEtzrwiFNNQJ0p3dDjSql
84CRpk1TLyrNEY91N255T0IMNlftAb0+DtHIFRL29/hGZhj+xOyW+O8zVzCClFgl
RzIsre9BjKIGuz1JALt7K9mFK99T6SsavVcgpH8vMkfNs0f5NdHxa6BDNgs2kISN
q68YARjg1tH9
-----END CERTIFICATE-----
Generated at Wed Feb 21 03:03:58 2024 by rpki-client on console-fra.rpki-client.org