Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/KzIUQraookWVL5jJFKfCQ68rZuA.roa
File: KzIUQraookWVL5jJFKfCQ68rZuA.roa (raw, json)
Hash identifier: IRkVI1PBYaA6gIeTl0cRmDaguhDlNgh/V+AVf3sOOwg=
Subject key identifier: 2B:32:14:42:B6:A8:A2:45:95:2F:98:C9:14:A7:C2:43:AF:2B:66:E0
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 0187FACB22A659D63A04EDA1A357B77EB7D2
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/KzIUQraookWVL5jJFKfCQ68rZuA.roa
Signing time: Mon 08 May 2023 09:57:09 +0000
ROA not before: Mon 08 May 2023 09:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133199
IP address blocks: 45.136.13.0/24 maxlen: 24
45.136.12.0/24 maxlen: 24
45.144.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:cb:22:a6:59:d6:3a:04:ed:a1:a3:57:b7:7e:b7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: May 8 09:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b321442b6a8a245952f98c914a7c243af2b66e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:63:9d:ed:be:5a:da:11:3d:d2:4b:cd:2b:b9:
1e:a7:53:97:b4:1a:39:78:c8:a8:c9:8d:6b:43:31:
8d:cc:3b:b0:1e:a2:aa:c8:d4:34:cc:c4:d5:4f:04:
2b:a1:7e:5e:6c:01:41:99:ad:54:1c:fe:06:80:4d:
5f:08:20:8b:3c:44:ad:9e:e1:9a:e8:98:55:4b:17:
16:b4:96:a3:56:17:83:39:27:c9:eb:37:dd:76:56:
1e:b7:ac:1f:50:cd:13:87:0f:bd:0f:83:bd:8b:1c:
e9:eb:10:42:ac:e3:c7:8d:b6:ec:26:ee:4a:ab:82:
1e:28:c8:b4:a8:d2:72:3f:f0:46:16:da:cf:24:73:
dc:e6:41:36:a4:34:f0:02:7a:24:0a:43:c8:5b:53:
a4:c2:e4:6c:77:37:d0:9f:d3:39:1e:c1:e9:e8:d9:
ff:28:1d:95:cb:46:f2:91:ab:f6:11:b4:aa:11:5b:
6c:93:9b:92:48:d1:de:39:a3:4c:ab:67:a7:bf:8b:
19:21:23:6b:24:42:83:6e:16:36:96:91:86:ff:b4:
07:5e:16:e8:9d:e3:db:43:4e:26:3f:06:b0:90:ed:
63:ec:79:2f:98:c8:86:28:d5:5b:95:3f:6d:d6:57:
dc:5b:a5:0c:81:60:57:84:9b:53:18:43:2c:72:4b:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:32:14:42:B6:A8:A2:45:95:2F:98:C9:14:A7:C2:43:AF:2B:66:E0
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/KzIUQraookWVL5jJFKfCQ68rZuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.12.0/23
45.144.139.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ec:0f:f8:cf:ca:72:96:da:6b:bb:a1:3c:fd:bd:73:cb:f0:
08:b0:fb:dd:10:a5:0d:6d:39:69:57:89:e8:fc:1a:bc:ad:74:
1e:24:88:e0:ea:41:c4:c7:82:27:c4:7d:19:bc:b1:11:bf:fa:
34:42:73:f0:89:8e:31:2e:63:51:3b:3a:17:b4:a2:24:be:a5:
16:c5:ee:26:10:bf:21:8f:98:ea:a2:fe:85:9f:8c:9d:4a:d0:
45:03:b8:c7:96:c2:c6:24:3b:f6:10:d1:53:c5:1d:02:00:65:
a1:8d:2e:d4:8b:ad:3a:f9:5b:7b:de:54:ed:50:04:ac:eb:49:
55:3b:19:c1:b0:e4:a4:c6:69:15:fb:fb:bb:9f:e1:87:c8:ec:
37:6d:34:f3:a7:9f:50:56:40:5f:73:dd:93:6c:8a:db:e5:49:
c1:b1:7d:86:65:7d:fe:ae:74:42:99:de:1b:80:43:9a:68:cb:
09:62:b1:24:a8:1d:7e:a4:8c:c6:33:73:91:08:2a:9c:4f:a4:
64:46:b7:ce:18:00:9d:f8:72:be:3c:63:4a:03:8f:51:03:07:
ba:e8:2f:99:cf:dd:ac:b5:21:54:de:84:2d:ba:ea:fc:fc:9a:
ac:8c:6b:5d:47:ee:75:11:1e:ce:42:fe:80:30:9a:d6:06:44:
37:78:3f:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYf6yyKmWdY6BO2ho1e3frfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwNTA4MDk1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMyMTQ0MmI2YThhMjQ1OTUyZjk4YzkxNGE3YzI0M2FmMmI2NmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmOd7b5a2hE90kvNK7kep1OXtBo5
eMioyY1rQzGNzDuwHqKqyNQ0zMTVTwQroX5ebAFBma1UHP4GgE1fCCCLPEStnuGa
6JhVSxcWtJajVheDOSfJ6zfddlYet6wfUM0Thw+9D4O9ixzp6xBCrOPHjbbsJu5K
q4IeKMi0qNJyP/BGFtrPJHPc5kE2pDTwAnokCkPIW1OkwuRsdzfQn9M5HsHp6Nn/
KB2Vy0bykav2EbSqEVtsk5uSSNHeOaNMq2env4sZISNrJEKDbhY2lpGG/7QHXhbo
nePbQ04mPwawkO1j7HkvmMiGKNVblT9t1lfcW6UMgWBXhJtTGEMscks0EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCsyFEK2qKJFlS+YyRSnwkOvK2bgMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvS3pJVVFyYW9va1dWTDVqSkZLZkNRNjhyWnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYgMAwQA
LZCLMA0GCSqGSIb3DQEBCwUAA4IBAQB67A/4z8pyltpru6E8/b1zy/AIsPvdEKUN
bTlpV4no/Bq8rXQeJIjg6kHEx4InxH0ZvLERv/o0QnPwiY4xLmNROzoXtKIkvqUW
xe4mEL8hj5jqov6Fn4ydStBFA7jHlsLGJDv2ENFTxR0CAGWhjS7Ui606+Vt73lTt
UASs60lVOxnBsOSkxmkV+/u7n+GHyOw3bTTzp59QVkBfc92TbIrb5UnBsX2GZX3+
rnRCmd4bgEOaaMsJYrEkqB1+pIzGM3ORCCqcT6RkRrfOGACd+HK+PGNKA49RAwe6
6C+Zz92stSFU3oQtuur8/JqsjGtdR+51ER7OQv6AMJrWBkQ3eD/T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org