Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/KUxTQEP8akXOH-YhAz7GFI4XpJ8.roa
File: KUxTQEP8akXOH-YhAz7GFI4XpJ8.roa (raw, json)
Hash identifier: hTeaL0T5rHp7849yx2UGF6ltaTExl+V38JbI+aOL/cI=
Subject key identifier: 29:4C:53:40:43:FC:6A:45:CE:1F:E6:21:03:3E:C6:14:8E:17:A4:9F
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 01933F8AA0AD09905F9A7A17BDE9F1A13A73
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/KUxTQEP8akXOH-YhAz7GFI4XpJ8.roa
Signing time: Mon 18 Nov 2024 13:51:09 +0000
ROA not before: Mon 18 Nov 2024 13:51:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 45.9.144.0/24 maxlen: 24
45.9.145.0/24 maxlen: 24
45.9.146.0/24 maxlen: 24
45.9.147.0/24 maxlen: 24
45.86.4.0/24 maxlen: 24
45.86.5.0/24 maxlen: 24
45.86.6.0/24 maxlen: 24
45.86.7.0/24 maxlen: 24
45.148.248.0/24 maxlen: 24
45.148.250.0/24 maxlen: 24
45.148.251.0/24 maxlen: 24
95.130.225.0/24 maxlen: 24
185.140.232.0/24 maxlen: 24
185.140.234.0/24 maxlen: 24
185.140.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 17:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:8a:a0:ad:09:90:5f:9a:7a:17:bd:e9:f1:a1:3a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Nov 18 13:51:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=294c534043fc6a45ce1fe621033ec6148e17a49f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ad:8d:7f:06:0a:f3:d6:f4:f6:0e:f0:8d:59:
d7:46:c5:67:3f:c0:81:bb:c2:44:08:63:01:a3:07:
df:c4:e1:25:77:b7:33:65:20:ca:a9:99:0a:92:cc:
6a:35:e9:2c:bb:8c:a4:f2:2d:9a:9c:ee:ad:d4:16:
05:bf:d2:3d:db:64:56:29:de:45:19:e4:46:0e:a0:
03:72:73:7c:61:1e:e1:a4:e0:44:da:d0:76:58:48:
d2:c4:a5:ce:19:2e:71:2e:dc:85:4c:b9:be:f2:6e:
09:e5:7e:0d:e6:1c:a5:be:1c:c7:26:29:02:4e:9f:
df:47:49:67:e6:92:a3:4e:2b:4c:47:ac:ff:60:f8:
3c:7f:63:33:fb:d5:75:c6:54:07:75:3b:db:bf:cc:
91:cf:37:0c:e3:d6:8f:09:a5:19:14:fd:51:9a:ef:
6f:61:b3:06:48:7a:6f:2a:9a:37:0b:b9:5d:b2:69:
5c:be:95:c3:71:9d:ee:13:d6:db:08:06:b5:ef:a4:
bd:5c:72:16:f3:b4:62:72:57:a3:15:fc:b6:02:fa:
ab:5c:41:92:18:9b:8e:03:e9:90:16:0b:f2:53:ae:
37:35:47:a8:f0:08:fb:88:cb:25:5c:91:3d:cf:91:
10:5e:7a:d9:d8:42:d2:7c:75:18:c6:99:e8:27:f3:
41:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4C:53:40:43:FC:6A:45:CE:1F:E6:21:03:3E:C6:14:8E:17:A4:9F
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/KUxTQEP8akXOH-YhAz7GFI4XpJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.144.0/22
45.86.4.0/22
45.148.248.0/24
45.148.250.0/23
95.130.225.0/24
185.140.232.0/24
185.140.234.0/23
Signature Algorithm: sha256WithRSAEncryption
28:b9:9f:37:e8:2f:ed:98:25:fa:05:98:d3:69:4d:f1:cd:18:
cc:22:75:ef:b3:d4:7b:9a:25:77:58:11:92:b2:de:68:4a:6b:
95:83:8a:8a:8d:04:f8:d0:e3:a3:16:43:30:d5:62:94:2c:b7:
7c:cd:6b:71:10:67:d9:e6:ce:b0:ef:fa:c6:f9:a9:46:10:4a:
1a:95:de:fa:b6:74:4b:2a:fa:fe:28:ab:77:63:bf:92:cd:63:
73:36:cf:1e:3b:4d:25:35:4e:ad:08:c4:40:22:9f:23:72:bb:
ea:d6:9f:2c:e2:4f:ee:cb:26:ff:b7:af:e9:e0:4a:05:34:18:
cf:a0:cc:3e:4a:db:dc:c7:20:77:83:c4:da:f7:43:ee:1b:6b:
33:b9:2e:ec:fe:f2:15:b3:a1:86:5c:b0:33:2c:0d:a7:da:02:
24:e7:ca:c4:a5:5b:e6:40:55:04:3f:f2:96:4a:57:db:8e:bc:
0f:63:b0:5e:6f:71:6e:0c:7a:55:9b:1c:68:4c:e7:cd:13:1d:
5e:7b:c2:47:2b:89:4f:f4:99:64:91:41:5e:d4:70:d5:95:c8:
0f:19:b6:9c:50:cd:39:61:90:f4:70:d5:cf:de:fb:2a:35:65:
41:68:3b:8b:26:f6:4a:2a:47:91:b4:a2:54:56:85:69:a1:91:
b4:4b:ff:2c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZM/iqCtCZBfmnoXvenxoTpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjQxMTE4MTM1MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRjNTM0MDQzZmM2YTQ1Y2UxZmU2MjEwMzNlYzYxNDhlMTdhNDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4a2NfwYK89b09g7wjVnXRsVnP8CB
u8JECGMBowffxOEld7czZSDKqZkKksxqNeksu4yk8i2anO6t1BYFv9I922RWKd5F
GeRGDqADcnN8YR7hpOBE2tB2WEjSxKXOGS5xLtyFTLm+8m4J5X4N5hylvhzHJikC
Tp/fR0ln5pKjTitMR6z/YPg8f2Mz+9V1xlQHdTvbv8yRzzcM49aPCaUZFP1Rmu9v
YbMGSHpvKpo3C7ldsmlcvpXDcZ3uE9bbCAa176S9XHIW87RiclejFfy2AvqrXEGS
GJuOA+mQFgvyU643NUeo8Aj7iMslXJE9z5EQXnrZ2ELSfHUYxpnoJ/NBhwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFClMU0BD/GpFzh/mIQM+xhSOF6SfMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvS1V4VFFFUDhha1hPSC1ZaEF6N0dGSTRYcEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLQmQAwQC
LVYEAwQALZT4AwQBLZT6AwQAX4LhAwQAuYzoAwQBuYzqMA0GCSqGSIb3DQEBCwUA
A4IBAQAouZ836C/tmCX6BZjTaU3xzRjMInXvs9R7miV3WBGSst5oSmuVg4qKjQT4
0OOjFkMw1WKULLd8zWtxEGfZ5s6w7/rG+alGEEoald76tnRLKvr+KKt3Y7+SzWNz
Ns8eO00lNU6tCMRAIp8jcrvq1p8s4k/uyyb/t6/p4EoFNBjPoMw+StvcxyB3g8Ta
90PuG2szuS7s/vIVs6GGXLAzLA2n2gIk58rEpVvmQFUEP/KWSlfbjrwPY7Beb3Fu
DHpVmxxoTOfNEx1ee8JHK4lP9JlkkUFe1HDVlcgPGbacUM05YZD0cNXP3vsqNWVB
aDuLJvZKKkeRtKJUVoVpoZG0S/8s
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:50:11 2024 by rpki-client on console-ams.rpki-client.org