Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kEnOyQrVwsLzrSmBNvI9VGdi1ak.roa
File: kEnOyQrVwsLzrSmBNvI9VGdi1ak.roa (raw, json)
Hash identifier: zwWHfPqJ/ePF4nPogwLfW+gs1eBEwoRHSXYRwCdUFZk=
Subject key identifier: 90:49:CE:C9:0A:D5:C2:C2:F3:AD:29:81:36:F2:3D:54:67:62:D5:A9
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0192438D561AC1121E704FD229CCFBCDA320
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kEnOyQrVwsLzrSmBNvI9VGdi1ak.roa
Signing time: Mon 30 Sep 2024 15:29:48 +0000
ROA not before: Mon 30 Sep 2024 15:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2.56.0.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 16 Oct 2024 17:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:8d:56:1a:c1:12:1e:70:4f:d2:29:cc:fb:cd:a3:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 30 15:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9049cec90ad5c2c2f3ad298136f23d546762d5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c4:1d:20:7a:8d:2a:47:bc:fa:5f:da:c0:ab:
af:a5:0a:99:51:07:3f:63:15:8a:c4:13:9f:7f:3d:
ab:df:a4:91:0b:bb:d1:43:86:c4:d5:cc:7f:fc:be:
05:1d:86:4e:2f:41:43:03:2a:cf:34:2f:31:fc:8b:
51:fc:2f:1d:76:a8:d2:62:d5:0b:2b:09:5d:b7:ae:
10:c0:f4:91:49:e1:4f:51:56:06:91:bd:31:6c:0a:
a0:87:06:6d:9c:8c:88:7a:25:e1:f6:2a:09:2c:cf:
69:02:5e:87:01:d1:7d:31:33:1e:a7:a8:07:8d:80:
8d:2d:e7:e3:5e:7a:68:c2:71:e8:01:73:33:96:28:
41:82:f2:64:b9:0f:37:4c:ac:b9:ae:6f:5a:ba:d7:
5d:3f:54:6d:3d:ea:78:7d:a1:ac:79:5f:38:80:e3:
0f:51:b5:ca:30:fd:d8:6c:86:d6:c5:3a:01:b0:63:
74:cc:34:9d:8d:d6:78:4e:83:81:4c:a9:91:ef:03:
0a:3a:29:ab:c6:fb:26:45:f0:4f:69:8f:42:d1:fa:
ca:0c:c8:2a:c9:47:dd:b3:1c:5a:6f:af:d7:1a:d0:
5c:a4:c3:ee:9e:24:95:f9:88:41:55:a9:78:86:c5:
5e:09:f9:ff:4c:39:e4:21:4e:9c:99:d8:dd:5e:02:
b5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:49:CE:C9:0A:D5:C2:C2:F3:AD:29:81:36:F2:3D:54:67:62:D5:A9
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kEnOyQrVwsLzrSmBNvI9VGdi1ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.123.0-91.242.127.255
185.40.105.0/24
185.173.244.0/24
193.31.104.0/22
194.50.201.0/24
194.180.238.0/24
195.138.109.0-195.138.110.255
195.138.113.0/24
195.138.115.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
67:27:7f:fa:6a:6a:a8:2f:07:b3:82:f7:07:20:0b:80:69:00:
51:8a:33:b4:0a:bf:27:d3:ce:69:f7:a3:f1:cd:af:95:b4:60:
f7:b0:71:62:9c:5f:13:84:a1:cb:20:65:8e:cc:fc:ac:ef:70:
ee:e3:5f:c0:d4:9d:f0:28:5a:49:e7:02:58:ae:7c:5e:48:ff:
98:4e:e8:6f:7f:b4:89:6c:be:4d:c1:b5:6a:51:dd:34:4b:6b:
b2:b3:81:de:49:6b:2d:d9:3a:55:94:27:96:6a:38:79:e4:66:
45:b4:af:5e:6b:95:8c:02:55:be:fb:ce:45:f9:6f:b1:f1:ac:
c8:84:b6:ea:82:6f:9f:e3:5f:f8:db:2c:ba:fa:43:47:ad:91:
8a:8d:39:b5:2d:b0:69:6e:0b:7c:20:b3:87:e5:ba:b3:f2:84:
c7:cd:61:38:e1:06:14:01:21:aa:ba:cd:1c:90:f2:66:01:6d:
10:f2:44:f6:2b:bc:23:b3:ac:40:15:39:6f:e8:df:e7:81:81:
35:ac:9e:03:5c:11:bd:ba:5b:22:a3:cf:03:d5:13:74:e5:af:
96:55:10:64:d7:59:02:4c:cf:59:6e:b3:53:f0:9a:bf:ae:e2:
b3:5e:38:d4:f6:88:8e:4c:71:0f:9c:1e:30:63:6e:d6:8e:44:
b6:66:fd:5d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZJDjVYawRIecE/SKcz7zaMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTMwMTUyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQ5Y2VjOTBhZDVjMmMyZjNhZDI5ODEzNmYyM2Q1NDY3NjJkNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cQdIHqNKke8+l/awKuvpQqZUQc/
YxWKxBOffz2r36SRC7vRQ4bE1cx//L4FHYZOL0FDAyrPNC8x/ItR/C8ddqjSYtUL
Kwldt64QwPSRSeFPUVYGkb0xbAqghwZtnIyIeiXh9ioJLM9pAl6HAdF9MTMep6gH
jYCNLefjXnpownHoAXMzlihBgvJkuQ83TKy5rm9autddP1RtPep4faGseV84gOMP
UbXKMP3YbIbWxToBsGN0zDSdjdZ4ToOBTKmR7wMKOimrxvsmRfBPaY9C0frKDMgq
yUfdsxxab6/XGtBcpMPuniSV+YhBVal4hsVeCfn/TDnkIU6cmdjdXgK12wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJBJzskK1cLC860pgTbyPVRnYtWpMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEva0VuT3lRclZ3c0x6clNtQk52STlWR2RpMWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI4
AAMEAC1DdQMEAi2WqAMEAi2XxAMEAFkooTAMAwQBW/JGAwQBW/JIAwQAW/JLMAwD
BABb8nsDBAdb8gADBAC5KGkDBAC5rfQDBALBH2gDBADCMskDBADCtO4wDAMEAMOK
bQMEAMOKbgMEAMOKcQMEAMOKcwMEAsOKfDANBgkqhkiG9w0BAQsFAAOCAQEAZyd/
+mpqqC8Hs4L3ByALgGkAUYoztAq/J9POafej8c2vlbRg97BxYpxfE4ShyyBljsz8
rO9w7uNfwNSd8ChaSecCWK58Xkj/mE7ob3+0iWy+TcG1alHdNEtrsrOB3klrLdk6
VZQnlmo4eeRmRbSvXmuVjAJVvvvORflvsfGsyIS26oJvn+Nf+NssuvpDR62Rio05
tS2waW4LfCCzh+W6s/KEx81hOOEGFAEhqrrNHJDyZgFtEPJE9iu8I7OsQBU5b+jf
54GBNayeA1wRvbpbIqPPA9UTdOWvllUQZNdZAkzPWW6zU/Cav67is1441PaIjkxx
D5weMGNu1o5Etmb9XQ==
-----END CERTIFICATE-----
Generated at Wed Oct 16 21:17:35 2024 by rpki-client on console-ams.rpki-client.org