Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/KKz1Tlzo2eN-mMtYiWUyj2lriZc.roa
File: KKz1Tlzo2eN-mMtYiWUyj2lriZc.roa (raw, json)
Hash identifier: 8RmKfHGSpJc7iMQvRrRyT+mnMp9IyZAyD7CGdax8myY=
Subject key identifier: 28:AC:F5:4E:5C:E8:D9:E3:7E:98:CB:58:89:65:32:8F:69:6B:89:97
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 0191C7ADD0ABFABA6EA6530B84531CADFBCF
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/KKz1Tlzo2eN-mMtYiWUyj2lriZc.roa
Signing time: Fri 06 Sep 2024 14:12:22 +0000
ROA not before: Fri 06 Sep 2024 14:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60117
IP address blocks: 45.151.97.0/24 maxlen: 24
45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Sep 2024 20:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:ad:d0:ab:fa:ba:6e:a6:53:0b:84:53:1c:ad:fb:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Sep 6 14:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28acf54e5ce8d9e37e98cb588965328f696b8997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bb:38:bc:7a:9e:88:ef:9d:13:28:d7:49:80:
87:79:a7:7f:04:4b:93:e4:26:09:d9:21:90:b1:c4:
43:b2:1d:75:7f:ab:9e:ac:77:ba:d7:70:d5:1e:5c:
41:bd:c0:f9:71:8c:c6:aa:c3:75:97:58:35:db:b3:
d1:ad:08:64:72:73:cc:a8:16:ed:ab:3f:53:57:de:
a3:e1:53:7b:f8:78:f2:4f:66:6d:6e:40:b4:f4:2f:
f4:c1:f6:1b:6e:52:d5:69:ff:ca:c7:d8:8c:11:2c:
17:08:7e:4b:c7:6c:45:bf:d3:2f:6d:ea:be:6d:3f:
f6:c7:2a:6a:46:1e:12:47:56:4c:f5:e1:b4:7a:c7:
28:36:fe:bd:9c:02:90:c5:7b:cf:4a:54:fe:d9:ad:
62:ae:e0:77:3f:ac:9c:64:39:3f:89:13:a1:26:92:
84:e0:5d:aa:8c:db:e1:9b:52:8b:e1:bc:a9:bf:1c:
1e:ad:58:2a:f8:e3:cd:9e:b3:77:b0:61:f0:cf:08:
7d:db:a7:64:51:4d:ea:4a:ab:cf:41:48:8d:6b:fd:
c2:95:54:e9:96:01:d2:41:59:3f:b7:bd:e3:1a:b3:
09:54:36:95:8b:88:d4:1d:b4:ef:52:9b:38:97:da:
8f:6a:b3:57:d3:ff:89:52:e7:23:f0:ce:e9:2f:40:
fb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AC:F5:4E:5C:E8:D9:E3:7E:98:CB:58:89:65:32:8F:69:6B:89:97
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/KKz1Tlzo2eN-mMtYiWUyj2lriZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.97.0-45.151.98.255
94.137.78.0/23
94.137.90.0/23
Signature Algorithm: sha256WithRSAEncryption
02:ed:ac:e9:08:95:88:21:d8:f2:59:7e:34:30:22:4e:b9:ba:
43:f1:c4:62:db:10:3b:cc:34:e0:09:64:18:43:be:a2:62:a7:
b5:27:61:5e:c1:41:0c:1f:d3:36:38:59:c6:59:6d:95:39:65:
e7:8a:30:1a:d8:01:63:85:a0:ea:74:bd:e0:09:5c:48:e9:2a:
5e:f8:14:a1:61:4f:20:74:46:72:bb:e3:b0:d3:0f:ef:b0:11:
6a:50:1d:ad:ad:01:25:ab:7b:02:fc:db:ff:85:08:01:e6:8a:
18:c6:9c:e3:60:0c:6d:6d:bf:53:29:84:a1:f5:63:ec:9a:15:
d0:6c:e4:30:3d:4a:12:b0:c9:9e:95:6a:64:5d:71:ac:bd:26:
80:4a:ee:c1:b1:95:de:81:06:b4:6b:2c:a8:e9:ee:2d:c9:2a:
a5:2a:86:35:3e:ad:37:60:e3:6b:44:74:b7:93:12:ce:16:bd:
c6:06:bf:e0:34:4b:41:be:b4:52:ff:89:48:ab:e1:c1:9d:29:
c4:e9:91:7b:6b:c4:9c:10:35:8d:1f:46:09:e8:8b:40:90:be:
3e:c7:c6:13:10:c4:bb:30:ee:bf:4e:5b:a7:92:05:51:e6:57:
d2:71:71:fd:bf:b7:4e:94:c5:4b:9d:d6:81:88:02:f2:95:97:
34:d3:c2:1a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZHHrdCr+rpuplMLhFMcrfvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjQwOTA2MTQxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGFjZjU0ZTVjZThkOWUzN2U5OGNiNTg4OTY1MzI4ZjY5NmI4OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLs4vHqeiO+dEyjXSYCHead/BEuT
5CYJ2SGQscRDsh11f6uerHe613DVHlxBvcD5cYzGqsN1l1g127PRrQhkcnPMqBbt
qz9TV96j4VN7+HjyT2ZtbkC09C/0wfYbblLVaf/Kx9iMESwXCH5Lx2xFv9Mvbeq+
bT/2xypqRh4SR1ZM9eG0escoNv69nAKQxXvPSlT+2a1iruB3P6ycZDk/iROhJpKE
4F2qjNvhm1KL4bypvxwerVgq+OPNnrN3sGHwzwh926dkUU3qSqvPQUiNa/3ClVTp
lgHSQVk/t73jGrMJVDaVi4jUHbTvUps4l9qParNX0/+JUucj8M7pL0D7jQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCis9U5c6NnjfpjLWIllMo9pa4mXMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvS0t6MVRsem8yZU4tbU10WWlXVXlqMmxyaVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtl2ED
BAAtl2IDBAFeiU4DBAFeiVowDQYJKoZIhvcNAQELBQADggEBAALtrOkIlYgh2PJZ
fjQwIk65ukPxxGLbEDvMNOAJZBhDvqJip7UnYV7BQQwf0zY4WcZZbZU5ZeeKMBrY
AWOFoOp0veAJXEjpKl74FKFhTyB0RnK747DTD++wEWpQHa2tASWrewL82/+FCAHm
ihjGnONgDG1tv1MphKH1Y+yaFdBs5DA9ShKwyZ6VamRdcay9JoBK7sGxld6BBrRr
LKjp7i3JKqUqhjU+rTdg42tEdLeTEs4WvcYGv+A0S0G+tFL/iUir4cGdKcTpkXtr
xJwQNY0fRgnoi0CQvj7HxhMQxLsw7r9OW6eSBVHmV9Jxcf2/t06UxUud1oGIAvKV
lzTTwho=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:24 2025 by rpki-client