Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/KiDCm0BgLmRErkJnvdjWoe-D9SE.roa
File: KiDCm0BgLmRErkJnvdjWoe-D9SE.roa (raw, json)
Hash identifier: zI+dWpTSXeHTs0kyjwy3TFXbn7FOD/9v4A40SFSr6eY=
Subject key identifier: 2A:20:C2:9B:40:60:2E:64:44:AE:42:67:BD:D8:D6:A1:EF:83:F5:21
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 01864F94656EA80A2FB5D118FD58B6B4A9FD
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/KiDCm0BgLmRErkJnvdjWoe-D9SE.roa
Signing time: Tue 14 Feb 2023 10:59:30 +0000
ROA not before: Tue 14 Feb 2023 10:59:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207959
IP address blocks: 45.142.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:94:65:6e:a8:0a:2f:b5:d1:18:fd:58:b6:b4:a9:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Feb 14 10:59:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a20c29b40602e6444ae4267bdd8d6a1ef83f521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a0:c2:46:53:33:c7:51:97:ba:86:15:f3:fc:
cd:27:54:22:22:c2:1d:d0:0d:3a:f1:ed:56:e6:6d:
5b:d2:85:91:d3:ad:73:c7:04:52:58:de:fd:a2:af:
bd:f8:37:7a:43:b8:09:af:c2:12:25:fd:24:9f:d1:
bd:ea:e8:86:76:31:0a:21:b1:7f:55:de:12:76:70:
43:7d:d9:16:0b:c2:eb:c4:9c:34:47:a5:48:b6:c3:
a4:5d:20:15:ed:b3:7a:d3:3c:31:7a:17:38:d8:e7:
be:74:24:f6:ec:f2:e3:83:7a:ad:c2:56:2b:1b:8a:
3a:c4:33:5f:38:5b:fb:ad:3d:0a:92:4c:2a:23:d4:
c4:21:c9:5b:38:a3:6c:e6:ab:7b:26:df:0e:ea:4e:
0f:e9:55:8f:91:42:ee:4e:78:d6:59:90:4d:e1:2a:
bb:af:0e:08:31:6f:04:03:7b:df:06:36:9c:8a:ac:
6a:37:c6:bd:eb:e9:18:d1:26:af:ed:4d:a5:79:0d:
9f:43:4d:9e:6a:a0:87:d8:14:f8:a9:1f:de:fb:a3:
35:ae:a1:62:00:e3:8d:b4:1d:98:a9:7b:46:6a:84:
12:db:16:8a:f7:7f:10:e5:ae:1d:f9:13:24:45:81:
3e:46:23:f9:4d:5e:af:a7:7e:d0:f4:53:50:5d:19:
ee:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:20:C2:9B:40:60:2E:64:44:AE:42:67:BD:D8:D6:A1:EF:83:F5:21
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/KiDCm0BgLmRErkJnvdjWoe-D9SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.183.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f0:00:63:e6:c1:3f:06:b1:ea:57:1b:36:fc:c7:7a:01:47:
58:06:0b:02:e5:50:ad:e5:88:f6:14:2f:a5:62:17:4f:f6:c7:
3e:d1:d5:76:80:a9:8a:30:90:a6:fc:85:9a:e1:ae:29:2d:58:
8f:a2:69:dd:b9:47:c6:df:7e:33:16:b0:80:4e:f3:1f:c9:28:
e4:b1:68:d6:88:c3:c2:41:5e:a6:0d:04:e3:dd:d4:b4:5f:7a:
b2:57:84:57:06:fa:7f:4c:39:b1:cf:5b:b1:c9:54:6a:67:32:
61:b6:9f:08:09:bc:1b:31:72:02:d8:5f:29:04:11:19:6a:b6:
00:59:d7:16:98:6f:08:63:ae:f0:de:a3:b5:a4:33:e8:75:82:
5d:73:3b:56:72:47:48:c8:a1:d5:ed:a5:b8:2c:32:f4:0d:50:
5a:67:e4:7d:a8:6e:88:79:8e:e0:7d:51:c9:41:34:d2:25:7e:
74:82:9c:84:14:a1:56:50:2e:23:a3:2e:d9:be:82:eb:48:ef:
b8:d8:9f:09:e2:db:c3:06:c5:7d:00:85:86:3e:02:ff:78:c8:
7d:c5:e5:de:1e:bd:28:46:6d:9d:f3:4e:d8:18:d9:29:28:52:
63:ec:80:df:9d:58:47:e8:f6:aa:3f:b5:46:cf:76:14:30:5f:
85:ac:42:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZPlGVuqAovtdEY/Vi2tKn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjMwMjE0MTA1OTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIwYzI5YjQwNjAyZTY0NDRhZTQyNjdiZGQ4ZDZhMWVmODNmNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKDCRlMzx1GXuoYV8/zNJ1QiIsId
0A068e1W5m1b0oWR061zxwRSWN79oq+9+Dd6Q7gJr8ISJf0kn9G96uiGdjEKIbF/
Vd4SdnBDfdkWC8LrxJw0R6VItsOkXSAV7bN60zwxehc42Oe+dCT27PLjg3qtwlYr
G4o6xDNfOFv7rT0KkkwqI9TEIclbOKNs5qt7Jt8O6k4P6VWPkULuTnjWWZBN4Sq7
rw4IMW8EA3vfBjaciqxqN8a96+kY0Sav7U2leQ2fQ02eaqCH2BT4qR/e+6M1rqFi
AOONtB2YqXtGaoQS2xaK938Q5a4d+RMkRYE+RiP5TV6vp37Q9FNQXRnuVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCogwptAYC5kRK5CZ73Y1qHvg/UhMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvS2lEQ20wQmdMbVJFcmtKbnZkaldvZS1EOVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY63MA0G
CSqGSIb3DQEBCwUAA4IBAQAe8ABj5sE/BrHqVxs2/Md6AUdYBgsC5VCt5Yj2FC+l
YhdP9sc+0dV2gKmKMJCm/IWa4a4pLViPomnduUfG334zFrCATvMfySjksWjWiMPC
QV6mDQTj3dS0X3qyV4RXBvp/TDmxz1uxyVRqZzJhtp8ICbwbMXIC2F8pBBEZarYA
WdcWmG8IY67w3qO1pDPodYJdcztWckdIyKHV7aW4LDL0DVBaZ+R9qG6IeY7gfVHJ
QTTSJX50gpyEFKFWUC4joy7ZvoLrSO+42J8J4tvDBsV9AIWGPgL/eMh9xeXeHr0o
Rm2d807YGNkpKFJj7IDfnVhH6PaqP7VGz3YUMF+FrEKq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:29 2024 by rpki-client on console-ams.rpki-client.org