Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kcW_wn9F-OpXtaAV6fw00sXuqB8.roa
File: kcW_wn9F-OpXtaAV6fw00sXuqB8.roa (raw, json)
Hash identifier: AssNkQDWd6n43MYAZZpplC7nr3h0qRnKp2aofe85E+g=
Subject key identifier: 91:C5:BF:C2:7F:45:F8:EA:57:B5:A0:15:E9:FC:34:D2:C5:EE:A8:1F
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018CC8DFA3951B0DB8D7CAD515E984A6F270
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kcW_wn9F-OpXtaAV6fw00sXuqB8.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46562
IP address blocks: 45.156.220.0/24 maxlen: 24
185.235.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 15:10:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a3:95:1b:0d:b8:d7:ca:d5:15:e9:84:a6:f2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91c5bfc27f45f8ea57b5a015e9fc34d2c5eea81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:4a:8a:3a:0b:d5:06:95:fa:2f:08:b0:89:
c8:8f:14:f4:5f:44:6e:be:38:fe:8f:e8:00:42:ed:
d4:f9:93:cd:f7:bc:b6:23:db:ab:7b:0e:d1:d5:c7:
fe:c1:c6:49:73:7b:6b:27:36:21:24:33:49:f8:d3:
91:f0:a2:5d:ce:5a:ec:d6:6e:7f:45:d4:ac:cf:52:
06:92:d6:db:cc:8c:66:88:31:c3:44:82:61:8e:53:
c9:e2:1d:6a:d0:5e:22:e1:e9:70:a3:46:74:bc:4a:
26:30:10:35:44:f4:3e:c0:11:4d:05:e7:81:31:38:
a1:36:be:be:00:bb:08:28:d5:67:91:d2:66:74:20:
9b:fc:db:40:3b:81:71:35:ee:b4:8d:89:ab:18:f1:
3a:bd:09:2d:8e:46:dd:55:c6:a5:1b:57:ba:03:99:
f7:ed:00:d9:1d:ae:6d:79:8c:44:21:9c:cf:1e:c9:
ba:da:e2:9c:da:34:06:d2:cd:25:df:76:ac:10:7b:
42:28:13:c0:40:ed:dc:26:90:50:17:5c:fa:26:48:
72:5d:85:e3:6b:4d:4c:72:f3:68:7e:97:d8:77:99:
32:fe:76:d8:59:b5:c4:dd:b2:f7:65:e6:d3:fc:e1:
99:58:17:57:f8:b4:87:22:5b:eb:10:ea:af:a9:44:
e7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C5:BF:C2:7F:45:F8:EA:57:B5:A0:15:E9:FC:34:D2:C5:EE:A8:1F
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kcW_wn9F-OpXtaAV6fw00sXuqB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.220.0/24
185.235.167.0/24
Signature Algorithm: sha256WithRSAEncryption
59:66:2e:e9:b4:a7:83:27:6f:f9:35:c3:26:6d:c1:6a:98:89:
72:6e:2d:a0:c8:b3:24:ab:f0:4e:1e:70:87:8d:a6:c0:ca:67:
20:15:16:c1:37:0a:a0:98:db:3a:ec:74:fb:9b:d6:28:82:a7:
7e:32:28:07:46:19:52:5b:23:4e:d8:ed:b4:60:34:9e:b7:f1:
a7:32:65:1f:b7:05:32:0d:10:c1:f2:bf:6c:1e:c7:cf:62:cc:
72:b5:40:ad:e0:ee:d1:fd:0e:79:e5:0a:1a:82:b0:27:d3:03:
b9:05:ed:b8:d1:08:c0:80:33:f3:96:0a:dd:16:31:ec:b7:62:
7d:56:e4:7d:e7:79:a2:02:f3:f4:43:e8:a3:3b:91:73:57:91:
75:da:04:f7:5e:cf:ce:fe:9b:d6:9f:00:fa:1c:19:ce:6f:77:
2f:84:f1:48:52:ad:5e:39:15:aa:03:60:dc:23:09:a5:ba:39:
f9:56:47:99:2f:ae:f5:f6:cf:75:8b:fd:bb:cc:b1:d2:67:ac:
50:21:e2:2b:d9:75:be:bb:a0:74:d5:53:62:96:1c:46:8d:7f:
3e:55:01:80:2a:9b:16:6c:fa:46:04:5b:ae:ef:e4:66:2f:05:
77:74:8d:d9:50:bb:ac:2e:9c:f5:a5:c7:0b:12:3b:a4:9d:89:
97:dc:75:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI36OVGw2418rVFemEpvJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM1YmZjMjdmNDVmOGVhNTdiNWEwMTVlOWZjMzRkMmM1ZWVhODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF5KijoL1QaV+i8IsInIjxT0X0Ru
vjj+j+gAQu3U+ZPN97y2I9urew7R1cf+wcZJc3trJzYhJDNJ+NOR8KJdzlrs1m5/
RdSsz1IGktbbzIxmiDHDRIJhjlPJ4h1q0F4i4elwo0Z0vEomMBA1RPQ+wBFNBeeB
MTihNr6+ALsIKNVnkdJmdCCb/NtAO4FxNe60jYmrGPE6vQktjkbdVcalG1e6A5n3
7QDZHa5teYxEIZzPHsm62uKc2jQG0s0l33asEHtCKBPAQO3cJpBQF1z6JkhyXYXj
a01McvNofpfYd5ky/nbYWbXE3bL3ZebT/OGZWBdX+LSHIlvrEOqvqUTnUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJHFv8J/RfjqV7WgFen8NNLF7qgfMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEva2NXX3duOUYtT3BYdGFBVjZmdzAwc1h1cUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZzcAwQA
ueunMA0GCSqGSIb3DQEBCwUAA4IBAQBZZi7ptKeDJ2/5NcMmbcFqmIlybi2gyLMk
q/BOHnCHjabAymcgFRbBNwqgmNs67HT7m9Yogqd+MigHRhlSWyNO2O20YDSet/Gn
MmUftwUyDRDB8r9sHsfPYsxytUCt4O7R/Q555QoagrAn0wO5Be240QjAgDPzlgrd
FjHst2J9VuR953miAvP0Q+ijO5FzV5F12gT3Xs/O/pvWnwD6HBnOb3cvhPFIUq1e
ORWqA2DcIwmlujn5VkeZL6719s91i/27zLHSZ6xQIeIr2XW+u6B01VNilhxGjX8+
VQGAKpsWbPpGBFuu7+RmLwV3dI3ZULusLpz1pccLEjuknYmX3HVn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:50 2024 by rpki-client on console-fra.rpki-client.org