Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/CKlb_jCKSU5WneqetYnL3tbRKEY.roa
File: CKlb_jCKSU5WneqetYnL3tbRKEY.roa (raw, json)
Hash identifier: Zxb8yfKCp47LQZ4BUCjpOjjNCqcgJnohPLwIHoRSeM0=
Subject key identifier: 08:A9:5B:FE:30:8A:49:4E:56:9D:EA:9E:B5:89:CB:DE:D6:D1:28:46
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 018CC4932F7BB91FCB5E2217F6E7D1111483
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/CKlb_jCKSU5WneqetYnL3tbRKEY.roa
Signing time: Mon 01 Jan 2024 10:30:29 +0000
ROA not before: Mon 01 Jan 2024 10:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 194.36.142.0/24 maxlen: 24
185.234.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:2f:7b:b9:1f:cb:5e:22:17:f6:e7:d1:11:14:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Jan 1 10:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08a95bfe308a494e569dea9eb589cbded6d12846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3f:6d:fb:18:c1:32:3c:9e:fd:35:32:3d:c5:
cf:1b:39:e4:d6:95:8d:6a:c4:6d:b6:f0:ea:1f:c5:
2e:9e:4d:77:85:40:fc:f9:75:c1:1d:4d:fa:28:64:
17:53:86:59:51:90:3e:cd:29:0f:57:3a:1f:2f:c1:
0e:92:a7:de:ff:1d:b1:d3:df:a0:d2:39:48:e9:c2:
63:2e:b4:6c:87:ff:96:b6:02:e5:55:2f:50:30:b5:
dd:65:cd:3b:03:91:f0:39:60:7a:f1:85:71:00:9d:
0c:a8:b5:8f:c6:1b:20:d6:54:ac:d5:b2:15:af:4a:
8a:6f:a4:ca:19:33:02:27:b1:3f:24:5d:30:43:cf:
d1:db:09:29:6f:5e:37:9c:1d:5b:a8:85:d5:52:41:
b6:ea:a3:6e:03:22:34:ff:47:90:3e:91:72:53:6b:
1c:50:c9:3c:50:5d:69:c8:32:a5:55:df:e5:37:f9:
1a:6f:59:2b:a9:30:25:a5:ab:fd:32:c0:0f:37:2c:
51:83:51:e6:5c:5c:a2:fe:85:77:9a:60:9d:a4:29:
02:7a:38:40:7d:5a:e1:a9:9b:4d:02:67:a5:08:f2:
ff:f2:5a:4e:cc:a1:bb:e2:0c:db:79:f9:b6:67:1a:
bc:1f:f7:12:5c:fd:5b:13:f0:46:2e:4a:35:2c:4c:
f7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A9:5B:FE:30:8A:49:4E:56:9D:EA:9E:B5:89:CB:DE:D6:D1:28:46
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/CKlb_jCKSU5WneqetYnL3tbRKEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.131.0/24
194.36.142.0/24
Signature Algorithm: sha256WithRSAEncryption
40:bc:8b:7d:3c:65:57:ef:6e:41:79:f4:2b:0d:e8:18:2d:f5:
58:09:cb:2d:10:64:ae:90:3f:92:0f:9d:7b:3d:ea:8e:40:82:
22:e8:18:e8:cb:2e:a6:a5:b5:ad:fa:51:8c:24:08:13:a0:b9:
16:62:4e:dd:fb:65:0a:8a:3e:90:ce:66:4e:d8:8e:f4:45:40:
fb:a3:39:03:d9:33:d7:fa:f6:9d:df:40:36:68:a1:f2:92:15:
8d:7f:06:79:3b:5a:68:8a:d9:7b:79:62:9a:5f:52:94:83:4d:
b2:de:43:89:33:8f:1f:e4:50:b5:ab:18:76:b9:1c:a4:1d:aa:
01:c4:bb:e7:89:67:ca:47:60:db:1d:b2:6f:ee:b6:86:a5:6d:
35:39:73:07:d9:63:9a:80:cd:2e:a7:09:e7:df:cf:2a:34:e2:
72:fd:3b:63:9c:bd:3f:89:1c:81:4d:07:f7:fd:82:4e:27:3d:
4b:ce:05:48:dc:fd:89:9e:c8:22:d8:d2:40:46:9a:eb:09:3d:
ec:b4:cc:43:ed:85:1d:47:68:aa:cd:39:52:41:16:84:2d:46:
d7:66:d7:09:9f:f4:1e:36:c3:2a:36:66:17:aa:7b:6f:61:3c:
94:03:68:7b:9d:2e:80:83:34:d8:9b:9d:88:91:45:e2:4b:ca:
3f:f5:5f:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEky97uR/LXiIX9ufRERSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjQwMTAxMTAzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE5NWJmZTMwOGE0OTRlNTY5ZGVhOWViNTg5Y2JkZWQ2ZDEyODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj9t+xjBMjye/TUyPcXPGznk1pWN
asRttvDqH8Uunk13hUD8+XXBHU36KGQXU4ZZUZA+zSkPVzofL8EOkqfe/x2x09+g
0jlI6cJjLrRsh/+WtgLlVS9QMLXdZc07A5HwOWB68YVxAJ0MqLWPxhsg1lSs1bIV
r0qKb6TKGTMCJ7E/JF0wQ8/R2wkpb143nB1bqIXVUkG26qNuAyI0/0eQPpFyU2sc
UMk8UF1pyDKlVd/lN/kab1krqTAlpav9MsAPNyxRg1HmXFyi/oV3mmCdpCkCejhA
fVrhqZtNAmelCPL/8lpOzKG74gzbefm2Zxq8H/cSXP1bE/BGLko1LEz3IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAipW/4wiklOVp3qnrWJy97W0ShGMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvQ0tsYl9qQ0tTVTVXbmVxZXRZbkwzdGJSS0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueqDAwQA
wiSOMA0GCSqGSIb3DQEBCwUAA4IBAQBAvIt9PGVX725BefQrDegYLfVYCcstEGSu
kD+SD517PeqOQIIi6Bjoyy6mpbWt+lGMJAgToLkWYk7d+2UKij6QzmZO2I70RUD7
ozkD2TPX+vad30A2aKHykhWNfwZ5O1poitl7eWKaX1KUg02y3kOJM48f5FC1qxh2
uRykHaoBxLvniWfKR2DbHbJv7raGpW01OXMH2WOagM0upwnn388qNOJy/TtjnL0/
iRyBTQf3/YJOJz1LzgVI3P2Jnsgi2NJARprrCT3stMxD7YUdR2iqzTlSQRaELUbX
ZtcJn/QeNsMqNmYXqntvYTyUA2h7nS6AgzTYm52IkUXiS8o/9V9r
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:49 2025 by rpki-client