Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/kkPEjSHF5PxE8NkfypKgZAY9j-E.roa
File: kkPEjSHF5PxE8NkfypKgZAY9j-E.roa (raw, json)
Hash identifier: eTbs9CkMLyaK7tA8iTgAXARmtlbcMlOm0ztXcxFD4VI=
Subject key identifier: 92:43:C4:8D:21:C5:E4:FC:44:F0:D9:1F:CA:92:A0:64:06:3D:8F:E1
Certificate issuer: /CN=b660d78320860d5efe729e208b5eb4b2abebe078
Certificate serial: 0187DDCCDC9D125FB8B6EA2A39BABBBEC480
Authority key identifier: B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/kkPEjSHF5PxE8NkfypKgZAY9j-E.roa
Signing time: Tue 02 May 2023 18:50:03 +0000
ROA not before: Tue 02 May 2023 18:50:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51198
IP address blocks: 45.132.9.0/24 maxlen: 24
45.132.11.0/24 maxlen: 24
45.132.8.0/24 maxlen: 24
45.132.10.0/24 maxlen: 24
2a0e:6540::/29 maxlen: 29
2a13:7d00::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 May 2023 13:41:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dd:cc:dc:9d:12:5f:b8:b6:ea:2a:39:ba:bb:be:c4:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b660d78320860d5efe729e208b5eb4b2abebe078
Validity
Not Before: May 2 18:50:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9243c48d21c5e4fc44f0d91fca92a064063d8fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:be:c4:dc:d9:89:09:32:d4:de:41:f2:0d:fc:
5b:cc:e0:8d:0d:1e:99:c3:a5:dd:1e:6e:47:2b:73:
b9:d4:4f:85:c9:27:ee:87:8e:71:72:cf:2b:18:30:
2d:5f:9c:13:a8:a4:29:ac:f3:6e:e3:4c:a8:e7:fc:
65:69:7d:55:c9:45:90:28:a1:3a:9f:31:23:a8:7c:
ab:e5:d7:62:df:02:a3:36:e8:dc:56:b8:ec:90:e6:
18:fc:59:b5:13:b4:b3:de:56:6e:75:99:9e:7e:c6:
df:2c:d5:6a:6a:ba:82:85:ed:74:42:9a:c2:98:4b:
36:4d:59:46:2c:64:b5:17:94:cc:d7:b7:98:8e:ed:
ae:21:86:76:a7:19:41:e3:ae:73:cf:c0:a6:de:79:
91:cb:ca:b6:bd:fd:53:92:71:34:92:a3:4f:90:1d:
3d:72:96:3e:ae:01:71:52:8f:eb:cf:3f:d1:76:c2:
a4:80:95:db:34:5a:5f:58:ea:cb:1a:1c:c1:e0:ac:
6c:3a:93:9f:60:da:b5:4d:03:98:3b:49:fe:a4:62:
a0:21:a9:c2:5c:2e:fb:17:1c:07:46:e4:34:9f:7d:
f2:cb:27:be:68:94:dd:d1:b8:44:75:a0:49:9b:f1:
e0:3e:51:77:83:d5:c9:06:8f:b3:db:56:8c:02:77:
91:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:43:C4:8D:21:C5:E4:FC:44:F0:D9:1F:CA:92:A0:64:06:3D:8F:E1
X509v3 Authority Key Identifier:
keyid:B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/kkPEjSHF5PxE8NkfypKgZAY9j-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/tmDXgyCGDV7-cp4gi160sqvr4Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.8.0/22
IPv6:
2a0e:6540::/29
2a13:7d00::/29
Signature Algorithm: sha256WithRSAEncryption
35:f3:0d:2a:cc:9f:0b:23:af:26:f2:65:cd:b1:ab:b1:37:c0:
4b:f6:c0:be:4c:8b:1c:78:1b:63:ab:f7:62:f3:32:97:8a:01:
92:9d:e6:5e:85:29:7c:f6:e8:ab:4d:13:93:60:b9:b1:d0:87:
61:fe:00:70:d0:5a:7a:ca:df:29:f6:4a:be:b9:d7:e6:11:b8:
88:4f:e4:e3:8f:3f:31:22:f6:b3:88:27:5f:66:4b:fc:33:e6:
d9:0c:2e:ad:82:33:9f:99:11:27:60:41:0d:10:15:e1:3c:44:
af:53:d0:b5:a3:c4:33:70:aa:74:a0:b3:85:a9:6b:6e:74:b4:
03:d3:88:ff:0b:6f:73:56:58:cf:b3:0a:b0:25:82:4f:26:ae:
61:79:92:e5:c4:9c:05:99:3c:ee:85:69:99:98:2b:d8:f6:e9:
97:86:81:7a:38:0a:df:60:30:77:2a:d3:c8:a7:62:be:46:f3:
77:22:7f:32:04:50:18:5e:74:ba:5d:ae:02:84:c8:84:fb:80:
e7:5c:ce:8f:06:bf:14:f9:ce:a6:85:5f:45:48:fd:a2:88:30:
ae:f6:99:a7:20:a4:33:2d:b2:fc:bd:0a:1d:20:6b:0f:47:7c:
52:96:25:65:7b:31:13:e8:32:89:9d:ba:42:13:e6:4c:a5:1d:
42:27:d7:69
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYfdzNydEl+4tuoqObq7vsSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NjBkNzgzMjA4NjBkNWVmZTcyOWUyMDhiNWViNGIyYWJl
YmUwNzgwHhcNMjMwNTAyMTg1MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQzYzQ4ZDIxYzVlNGZjNDRmMGQ5MWZjYTkyYTA2NDA2M2Q4ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb7E3NmJCTLU3kHyDfxbzOCNDR6Z
w6XdHm5HK3O51E+FySfuh45xcs8rGDAtX5wTqKQprPNu40yo5/xlaX1VyUWQKKE6
nzEjqHyr5ddi3wKjNujcVrjskOYY/Fm1E7Sz3lZudZmefsbfLNVqarqChe10QprC
mEs2TVlGLGS1F5TM17eYju2uIYZ2pxlB465zz8Cm3nmRy8q2vf1TknE0kqNPkB09
cpY+rgFxUo/rzz/RdsKkgJXbNFpfWOrLGhzB4KxsOpOfYNq1TQOYO0n+pGKgIanC
XC77FxwHRuQ0n33yyye+aJTd0bhEdaBJm/HgPlF3g9XJBo+z21aMAneRGQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJJDxI0hxeT8RPDZH8qSoGQGPY/hMB8GA1UdIwQY
MBaAFLZg14Mghg1e/nKeIItetLKr6+B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQt
NjI0YzNlNzg4Y2RmLzEva2tQRWpTSEY1UHhFOE5rZnlwS2daQVk5ai1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQtNjI0YzNlNzg4Y2Rm
LzEvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYQIMBQE
AgACMA4DBQMqDmVAAwUDKhN9ADANBgkqhkiG9w0BAQsFAAOCAQEANfMNKsyfCyOv
JvJlzbGrsTfAS/bAvkyLHHgbY6v3YvMyl4oBkp3mXoUpfPboq00Tk2C5sdCHYf4A
cNBaesrfKfZKvrnX5hG4iE/k448/MSL2s4gnX2ZL/DPm2QwurYIzn5kRJ2BBDRAV
4TxEr1PQtaPEM3CqdKCzhalrbnS0A9OI/wtvc1ZYz7MKsCWCTyauYXmS5cScBZk8
7oVpmZgr2Pbpl4aBejgK32AwdyrTyKdivkbzdyJ/MgRQGF50ul2uAoTIhPuA51zO
jwa/FPnOpoVfRUj9oogwrvaZpyCkMy2y/L0KHSBrD0d8UpYlZXsxE+gyiZ26QhPm
TKUdQifXaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:18 2024 by rpki-client on console-ams.rpki-client.org