Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/kLZSwry8evCYbG-t5X_ZG_vL21A.roa
File: kLZSwry8evCYbG-t5X_ZG_vL21A.roa (raw, json)
Hash identifier: ibJaQXw/08ynoYrKpthBbharRPbj1MXxCGnxw/VCCn0=
Subject key identifier: 90:B6:52:C2:BC:BC:7A:F0:98:6C:6F:AD:E5:7F:D9:1B:FB:CB:DB:50
Certificate issuer: /CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Certificate serial: 01931F11A419129DD9AA883B0930DC6DDF7B
Authority key identifier: 98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/kLZSwry8evCYbG-t5X_ZG_vL21A.roa
Signing time: Tue 12 Nov 2024 06:31:10 +0000
ROA not before: Tue 12 Nov 2024 06:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3758
IP address blocks: 45.86.188.0/23 maxlen: 24
80.94.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:11:a4:19:12:9d:d9:aa:88:3b:09:30:dc:6d:df:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Validity
Not Before: Nov 12 06:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90b652c2bcbc7af0986c6fade57fd91bfbcbdb50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:99:c3:39:a0:45:75:85:ae:e0:0d:00:c6:50:
99:06:40:9f:f3:df:20:1a:3b:3e:27:08:9f:af:95:
a8:9a:b2:85:c3:96:72:36:ab:9d:72:45:c8:b7:8d:
0a:ab:2d:35:cb:7a:90:63:9a:68:e4:6f:92:0e:f8:
95:b4:63:4c:c5:9f:7d:90:6f:44:29:ea:2b:88:c8:
47:ce:c3:9b:4e:ed:34:bd:2a:2b:76:e9:3f:f1:12:
1b:a4:de:bd:a3:26:f0:f9:87:8f:51:e3:05:6a:d3:
75:5f:50:43:99:d9:e6:de:16:84:0f:7c:02:a1:e1:
ee:c6:86:cf:67:54:4c:2e:63:d8:8d:2a:31:69:c7:
f4:39:a1:d1:60:fb:02:dd:6f:8b:f4:78:46:e1:44:
2a:2e:09:ed:09:26:6d:91:a9:db:04:aa:a4:db:74:
1e:63:2b:b1:70:96:d7:11:a6:cf:02:58:43:46:0e:
0b:0a:c4:8f:7f:7e:9b:db:6d:2e:e2:bc:ad:1f:b9:
97:ce:53:61:5d:13:da:c9:ba:de:61:94:e5:95:fe:
16:22:20:af:77:c9:28:9e:99:24:95:ab:16:b4:97:
de:9b:14:f7:e1:11:79:1f:2b:79:16:fb:0b:f6:9b:
01:96:3c:ab:c3:93:c5:e2:1e:cc:f2:c8:dd:ab:68:
cf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B6:52:C2:BC:BC:7A:F0:98:6C:6F:AD:E5:7F:D9:1B:FB:CB:DB:50
X509v3 Authority Key Identifier:
keyid:98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/kLZSwry8evCYbG-t5X_ZG_vL21A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.188.0/23
80.94.89.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0f:c8:10:82:3b:5f:df:00:46:2b:91:9e:fc:14:49:10:42:
4f:63:39:c8:d1:e0:28:4e:08:22:8e:f2:12:02:af:77:bf:33:
2d:6d:ea:58:53:74:74:0c:ea:f7:1e:64:c2:bf:d5:3a:bc:90:
97:ce:c0:3b:fa:22:45:f0:1e:e1:33:55:48:5c:d8:b3:97:d3:
77:1c:6e:fe:1c:4f:bf:0c:08:4d:16:e8:2c:89:15:47:d3:e9:
96:3a:c0:42:90:8f:5e:92:20:dc:11:fe:4d:4d:58:6e:48:8e:
bb:b9:45:4b:10:11:e1:76:1b:34:48:01:4d:64:2d:dd:fa:87:
9d:5b:a2:d3:7a:95:cb:86:0c:a4:74:e0:ca:8d:69:c1:2f:3b:
8e:87:8d:52:3b:4a:00:a6:b7:cd:2f:57:94:b7:71:de:86:85:
c5:bf:b1:53:b6:60:ae:b0:ab:71:99:7e:56:fa:b9:e4:4b:a8:
d0:df:ea:dd:0a:a2:95:1a:30:65:13:39:d2:be:5c:b1:e3:0b:
b6:6f:07:79:73:ad:f5:b9:50:34:6a:03:7f:64:4f:c3:f0:51:
4e:6d:27:2f:4c:e2:4c:0e:3f:45:42:16:2b:82:36:ac:d2:af:
d3:0a:a2:91:b8:56:1b:10:c9:44:f9:9b:7b:a9:43:17:2f:1a:
19:4c:52:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMfEaQZEp3Zqog7CTDcbd97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjhhMTk5MmJiODAzN2RkZTgxZDBjOGNkYzA2OTVmY2Vl
MTdjMjcwHhcNMjQxMTEyMDYzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI2NTJjMmJjYmM3YWYwOTg2YzZmYWRlNTdmZDkxYmZiY2JkYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZnDOaBFdYWu4A0AxlCZBkCf898g
Gjs+Jwifr5WomrKFw5ZyNqudckXIt40Kqy01y3qQY5po5G+SDviVtGNMxZ99kG9E
KeoriMhHzsObTu00vSorduk/8RIbpN69oybw+YePUeMFatN1X1BDmdnm3haED3wC
oeHuxobPZ1RMLmPYjSoxacf0OaHRYPsC3W+L9HhG4UQqLgntCSZtkanbBKqk23Qe
YyuxcJbXEabPAlhDRg4LCsSPf36b220u4rytH7mXzlNhXRPaybreYZTllf4WIiCv
d8konpkklasWtJfemxT34RF5Hyt5FvsL9psBljyrw5PF4h7M8sjdq2jP3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJC2UsK8vHrwmGxvreV/2Rv7y9tQMB8GA1UdIwQY
MBaAFJhooZkruAN93oHQyM3AaV/O4XwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2It
ZDc4ZDU2MzFkN2Y2LzEva0xaU3dyeThldkNZYkctdDVYX1pHX3ZMMjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2ItZDc4ZDU2MzFkN2Y2
LzEvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVa8AwQA
UF5ZMA0GCSqGSIb3DQEBCwUAA4IBAQBED8gQgjtf3wBGK5Ge/BRJEEJPYznI0eAo
TggijvISAq93vzMtbepYU3R0DOr3HmTCv9U6vJCXzsA7+iJF8B7hM1VIXNizl9N3
HG7+HE+/DAhNFugsiRVH0+mWOsBCkI9ekiDcEf5NTVhuSI67uUVLEBHhdhs0SAFN
ZC3d+oedW6LTepXLhgykdODKjWnBLzuOh41SO0oAprfNL1eUt3HehoXFv7FTtmCu
sKtxmX5W+rnkS6jQ3+rdCqKVGjBlEznSvlyx4wu2bwd5c631uVA0agN/ZE/D8FFO
bScvTOJMDj9FQhYrgjas0q/TCqKRuFYbEMlE+Zt7qUMXLxoZTFLL
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:47 2025 by rpki-client