Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/K5Y1nQq4sFDCF7YwcHSVYu6Khok.roa
File: K5Y1nQq4sFDCF7YwcHSVYu6Khok.roa (raw, json)
Hash identifier: AbYwJdlQbbaPrxZMQhrWJc/O5NCFzofKwCAzD5pjHgg=
Subject key identifier: 2B:96:35:9D:0A:B8:B0:50:C2:17:B6:30:70:74:95:62:EE:8A:86:89
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01856E01C43E1DE5E8247C90C3274B38924F
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/K5Y1nQq4sFDCF7YwcHSVYu6Khok.roa
Signing time: Sun 01 Jan 2023 15:44:47 +0000
ROA not before: Sun 01 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60548
IP address blocks: 43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
37.114.50.0/23 maxlen: 23
37.114.54.0/23 maxlen: 23
37.114.52.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c4:3e:1d:e5:e8:24:7c:90:c3:27:4b:38:92:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b96359d0ab8b050c217b63070749562ee8a8689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:68:bb:1a:fd:a4:cc:ad:34:61:8d:55:63:02:
b0:98:3b:80:c3:0e:da:23:86:f7:21:95:4a:1a:05:
70:d9:e8:4d:e9:f8:89:7d:18:c3:f9:bc:67:34:84:
20:df:22:65:1b:81:d9:7e:79:f1:dc:57:77:63:fd:
5a:85:19:e1:3b:47:7e:d3:1d:c9:2e:c6:f9:93:59:
a0:ed:ad:84:e4:f7:b0:a6:a9:a2:e9:9b:d7:79:4e:
55:a7:b7:1f:1f:f7:f2:d0:49:e6:61:20:f4:aa:ec:
83:c4:6e:fd:18:77:af:60:82:4e:bd:fe:ea:e8:b3:
f4:6c:44:74:6a:17:ea:c9:6e:6a:ed:5b:2e:cb:d6:
ba:16:ff:b9:b3:eb:e3:2b:1f:3d:25:34:63:32:4d:
a6:ed:ba:e5:3a:09:3b:09:29:f2:35:59:79:f8:e3:
e9:5e:12:80:6c:c9:9c:7e:63:68:3b:1d:b0:df:0d:
de:30:08:d4:e7:ad:1a:f2:c1:c6:c3:e6:4f:81:2e:
61:a8:64:8d:6c:98:29:bb:34:fd:c7:10:34:f0:a2:
43:ad:29:18:84:b8:c7:99:4c:84:db:ad:15:d0:6d:
df:d9:eb:d6:86:f3:21:a3:43:85:f9:80:80:d6:ff:
7c:35:85:c0:f8:e9:49:02:9a:a1:7a:7a:dd:f9:ab:
f9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:96:35:9D:0A:B8:B0:50:C2:17:B6:30:70:74:95:62:EE:8A:86:89
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/K5Y1nQq4sFDCF7YwcHSVYu6Khok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.50.0-37.114.52.255
37.114.54.0/23
37.114.63.0/24
43.251.160.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:ef:34:1a:c6:9b:1b:f3:0d:a7:9d:d6:14:db:b6:bf:58:7a:
5a:79:cc:ce:da:ba:cd:4b:99:23:00:52:65:b8:ed:26:51:b6:
70:36:9d:38:cb:01:89:c8:18:91:ec:e2:d2:ca:ef:82:34:de:
30:28:6b:a6:5a:41:c4:4b:06:04:55:89:92:be:b5:50:d7:d2:
6e:63:b1:97:6f:93:5c:54:f9:c0:92:9a:82:ae:f7:41:d7:22:
7f:c5:48:18:ec:26:63:34:1e:42:e4:f0:0b:66:fc:03:79:11:
4a:97:93:ef:ce:4f:e2:15:2e:bd:6c:3c:ed:e3:16:f7:db:93:
ef:d6:1b:9a:9a:22:b6:ec:cc:3c:44:44:6f:45:b8:60:e7:75:
94:1d:c5:aa:ab:d9:e9:c9:72:f6:aa:a4:c8:af:c1:67:4c:1b:
5b:35:b4:6b:0a:07:90:9b:d0:16:67:b0:54:d3:4b:8a:7d:7d:
25:3d:95:c8:87:85:be:db:1f:e4:1d:7d:7f:50:01:c0:b2:43:
2a:a2:54:d5:7c:3d:2e:50:1b:2b:1f:55:b9:af:34:de:3b:87:
6e:a6:f6:a0:68:7b:25:b5:ab:bd:de:9b:06:8e:e9:c0:3e:26:
2f:57:e6:df:7a:29:03:22:52:83:4f:7d:37:8c:4c:33:d5:49:
80:4e:b5:f2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVuAcQ+HeXoJHyQwydLOJJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwMTAxMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk2MzU5ZDBhYjhiMDUwYzIxN2I2MzA3MDc0OTU2MmVlOGE4Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGi7Gv2kzK00YY1VYwKwmDuAww7a
I4b3IZVKGgVw2ehN6fiJfRjD+bxnNIQg3yJlG4HZfnnx3Fd3Y/1ahRnhO0d+0x3J
Lsb5k1mg7a2E5Pewpqmi6ZvXeU5Vp7cfH/fy0EnmYSD0quyDxG79GHevYIJOvf7q
6LP0bER0ahfqyW5q7Vsuy9a6Fv+5s+vjKx89JTRjMk2m7brlOgk7CSnyNVl5+OPp
XhKAbMmcfmNoOx2w3w3eMAjU560a8sHGw+ZPgS5hqGSNbJgpuzT9xxA08KJDrSkY
hLjHmUyE260V0G3f2evWhvMho0OF+YCA1v98NYXA+OlJApqhenrd+av57QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCuWNZ0KuLBQwhe2MHB0lWLuioaJMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvSzVZMW5RcTRzRkRDRjdZd2NIU1ZZdTZLaG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAElcjID
BAAlcjQDBAElcjYDBAAlcj8DBAEr+6AwDQYJKoZIhvcNAQELBQADggEBAE3vNBrG
mxvzDaed1hTbtr9Yelp5zM7aus1LmSMAUmW47SZRtnA2nTjLAYnIGJHs4tLK74I0
3jAoa6ZaQcRLBgRViZK+tVDX0m5jsZdvk1xU+cCSmoKu90HXIn/FSBjsJmM0HkLk
8Atm/AN5EUqXk+/OT+IVLr1sPO3jFvfbk+/WG5qaIrbszDxERG9FuGDndZQdxaqr
2enJcvaqpMivwWdMG1s1tGsKB5Cb0BZnsFTTS4p9fSU9lciHhb7bH+QdfX9QAcCy
QyqiVNV8PS5QGysfVbmvNN47h26m9qBoeyW1q73emwaO6cA+Ji9X5t96KQMiUoNP
fTeMTDPVSYBOtfI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org