Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K7jPKuOW3j54Yd9ZvOzKjr7iN_k.roa
File: K7jPKuOW3j54Yd9ZvOzKjr7iN_k.roa (raw, json)
Hash identifier: n3ZHBPZH/0CX9LwPoMpujqaysl3E1G+yTJg5lngUbYI=
Subject key identifier: 2B:B8:CF:2A:E3:96:DE:3E:78:61:DF:59:BC:EC:CA:8E:BE:E2:37:F9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D79F771754EE412ADA79147BA93683B40
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K7jPKuOW3j54Yd9ZvOzKjr7iN_k.roa
Signing time: Mon 05 Feb 2024 15:51:15 +0000
ROA not before: Mon 05 Feb 2024 15:51:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.148.116.0/22 maxlen: 24
185.238.188.0/22 maxlen: 24
2a06:de01:d0::/44 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
2a10:ccc3:ccca::/48 maxlen: 48
2a10:ccc3:ccce::/47 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Feb 2024 03:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:f7:71:75:4e:e4:12:ad:a7:91:47:ba:93:68:3b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 5 15:51:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bb8cf2ae396de3e7861df59bcecca8ebee237f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0f:74:29:00:8a:af:12:ec:27:d6:9c:25:e3:
53:d1:cb:c3:20:a5:4f:d3:cf:8a:ac:a5:a3:43:f7:
aa:b5:a1:0c:96:63:02:3e:40:29:38:56:b9:d0:29:
6a:61:2f:75:55:2c:fd:81:13:e6:9e:b1:32:86:89:
84:b6:f4:6a:2e:e2:fa:9f:f1:ca:d0:2f:49:11:15:
6c:7e:48:e3:a7:a0:d3:7d:47:b5:a3:b2:cb:aa:87:
71:f1:c0:f7:8d:dc:21:3c:18:96:c9:9c:ef:df:af:
78:68:ce:16:3f:f5:ce:9a:a6:49:6b:ed:7e:75:21:
55:72:11:48:49:89:73:8b:02:c5:e8:ff:b1:d2:0d:
e6:c5:fd:fc:3a:d2:ba:d8:e6:21:c1:86:8a:d8:07:
a2:8c:cc:32:f2:59:77:ac:f4:e7:d1:10:3d:3a:7e:
4b:b1:f9:b5:79:ef:85:17:16:22:04:73:be:eb:1b:
79:91:2b:39:7d:b7:2d:a4:77:0e:11:d9:54:f6:53:
b4:e4:08:70:dc:9b:67:e5:7d:ed:80:59:7f:75:23:
9c:6d:18:32:32:d1:b4:df:aa:20:e3:f1:d2:a6:e7:
c1:de:f3:18:24:a6:7d:9b:ba:d8:3d:17:da:42:02:
21:1c:59:45:36:91:15:df:d8:68:f6:d2:07:23:5d:
51:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B8:CF:2A:E3:96:DE:3E:78:61:DF:59:BC:EC:CA:8E:BE:E2:37:F9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K7jPKuOW3j54Yd9ZvOzKjr7iN_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/22
185.238.188.0/22
IPv6:
2a06:de01:d0::/44
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c4:ac00::/38
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc3:ccca::/48
2a10:ccc3:ccce::/47
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
5f:a9:d9:0f:45:eb:1e:26:70:e6:c1:a0:f9:e0:30:86:44:c7:
be:3f:55:3c:a8:ea:aa:d4:df:57:d5:c1:89:06:28:1f:a6:12:
e0:59:54:a5:e7:16:a4:3a:e3:6d:13:26:6c:3c:08:b7:c2:e5:
a0:4c:4a:b1:a2:c9:fe:d4:88:74:b7:06:10:5e:52:e7:62:1b:
a2:f7:5d:76:b5:4d:49:91:f7:f9:3b:fb:86:e0:dc:5b:84:24:
d6:59:ef:c2:87:f0:0a:e3:69:6a:7e:dc:b5:cc:43:25:d7:86:
31:51:f3:d1:a0:1c:68:9b:70:28:c9:30:d7:b7:fb:c5:1f:86:
24:ca:21:d8:80:67:b5:56:72:02:a0:31:ea:30:b6:b8:ca:92:
11:eb:3d:2d:50:da:36:a0:12:65:b3:37:8f:44:48:aa:2a:77:
7c:46:be:4b:39:a1:14:9f:09:d1:78:1c:08:2c:d3:df:56:e6:
d5:e0:dc:f1:55:92:ad:f3:19:d6:6a:a1:e8:ba:7b:b3:01:02:
a8:11:d1:92:92:1a:11:0e:6d:4b:a1:30:07:6e:6f:24:51:82:
87:42:20:02:b4:46:84:b7:45:2f:b9:88:c2:3f:a6:e3:ec:a2:
9f:81:96:70:68:e5:ac:16:28:91:ad:e9:c0:14:5a:39:e3:a6:
a7:6f:4a:94
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY1593F1TuQSraeRR7qTaDtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjA1MTU1MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmI4Y2YyYWUzOTZkZTNlNzg2MWRmNTliY2VjY2E4ZWJlZTIzN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow90KQCKrxLsJ9acJeNT0cvDIKVP
08+KrKWjQ/eqtaEMlmMCPkApOFa50ClqYS91VSz9gRPmnrEyhomEtvRqLuL6n/HK
0C9JERVsfkjjp6DTfUe1o7LLqodx8cD3jdwhPBiWyZzv3694aM4WP/XOmqZJa+1+
dSFVchFISYlziwLF6P+x0g3mxf38OtK62OYhwYaK2AeijMwy8ll3rPTn0RA9On5L
sfm1ee+FFxYiBHO+6xt5kSs5fbctpHcOEdlU9lO05Ahw3Jtn5X3tgFl/dSOcbRgy
MtG036og4/HSpufB3vMYJKZ9m7rYPRfaQgIhHFlFNpEV39ho9tIHI11RxQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFCu4zyrjlt4+eGHfWbzsyo6+4jf5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSzdqUEt1T1czajU0WWQ5WnZPektqcjdpTl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDASBAIAATAMAwQCLZR0
AwQCue68MIGNBAIAAjCBhgMHBCoG3gEA0AMGACoMO4f/AwcAKg6XwAdQMBIDBwAq
DpfAB5EDBwAqDpfAB5IDBgIqDpfErAMHACoOsQcJ9AMHACoOsQcJ9gMHACoOsQcN
8gMHACoOsQcYcAMHACoOsQcbngMHACoOsQcniwMHACoQzMPMygMHASoQzMPMzgMG
AioQzMeQMA0GCSqGSIb3DQEBCwUAA4IBAQBfqdkPReseJnDmwaD54DCGRMe+P1U8
qOqq1N9X1cGJBigfphLgWVSl5xakOuNtEyZsPAi3wuWgTEqxosn+1Ih0twYQXlLn
Yhui9112tU1Jkff5O/uG4NxbhCTWWe/Ch/AK42lqfty1zEMl14YxUfPRoBxom3Ao
yTDXt/vFH4YkyiHYgGe1VnICoDHqMLa4ypIR6z0tUNo2oBJlszePREiqKnd8Rr5L
OaEUnwnReBwILNPfVubV4NzxVZKt8xnWaqHounuzAQKoEdGSkhoRDm1LoTAHbm8k
UYKHQiACtEaEt0UvuYjCP6bj7KKfgZZwaOWsFiiRrenAFFo546anb0qU
-----END CERTIFICATE-----
Generated at Wed Feb 21 03:47:04 2024 by rpki-client on console-ams.rpki-client.org