Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kdM4wrnBvkOAI3Pa1SoE-4RXEbQ.roa
File: kdM4wrnBvkOAI3Pa1SoE-4RXEbQ.roa (raw, json)
Hash identifier: GQu+pkB6RYpo6j4bfZU2vAZyii/F86v/CZoMVtx2g/U=
Subject key identifier: 91:D3:38:C2:B9:C1:BE:43:80:23:73:DA:D5:2A:04:FB:84:57:11:B4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0193869857CDEED73EEEECFA9C3B063B051F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kdM4wrnBvkOAI3Pa1SoE-4RXEbQ.roa
Signing time: Mon 02 Dec 2024 08:59:11 +0000
ROA not before: Mon 02 Dec 2024 08:59:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44948
IP address blocks: 45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 23
109.61.104.0/21 maxlen: 24
139.28.96.0/22 maxlen: 22
185.238.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 14:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:98:57:cd:ee:d7:3e:ee:ec:fa:9c:3b:06:3b:05:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 2 08:59:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91d338c2b9c1be43802373dad52a04fb845711b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:66:6d:dd:f9:0c:68:cc:3a:a0:ee:35:20:04:
2d:c3:d0:2d:0b:ec:33:25:e9:42:f2:f6:9d:af:3f:
cd:03:82:f3:b5:51:d1:5b:dc:5a:57:84:05:e7:1c:
50:64:9a:5d:cc:9f:04:b2:4b:4d:a7:66:d0:a4:21:
43:4a:05:31:5e:a7:06:9d:ed:32:6e:67:36:45:76:
b7:cb:01:b2:19:33:4d:55:4a:a1:88:5f:cb:7b:0f:
04:ed:ce:ec:b0:51:ff:59:97:4e:27:af:0e:24:cc:
d3:a5:02:77:ab:c7:23:d2:14:60:c4:40:93:e4:d9:
4c:71:0e:b9:e2:28:80:32:25:b8:bb:4d:ed:41:ed:
cd:1d:17:74:b0:a5:fe:a0:07:10:b5:19:e5:a8:66:
75:3a:6a:3f:97:83:4b:74:d2:1e:ef:96:18:a8:59:
3f:75:3a:6b:59:ab:68:cd:37:f7:50:6f:ca:b3:65:
37:1a:1e:3f:88:a0:43:0d:a0:a2:7a:79:73:7e:f6:
39:e0:8a:e5:a4:a8:10:ee:a3:83:96:d5:11:4e:14:
2f:83:9b:43:ec:23:64:fe:84:3c:1f:8a:fc:36:0e:
d4:c7:26:0f:ea:ff:66:b7:ed:c6:88:54:f6:c4:33:
c9:4c:48:a7:75:e8:be:b8:c0:f4:0a:f5:b2:5b:aa:
d0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D3:38:C2:B9:C1:BE:43:80:23:73:DA:D5:2A:04:FB:84:57:11:B4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kdM4wrnBvkOAI3Pa1SoE-4RXEbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.184.0/22
77.81.50.0/23
109.61.104.0/21
139.28.96.0/22
185.238.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:8e:6a:60:6b:76:e6:e5:c1:a3:45:04:17:54:72:6a:64:77:
db:be:86:4f:62:3b:54:9b:e1:ad:e9:b5:d1:4f:33:06:02:1c:
ed:b8:20:ff:71:7b:02:ab:e3:38:85:e1:6b:3c:39:79:16:12:
07:30:d0:b6:c1:3b:7e:40:5d:6c:08:27:29:73:b1:77:48:00:
64:e0:70:d9:0b:69:31:2b:2a:37:e3:33:09:3f:66:de:74:f1:
57:f7:c2:9d:fe:41:94:9a:fd:da:ef:09:c3:b9:de:c0:b4:02:
79:0d:2a:43:45:59:17:cb:54:48:d8:4a:5a:d2:c0:ea:48:95:
28:84:39:be:77:57:49:27:86:c4:08:9c:a0:62:15:c3:f9:d3:
a1:94:0a:d6:36:50:28:23:40:4e:d0:b4:26:67:ff:3b:63:ca:
d2:e4:2c:54:8f:e7:71:01:da:73:a5:91:29:b8:79:8b:57:11:
0e:d7:cc:b6:68:b8:bf:aa:6b:a7:9d:88:c4:98:91:ce:94:43:
a9:5c:bd:bd:25:01:42:0d:8a:58:81:3d:b9:fb:46:24:2c:1c:
62:b8:71:81:10:8f:16:04:02:86:d6:be:68:60:07:56:39:04:
16:d6:25:b3:58:56:25:ab:ad:b4:17:6a:91:bd:f1:b4:72:5d:
a6:38:5e:34
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZOGmFfN7tc+7uz6nDsGOwUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMjAyMDg1OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQzMzhjMmI5YzFiZTQzODAyMzczZGFkNTJhMDRmYjg0NTcxMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mZt3fkMaMw6oO41IAQtw9AtC+wz
JelC8vadrz/NA4LztVHRW9xaV4QF5xxQZJpdzJ8EsktNp2bQpCFDSgUxXqcGne0y
bmc2RXa3ywGyGTNNVUqhiF/Lew8E7c7ssFH/WZdOJ68OJMzTpQJ3q8cj0hRgxECT
5NlMcQ654iiAMiW4u03tQe3NHRd0sKX+oAcQtRnlqGZ1Omo/l4NLdNIe75YYqFk/
dTprWatozTf3UG/Ks2U3Gh4/iKBDDaCienlzfvY54IrlpKgQ7qODltURThQvg5tD
7CNk/oQ8H4r8Ng7UxyYP6v9mt+3GiFT2xDPJTEindei+uMD0CvWyW6rQiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJHTOMK5wb5DgCNz2tUqBPuEVxG0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva2RNNHdybkJ2a09BSTNQYTFTb0UtNFJYRWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYO4AwQB
TVEyAwQDbT1oAwQCixxgAwQCue68MA0GCSqGSIb3DQEBCwUAA4IBAQA9jmpga3bm
5cGjRQQXVHJqZHfbvoZPYjtUm+Gt6bXRTzMGAhztuCD/cXsCq+M4heFrPDl5FhIH
MNC2wTt+QF1sCCcpc7F3SABk4HDZC2kxKyo34zMJP2bedPFX98Kd/kGUmv3a7wnD
ud7AtAJ5DSpDRVkXy1RI2Epa0sDqSJUohDm+d1dJJ4bECJygYhXD+dOhlArWNlAo
I0BO0LQmZ/87Y8rS5CxUj+dxAdpzpZEpuHmLVxEO18y2aLi/qmunnYjEmJHOlEOp
XL29JQFCDYpYgT25+0YkLBxiuHGBEI8WBAKG1r5oYAdWOQQW1iWzWFYlq620F2qR
vfG0cl2mOF40
-----END CERTIFICATE-----
Generated at Mon Dec 23 22:31:50 2024 by rpki-client on console-ams.rpki-client.org