Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/11kf4_zyikwzTWjUonj_aQagTAE.roa
File: 11kf4_zyikwzTWjUonj_aQagTAE.roa (raw, json)
Hash identifier: YOLAND5veeNiYNVUvMseQriGZXinrZGGg3Dz/8Pl3qI=
Subject key identifier: D7:59:1F:E3:FC:F2:8A:4C:33:4D:68:D4:A2:78:FF:69:06:A0:4C:01
Certificate issuer: /CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Certificate serial: 018CC49241E00A2120A8B4B4EB4E4CE0CC2B
Authority key identifier: 71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/11kf4_zyikwzTWjUonj_aQagTAE.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208718
IP address blocks: 45.87.192.0/24 maxlen: 24
45.87.193.0/24 maxlen: 24
45.87.195.0/24 maxlen: 24
45.87.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:41:e0:0a:21:20:a8:b4:b4:eb:4e:4c:e0:cc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7591fe3fcf28a4c334d68d4a278ff6906a04c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:44:d9:7c:04:92:16:41:54:f5:54:4e:47:cb:
56:b2:d2:b7:b6:8d:c3:fc:a1:af:21:6b:f8:48:d9:
a4:36:db:47:59:80:3c:e6:48:7d:95:84:8a:82:9e:
35:53:b7:96:b9:a7:49:77:77:6b:44:55:fe:f3:57:
e8:2f:9f:cc:81:3c:2c:f4:a4:ff:37:46:58:27:8f:
83:c6:6c:06:22:ff:c0:3a:c0:14:2a:90:6f:c0:5d:
fe:bc:d9:b1:56:7a:d8:94:39:86:1c:d9:01:62:71:
fc:b2:62:2e:cd:25:61:c9:80:1a:a1:b5:fd:d7:bd:
cf:13:25:46:ee:4a:97:06:9c:42:4a:c7:0e:a7:a5:
a6:ae:2b:31:f6:9e:03:0d:b3:ab:ef:c7:b3:ed:b5:
e1:73:e0:90:a3:a0:3f:67:d1:e4:93:a7:50:e3:5c:
19:d0:5b:1d:6a:09:d8:c4:eb:cd:0a:0d:f7:bd:24:
b1:15:68:4f:1e:74:08:3a:d0:f5:41:6c:e7:52:01:
bd:43:7e:30:95:34:8e:f4:30:9e:14:88:2c:f7:95:
90:a4:c1:c3:f7:53:51:2e:75:1e:d6:66:7d:15:ee:
dc:98:16:05:80:63:16:f8:fa:61:cf:f4:82:c5:db:
5c:d2:ec:01:44:d6:73:f0:e1:fd:da:fb:bf:8f:25:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:59:1F:E3:FC:F2:8A:4C:33:4D:68:D4:A2:78:FF:69:06:A0:4C:01
X509v3 Authority Key Identifier:
keyid:71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/11kf4_zyikwzTWjUonj_aQagTAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:16:e9:ea:68:c5:bd:3a:48:d5:dc:b9:c7:6f:f0:67:18:20:
34:df:eb:87:11:e6:f4:09:ee:30:b6:6b:e3:3a:ac:8c:82:08:
a1:32:e2:e6:8b:ff:b3:22:b5:76:0f:9b:32:d8:87:f3:94:5a:
da:d0:e4:c2:14:74:90:3a:70:d7:8b:92:67:fc:1e:4e:22:2a:
31:a9:41:78:85:df:4d:85:bc:9a:e4:5d:60:1b:c7:c1:29:71:
bc:69:dd:9d:50:02:0b:d2:e8:ac:11:56:8b:22:5b:b2:fe:75:
c2:19:ee:e7:5c:87:60:2b:1a:7e:15:df:64:4e:1e:3f:72:d8:
70:86:87:0c:46:fe:fa:55:1e:c3:26:4e:1a:65:85:97:b3:5f:
3b:54:25:74:39:85:6b:7c:3c:17:d6:e1:90:0a:90:7d:09:c5:
80:e0:92:7c:0d:4a:f8:71:5c:11:80:a1:23:00:24:e1:14:49:
ba:88:8b:d6:8c:fb:e0:b3:01:93:27:1d:fa:2b:22:52:e2:d6:
d5:22:0f:3f:84:58:48:8a:bd:15:88:26:2b:79:ca:8b:29:9e:
75:43:4a:36:6a:48:f3:44:56:0f:50:90:39:bc:35:2c:fa:f8:
01:de:4d:99:0d:4a:c7:2c:2d:15:a8:12:04:5a:d5:9f:13:ad:
eb:e1:a6:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkkHgCiEgqLS0605M4MwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYjZkMGUwMDcyZDBjYWIyOWJmYTg3MzdkZTJhNTNlNTE0
MTgyNzYwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzU5MWZlM2ZjZjI4YTRjMzM0ZDY4ZDRhMjc4ZmY2OTA2YTA0YzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokTZfASSFkFU9VROR8tWstK3to3D
/KGvIWv4SNmkNttHWYA85kh9lYSKgp41U7eWuadJd3drRFX+81foL5/MgTws9KT/
N0ZYJ4+DxmwGIv/AOsAUKpBvwF3+vNmxVnrYlDmGHNkBYnH8smIuzSVhyYAaobX9
173PEyVG7kqXBpxCSscOp6Wmrisx9p4DDbOr78ez7bXhc+CQo6A/Z9Hkk6dQ41wZ
0FsdagnYxOvNCg33vSSxFWhPHnQIOtD1QWznUgG9Q34wlTSO9DCeFIgs95WQpMHD
91NRLnUe1mZ9Fe7cmBYFgGMW+Pphz/SCxdtc0uwBRNZz8OH92vu/jyW4nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdZH+P88opMM01o1KJ4/2kGoEwBMB8GA1UdIwQY
MBaAFHG20OAHLQyrKb+oc33ipT5RQYJ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYt
YjFmY2YzODk2OTk5LzEvMTFrZjRfenlpa3d6VFdqVW9ual9hUWFnVEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYtYjFmY2YzODk2OTk5
LzEvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVfAMA0G
CSqGSIb3DQEBCwUAA4IBAQC4FunqaMW9OkjV3LnHb/BnGCA03+uHEeb0Ce4wtmvj
OqyMggihMuLmi/+zIrV2D5sy2IfzlFra0OTCFHSQOnDXi5Jn/B5OIioxqUF4hd9N
hbya5F1gG8fBKXG8ad2dUAIL0uisEVaLIluy/nXCGe7nXIdgKxp+Fd9kTh4/cthw
hocMRv76VR7DJk4aZYWXs187VCV0OYVrfDwX1uGQCpB9CcWA4JJ8DUr4cVwRgKEj
ACThFEm6iIvWjPvgswGTJx36KyJS4tbVIg8/hFhIir0ViCYrecqLKZ51Q0o2akjz
RFYPUJA5vDUs+vgB3k2ZDUrHLC0VqBIEWtWfE63r4abx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:19 2025 by rpki-client