Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KZpEGWDN9_m1lbwcOkcLqpYzaVE.roa
File: KZpEGWDN9_m1lbwcOkcLqpYzaVE.roa (raw, json)
Hash identifier: SFrfHAEZn6aDbFOOgqzYGNakp3vuAmnUIM8oKOorv34=
Subject key identifier: 29:9A:44:19:60:CD:F7:F9:B5:95:BC:1C:3A:47:0B:AA:96:33:69:51
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E8604805D6AFCC2AB34F991D1C4D67395
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KZpEGWDN9_m1lbwcOkcLqpYzaVE.roa
Signing time: Thu 28 Mar 2024 17:03:45 +0000
ROA not before: Thu 28 Mar 2024 17:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 45.87.126.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
94.154.190.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 13:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:04:80:5d:6a:fc:c2:ab:34:f9:91:d1:c4:d6:73:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 17:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=299a441960cdf7f9b595bc1c3a470baa96336951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:08:3a:f3:51:86:ec:5d:dd:23:7e:bd:b9:e0:
b1:6a:1e:06:7b:72:8f:99:b4:7b:fb:3c:49:6d:59:
99:09:4b:05:fe:98:3a:04:21:5f:9f:2e:6c:67:bc:
90:35:58:57:1f:c9:d6:ec:63:3f:37:7a:52:7c:14:
d4:be:be:a1:27:50:fa:8b:02:6d:a7:95:6c:d1:cc:
ec:2a:c6:ae:3a:0e:27:76:97:00:70:5f:89:32:15:
a9:ee:47:7e:cb:e0:4a:07:e0:db:90:3e:6c:31:31:
82:3c:f8:30:cc:c5:83:f1:6e:06:8e:77:b8:0f:bb:
57:d8:eb:73:32:4a:5c:85:d0:dc:74:79:46:82:ce:
1c:8a:be:9b:15:20:03:bd:d9:c4:bd:24:81:e8:96:
d8:22:43:0e:cf:86:3e:68:19:eb:b9:b6:2c:9d:d6:
bd:86:a9:e4:94:a9:de:00:98:76:5d:d4:47:84:4f:
7a:e2:d1:15:11:c9:e2:39:b7:16:b0:cb:1b:cd:19:
75:7c:77:80:40:ea:24:78:0c:1c:fc:da:a4:08:87:
75:a3:87:3b:26:02:6c:e0:49:ee:83:b2:00:65:22:
a3:36:79:ec:7b:d0:32:97:ae:84:22:6c:e0:2a:52:
92:80:e5:85:0e:69:41:26:3e:97:89:2f:21:38:6b:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9A:44:19:60:CD:F7:F9:B5:95:BC:1C:3A:47:0B:AA:96:33:69:51
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KZpEGWDN9_m1lbwcOkcLqpYzaVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.127.255
94.154.190.0/24
193.187.105.0/24
194.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
40:37:fd:41:37:37:29:fc:0d:cb:4d:2f:86:5e:9d:81:b2:0e:
14:7a:e1:2f:25:3a:64:8d:27:65:1e:3b:c4:a0:a2:e8:6a:cc:
1d:72:f0:85:12:45:2f:8e:31:48:6b:0e:58:12:92:a8:ec:13:
e6:4c:01:a3:6c:b8:17:07:4a:0c:fb:a2:d2:a3:ec:00:84:14:
a5:7f:67:30:6a:d6:1a:bf:06:86:ab:9c:cc:d3:a9:07:8a:7e:
3d:09:2d:cd:3d:fd:e9:d9:db:3b:31:54:54:75:4a:63:c4:70:
3c:b1:da:8e:83:21:a1:36:e0:38:22:5d:fa:d7:5c:eb:71:88:
99:b9:a1:a6:4a:96:be:66:1a:ed:35:4a:46:0e:d1:d4:ae:36:
d1:55:2c:89:3e:cb:79:e6:db:f0:f0:6a:af:94:ca:61:40:4b:
72:c8:07:9d:a0:81:b3:67:89:c5:b2:75:4f:9a:59:55:7b:53:
9a:e8:17:94:bf:39:11:92:93:9a:d0:76:5e:8b:a8:24:07:1d:
b8:3a:bb:24:f3:89:f9:d9:3b:99:a5:54:86:a9:a1:c5:5b:83:
1e:b7:70:0d:02:79:02:9e:d0:67:a5:78:70:55:32:b5:05:12:
a6:85:d7:1c:31:8c:b2:c8:d9:9c:cb:78:d6:77:79:54:80:50:
c4:8f:e8:ba
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY6GBIBdavzCqzT5kdHE1nOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTcwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTlhNDQxOTYwY2RmN2Y5YjU5NWJjMWMzYTQ3MGJhYTk2MzM2OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQg681GG7F3dI369ueCxah4Ge3KP
mbR7+zxJbVmZCUsF/pg6BCFfny5sZ7yQNVhXH8nW7GM/N3pSfBTUvr6hJ1D6iwJt
p5Vs0czsKsauOg4ndpcAcF+JMhWp7kd+y+BKB+DbkD5sMTGCPPgwzMWD8W4Gjne4
D7tX2OtzMkpchdDcdHlGgs4cir6bFSADvdnEvSSB6JbYIkMOz4Y+aBnrubYsnda9
hqnklKneAJh2XdRHhE964tEVEcniObcWsMsbzRl1fHeAQOokeAwc/NqkCId1o4c7
JgJs4Enug7IAZSKjNnnse9Ayl66EImzgKlKSgOWFDmlBJj6XiS8hOGsstwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCmaRBlgzff5tZW8HDpHC6qWM2lRMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvS1pwRUdXRE45X20xbGJ3Y09rY0xxcFl6YVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALVd+AwQA
LV8dMAwDBAAtgH0DBActgAADBABemr4DBADBu2kDBADCO7swDQYJKoZIhvcNAQEL
BQADggEBAEA3/UE3Nyn8DctNL4ZenYGyDhR64S8lOmSNJ2UeO8SgouhqzB1y8IUS
RS+OMUhrDlgSkqjsE+ZMAaNsuBcHSgz7otKj7ACEFKV/ZzBq1hq/BoarnMzTqQeK
fj0JLc09/enZ2zsxVFR1SmPEcDyx2o6DIaE24DgiXfrXXOtxiJm5oaZKlr5mGu01
SkYO0dSuNtFVLIk+y3nm2/Dwaq+UymFAS3LIB52ggbNnicWydU+aWVV7U5roF5S/
ORGSk5rQdl6LqCQHHbg6uyTzifnZO5mlVIapocVbgx63cA0CeQKe0GeleHBVMrUF
EqaF1xwxjLLI2ZzLeNZ3eVSAUMSP6Lo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org