Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/klaH23KOAUiE0wcLVI6f6V0gCKk.roa
File: klaH23KOAUiE0wcLVI6f6V0gCKk.roa (raw, json)
Hash identifier: tsoE0Oc7/0e2PSSuaiVHNsY0WrqcG7wrZUonxN7XciQ=
Subject key identifier: 92:56:87:DB:72:8E:01:48:84:D3:07:0B:54:8E:9F:E9:5D:20:08:A9
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 01922ADC87BA5D9A8BF229DC8ACEF557BE61
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/klaH23KOAUiE0wcLVI6f6V0gCKk.roa
Signing time: Wed 25 Sep 2024 20:25:48 +0000
ROA not before: Wed 25 Sep 2024 20:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51115
IP address blocks: 81.161.98.0/23 maxlen: 24
178.248.232.0/21 maxlen: 24
185.65.148.0/22 maxlen: 24
185.94.108.0/22 maxlen: 24
195.43.92.0/23 maxlen: 24
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Nov 2024 15:22:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2a:dc:87:ba:5d:9a:8b:f2:29:dc:8a:ce:f5:57:be:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Sep 25 20:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=925687db728e014884d3070b548e9fe95d2008a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:89:08:2c:a2:66:6a:cf:b3:95:b8:80:00:b4:
74:c2:15:85:e3:71:32:b0:46:ae:eb:a8:7c:62:86:
cc:ae:04:c6:b6:07:4f:37:cd:fd:16:51:9d:58:70:
0f:3b:a2:54:50:87:e6:12:af:8f:b1:01:1e:b7:1b:
80:f5:fc:a0:c5:7a:9b:3a:f7:69:81:c8:f2:a9:c7:
81:c4:5e:a4:e8:45:68:ed:61:c0:b2:70:56:ff:9c:
3f:6e:fa:d8:f7:8e:f2:95:ad:d0:74:5f:9c:d7:09:
cf:42:4a:57:a1:e5:67:46:c2:ba:d5:cc:b8:45:f4:
07:ef:03:73:00:9f:0f:8b:4b:cd:14:c8:35:b3:07:
33:93:3a:89:a7:8b:4c:d1:60:9a:e2:20:8e:c1:6d:
0a:0e:0a:d4:c5:59:a8:05:e7:89:4c:1d:15:90:14:
da:60:62:06:7a:9f:40:0f:ea:8a:35:2c:bd:c6:02:
fe:63:54:6a:c3:83:f2:05:b4:e9:da:58:9d:90:06:
bc:26:e9:bd:26:53:e1:7e:60:1d:ea:46:9c:8c:bb:
78:68:ea:4e:2d:3c:9b:05:43:f7:c5:ad:39:1d:2c:
7a:37:b1:8d:47:63:7a:4c:5f:04:c2:e3:dd:84:1e:
1d:68:cc:a2:dc:fc:2d:dc:69:45:ea:45:89:e1:3e:
8e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:56:87:DB:72:8E:01:48:84:D3:07:0B:54:8E:9F:E9:5D:20:08:A9
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/klaH23KOAUiE0wcLVI6f6V0gCKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.98.0/23
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
195.43.92.0/23
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
77:a5:16:0c:74:ce:a2:5e:c2:8e:41:be:bb:78:83:4b:d9:2f:
bc:bf:6a:9c:63:98:c5:e0:a4:a0:f0:07:4e:f9:15:99:d2:b4:
05:ea:53:18:c9:e7:4a:11:72:38:c0:5d:e0:0e:87:3f:2d:8a:
68:a1:45:78:1e:da:fe:af:88:62:19:c7:c9:c5:fc:34:31:75:
67:0c:43:30:7b:b9:86:08:db:8b:3a:aa:ae:6d:8c:dc:a7:68:
fe:eb:0b:56:c2:5e:83:15:dd:dc:9f:c0:fb:b1:ea:22:5a:d9:
9e:b8:c5:04:d8:e4:43:dd:40:a1:53:1d:83:d3:ea:a8:47:12:
8d:66:78:23:92:25:6a:ee:bb:0d:42:0c:5c:fd:15:4a:e2:66:
26:8b:a0:3a:94:27:6b:e0:93:c4:55:c9:f4:fd:9a:2f:44:d4:
22:76:37:b3:bd:8e:78:bd:7d:1a:23:e4:0a:b8:95:d3:16:91:
5f:9b:6b:3c:0e:77:ee:6f:41:7f:57:73:c0:89:ff:de:55:5e:
7b:0d:a2:74:a4:c6:30:d8:d4:4a:ac:80:23:56:0f:d0:6e:4a:
96:67:8b:5b:d6:d6:7e:34:9c:5c:25:69:08:d6:ec:f6:37:ab:
19:ec:7f:b6:ba:44:2e:39:99:ad:c2:4e:ab:7a:76:c7:94:e0:
35:b9:59:51
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZIq3Ie6XZqL8incis71V75hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjQwOTI1MjAyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjU2ODdkYjcyOGUwMTQ4ODRkMzA3MGI1NDhlOWZlOTVkMjAwOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYkILKJmas+zlbiAALR0whWF43Ey
sEau66h8YobMrgTGtgdPN839FlGdWHAPO6JUUIfmEq+PsQEetxuA9fygxXqbOvdp
gcjyqceBxF6k6EVo7WHAsnBW/5w/bvrY947yla3QdF+c1wnPQkpXoeVnRsK61cy4
RfQH7wNzAJ8Pi0vNFMg1swczkzqJp4tM0WCa4iCOwW0KDgrUxVmoBeeJTB0VkBTa
YGIGep9AD+qKNSy9xgL+Y1Rqw4PyBbTp2lidkAa8Jum9JlPhfmAd6kacjLt4aOpO
LTybBUP3xa05HSx6N7GNR2N6TF8EwuPdhB4daMyi3Pwt3GlF6kWJ4T6ORwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJJWh9tyjgFIhNMHC1SOn+ldIAipMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEva2xhSDIzS09BVWlFMHdjTFZJNmY2VjBnQ0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBUaFiAwQD
svjoAwQCuUGUAwQCuV5sAwQBwytcMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEB
CwUAA4IBAQB3pRYMdM6iXsKOQb67eINL2S+8v2qcY5jF4KSg8AdO+RWZ0rQF6lMY
yedKEXI4wF3gDoc/LYpooUV4Htr+r4hiGcfJxfw0MXVnDEMwe7mGCNuLOqqubYzc
p2j+6wtWwl6DFd3cn8D7seoiWtmeuMUE2ORD3UChUx2D0+qoRxKNZngjkiVq7rsN
Qgxc/RVK4mYmi6A6lCdr4JPEVcn0/ZovRNQidjezvY54vX0aI+QKuJXTFpFfm2s8
Dnfub0F/V3PAif/eVV57DaJ0pMYw2NRKrIAjVg/QbkqWZ4tb1tZ+NJxcJWkI1uz2
N6sZ7H+2ukQuOZmtwk6renbHlOA1uVlR
-----END CERTIFICATE-----
Generated at Thu Nov 14 17:49:48 2024 by rpki-client on console-ams.rpki-client.org