Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/KnERLAWKsaXdondmC78YzvROQbA.roa
File: KnERLAWKsaXdondmC78YzvROQbA.roa (raw, json)
Hash identifier: wCcsqYnSZqEyPlM/PseicZ/qDnF4tEzSkkG/Mspwuys=
Subject key identifier: 2A:71:11:2C:05:8A:B1:A5:DD:A2:77:66:0B:BF:18:CE:F4:4E:41:B0
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018CC8DE81D8A81CF6C0ACCED0E3485DF092
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/KnERLAWKsaXdondmC78YzvROQbA.roa
Signing time: Tue 02 Jan 2024 06:31:14 +0000
ROA not before: Tue 02 Jan 2024 06:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33845
IP address blocks: 149.126.48.0/21 maxlen: 21
162.23.0.0/16 maxlen: 16
193.5.216.0/21 maxlen: 21
131.102.0.0/16 maxlen: 16
2a07:2900::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jan 2024 10:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:81:d8:a8:1c:f6:c0:ac:ce:d0:e3:48:5d:f0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 2 06:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a71112c058ab1a5dda277660bbf18cef44e41b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d2:42:1b:1a:7e:5b:a4:22:ca:fb:89:dd:16:
34:e7:18:c0:86:5c:da:bc:f2:78:95:d9:aa:3a:d0:
ad:68:4e:b1:28:05:ca:e5:2c:18:50:48:54:9a:96:
30:e4:0f:2f:f1:ff:09:45:2e:e6:43:60:26:77:32:
e5:30:79:80:b4:1e:1d:94:d1:f9:ed:71:04:a4:88:
56:0f:3b:1b:f7:df:5c:36:eb:66:92:29:47:5a:d4:
d0:28:5a:53:1b:38:7c:f4:02:fd:33:58:d3:52:18:
db:5d:e2:77:ce:82:5d:d3:87:24:1e:c2:b1:22:87:
a6:84:4a:a4:98:92:b9:36:4d:f2:ac:ac:e8:63:1f:
cc:04:1e:0e:f3:a2:d8:e4:81:09:26:24:dd:80:a0:
fc:8f:ea:bf:e3:7f:c0:98:4d:dd:95:54:03:80:47:
90:f2:97:c5:0c:a2:8d:80:d9:30:0a:c0:42:43:56:
0a:49:90:48:10:2c:86:41:a7:3e:52:5e:6f:26:b6:
8c:de:5e:b7:15:03:b4:82:e6:a0:34:56:61:14:ac:
66:ef:cc:6c:78:13:15:3a:b7:10:9f:c1:7d:5f:d2:
c7:e7:28:c8:6b:c1:8e:d7:1c:e3:1c:72:fd:02:4d:
0e:e4:62:94:cc:84:f6:f4:2e:3f:64:0c:54:3e:30:
c2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:71:11:2C:05:8A:B1:A5:DD:A2:77:66:0B:BF:18:CE:F4:4E:41:B0
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/KnERLAWKsaXdondmC78YzvROQbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.102.0.0/16
149.126.48.0/21
162.23.0.0/16
193.5.216.0/21
IPv6:
2a07:2900::/32
Signature Algorithm: sha256WithRSAEncryption
43:5b:9e:db:16:b8:8a:96:e6:a4:da:dc:b6:d0:c0:28:57:59:
94:9e:96:0f:73:c4:47:4a:3b:d2:8a:fb:89:0d:e2:62:0b:18:
e4:ad:a9:ac:3f:bf:d9:d4:8d:37:16:6a:05:5a:e4:c7:71:07:
b2:ce:e1:10:d2:a1:03:51:24:b4:32:b8:95:30:4e:4f:00:f7:
0c:1e:9a:ef:d6:ab:e5:2f:a8:87:77:c0:1a:90:60:14:16:be:
1c:c1:c0:93:ea:3f:af:0a:73:de:5b:10:c1:90:cf:3b:43:1c:
6a:96:89:69:9d:9a:61:c5:ba:8c:43:5c:43:95:46:4b:c6:f1:
65:07:1d:1a:91:42:5d:79:e1:be:8f:8b:87:f3:e5:58:50:2d:
6b:ad:b5:10:e1:c9:58:e6:0b:14:16:dd:ab:f8:52:76:42:2a:
a3:69:dd:fd:04:5e:ae:5e:79:d1:3e:c3:87:6b:13:e8:83:bc:
c7:26:e6:35:b9:92:b4:af:31:68:d5:5c:5b:45:e3:db:71:a4:
86:e8:42:de:57:03:5f:66:1e:46:8a:28:66:63:18:23:cd:c0:
66:d4:ed:85:20:bd:7f:af:fd:e4:e2:55:9a:a3:5f:60:49:36:
f6:ca:eb:db:36:e4:a7:61:d4:68:9e:ae:77:b8:5b:57:ab:36:
32:52:eb:ca
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzI3oHYqBz2wKzO0ONIXfCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwMTAyMDYzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTcxMTEyYzA1OGFiMWE1ZGRhMjc3NjYwYmJmMThjZWY0NGU0MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNJCGxp+W6QiyvuJ3RY05xjAhlza
vPJ4ldmqOtCtaE6xKAXK5SwYUEhUmpYw5A8v8f8JRS7mQ2AmdzLlMHmAtB4dlNH5
7XEEpIhWDzsb999cNutmkilHWtTQKFpTGzh89AL9M1jTUhjbXeJ3zoJd04ckHsKx
IoemhEqkmJK5Nk3yrKzoYx/MBB4O86LY5IEJJiTdgKD8j+q/43/AmE3dlVQDgEeQ
8pfFDKKNgNkwCsBCQ1YKSZBIECyGQac+Ul5vJraM3l63FQO0guagNFZhFKxm78xs
eBMVOrcQn8F9X9LH5yjIa8GO1xzjHHL9Ak0O5GKUzIT29C4/ZAxUPjDCJQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFCpxESwFirGl3aJ3Zgu/GM70TkGwMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvS25FUkxBV0tzYVhkb25kbUM3OFl6dlJPUWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwMAg2YDBAOV
fjADAwCiFwMEA8EF2DANBAIAAjAHAwUAKgcpADANBgkqhkiG9w0BAQsFAAOCAQEA
Q1ue2xa4ipbmpNrcttDAKFdZlJ6WD3PER0o70or7iQ3iYgsY5K2prD+/2dSNNxZq
BVrkx3EHss7hENKhA1EktDK4lTBOTwD3DB6a79ar5S+oh3fAGpBgFBa+HMHAk+o/
rwpz3lsQwZDPO0McapaJaZ2aYcW6jENcQ5VGS8bxZQcdGpFCXXnhvo+Lh/PlWFAt
a621EOHJWOYLFBbdq/hSdkIqo2nd/QRerl550T7Dh2sT6IO8xybmNbmStK8xaNVc
W0Xj23GkhuhC3lcDX2YeRoooZmMYI83AZtTthSC9f6/95OJVmqNfYEk29srr2zbk
p2HUaJ6ud7hbV6s2MlLryg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org