Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/K7YT9CnMaAZavNaeEceTP9QQbtI.roa
File: K7YT9CnMaAZavNaeEceTP9QQbtI.roa (raw, json)
Hash identifier: wndEaMAIGVH3w6Hz7ZYVSqIGtjlRVb8PVmfvwte5IdU=
Subject key identifier: 2B:B6:13:F4:29:CC:68:06:5A:BC:D6:9E:11:C7:93:3F:D4:10:6E:D2
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018FC432027195354BBE37BFD5CE964622D2
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/K7YT9CnMaAZavNaeEceTP9QQbtI.roa
Signing time: Wed 29 May 2024 11:52:42 +0000
ROA not before: Wed 29 May 2024 11:52:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.241.0/24 maxlen: 24
45.135.181.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Jun 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:32:02:71:95:35:4b:be:37:bf:d5:ce:96:46:22:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 29 11:52:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bb613f429cc68065abcd69e11c7933fd4106ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:6f:2b:c9:40:01:9c:ee:e7:ba:04:02:83:
23:8b:90:f7:98:fd:ee:56:10:ed:e5:82:db:fc:4f:
69:e5:dc:24:c1:1e:c5:59:12:99:18:45:cb:58:ec:
2f:37:98:6c:7f:b7:a5:98:7f:41:1c:8a:46:dd:b4:
2b:22:c0:11:2a:2f:5e:f9:8e:9f:97:a3:ba:72:84:
50:44:00:73:08:a5:4b:56:24:7f:6b:f9:b6:d5:56:
b0:8c:7a:56:8e:5d:5c:8a:96:3d:4e:85:21:c1:7f:
c2:85:2a:84:a1:91:1f:c4:7f:72:54:da:d6:5d:ac:
b4:c6:d2:73:a7:c0:4e:5d:29:2c:0f:28:6d:91:07:
4c:15:92:94:92:7c:63:7e:71:08:d8:67:9a:f9:5d:
19:46:10:3f:e7:0b:2e:8b:30:91:89:9b:2e:22:2d:
cc:42:9e:a4:22:a4:1a:94:39:12:0f:6b:a3:ad:ae:
3c:79:99:c0:af:4e:0c:b1:98:be:e6:4c:53:38:96:
2f:0a:bb:73:b0:62:70:9b:3f:38:3c:87:63:c1:a7:
4e:a7:7d:ed:a3:a2:f0:3e:7c:64:d4:ac:0d:bd:c1:
38:9b:1d:eb:fc:2c:4a:48:1b:93:14:66:c1:7c:c9:
b3:49:f2:45:3a:25:e3:78:c7:4c:ca:66:0f:8e:b6:
33:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B6:13:F4:29:CC:68:06:5A:BC:D6:9E:11:C7:93:3F:D4:10:6E:D2
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/K7YT9CnMaAZavNaeEceTP9QQbtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.241.0/24
45.135.181.0-45.135.183.255
86.105.4.0/24
89.34.106.0/24
92.114.32.0/24
93.114.183.0/24
94.177.51.0/24
188.64.142.0/24
188.208.103.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f1:f1:99:d1:a9:b8:cc:f4:c4:a5:1e:29:f1:7e:36:9e:31:
be:fb:9d:61:02:bb:ae:a9:7a:12:42:6e:34:0f:f3:4f:0a:a3:
84:ac:da:aa:7d:7e:da:9d:27:1c:b8:64:93:f8:d3:fd:19:5a:
7b:22:c2:71:53:40:a9:16:e9:78:88:2f:14:b5:32:87:dc:8b:
1d:c0:7c:0b:98:39:9f:b2:25:3c:2b:f2:df:5f:ca:02:04:f1:
df:ea:d9:a3:b0:93:46:75:8d:4c:ae:4d:83:de:87:ff:ce:ea:
2f:c2:a4:48:8c:b7:05:40:4a:d3:49:cc:41:19:38:fd:c2:53:
a5:8e:76:61:1f:df:e6:f1:09:d8:90:c4:23:b0:dd:04:ec:d8:
88:b7:7b:49:d1:ca:33:8a:d7:94:75:db:5c:9d:07:6f:52:95:
72:db:88:95:9b:47:f8:35:1e:5b:34:40:68:56:d8:a7:b4:bf:
2a:c2:77:e8:3e:0e:86:f3:17:36:2c:3d:91:14:45:ad:45:92:
a6:29:b0:75:ca:d2:c2:6a:7b:cc:0e:9d:0c:b4:24:0a:3d:07:
95:b5:28:92:cb:0c:9b:62:20:33:ee:c6:43:99:79:f4:1e:0a:
73:60:27:07:cb:7a:b9:e2:5c:bb:59:c4:b7:f1:70:a1:4f:15:
cb:6e:2f:b3
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY/EMgJxlTVLvje/1c6WRiLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNTI5MTE1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmI2MTNmNDI5Y2M2ODA2NWFiY2Q2OWUxMWM3OTMzZmQ0MTA2ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKdvK8lAAZzu57oEAoMji5D3mP3u
VhDt5YLb/E9p5dwkwR7FWRKZGEXLWOwvN5hsf7elmH9BHIpG3bQrIsARKi9e+Y6f
l6O6coRQRABzCKVLViR/a/m21VawjHpWjl1cipY9ToUhwX/ChSqEoZEfxH9yVNrW
Xay0xtJzp8BOXSksDyhtkQdMFZKUknxjfnEI2Gea+V0ZRhA/5wsuizCRiZsuIi3M
Qp6kIqQalDkSD2ujra48eZnAr04MsZi+5kxTOJYvCrtzsGJwmz84PIdjwadOp33t
o6LwPnxk1KwNvcE4mx3r/CxKSBuTFGbBfMmzSfJFOiXjeMdMymYPjrYzPQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCu2E/QpzGgGWrzWnhHHkz/UEG7SMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSzdZVDlDbk1hQVphdk5hZUVjZVRQOVFRYnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAAjnxMAwD
BAAth7UDBAMth7ADBABWaQQDBABZImoDBABcciADBABdcrcDBABesTMDBAC8QI4D
BAC80GcDBADZEwQwDQYJKoZIhvcNAQELBQADggEBAIfx8ZnRqbjM9MSlHinxfjae
Mb77nWECu66pehJCbjQP808Ko4Ss2qp9ftqdJxy4ZJP40/0ZWnsiwnFTQKkW6XiI
LxS1Mofcix3AfAuYOZ+yJTwr8t9fygIE8d/q2aOwk0Z1jUyuTYPeh//O6i/CpEiM
twVAStNJzEEZOP3CU6WOdmEf3+bxCdiQxCOw3QTs2Ii3e0nRyjOK15R121ydB29S
lXLbiJWbR/g1Hls0QGhW2Ke0vyrCd+g+DobzFzYsPZEURa1FkqYpsHXK0sJqe8wO
nQy0JAo9B5W1KJLLDJtiIDPuxkOZefQeCnNgJwfLerniXLtZxLfxcKFPFctuL7M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org