Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/KxRqxhGpK4OSX03QB0Tp6ljecNQ.roa
File: KxRqxhGpK4OSX03QB0Tp6ljecNQ.roa (raw, json)
Hash identifier: MtGyouX7uhVPpqtsoReWYxMGoZ212jqaX8QG5vLVnU8=
Subject key identifier: 2B:14:6A:C6:11:A9:2B:83:92:5F:4D:D0:07:44:E9:EA:58:DE:70:D4
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018AB31A91EAFB873ABD41C65E4E53B5F0ED
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/KxRqxhGpK4OSX03QB0Tp6ljecNQ.roa
Signing time: Wed 20 Sep 2023 14:59:37 +0000
ROA not before: Wed 20 Sep 2023 14:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6134
IP address blocks: 91.216.169.0/24 maxlen: 24
91.217.135.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.216.190.0/24 maxlen: 24
45.150.198.0/23 maxlen: 24
45.83.236.0/24 maxlen: 24
45.10.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:1a:91:ea:fb:87:3a:bd:41:c6:5e:4e:53:b5:f0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Sep 20 14:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b146ac611a92b83925f4dd00744e9ea58de70d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:51:62:18:7b:cb:ca:2c:c3:a7:8b:a4:cd:
51:88:8b:3b:c0:d2:dd:b0:a4:6d:f3:a7:9c:33:74:
41:c4:93:31:dc:82:df:50:c4:1d:64:29:8b:ef:77:
63:07:9b:18:07:93:23:b7:e7:6f:79:88:39:29:56:
c3:b7:ad:d4:46:fc:d7:e5:e7:7e:c7:bb:7d:75:30:
4d:c9:4f:78:cb:66:44:2c:1d:50:d7:3b:b8:e2:67:
bc:1f:ab:79:cb:d1:31:98:73:21:d9:72:5c:46:e8:
4b:b2:43:0f:54:02:d4:8a:4c:64:80:29:9f:3c:cc:
de:dc:18:66:e0:8b:f1:4b:d7:8c:f9:2f:29:c4:61:
5b:21:10:e1:41:21:75:5b:9a:d7:8a:91:3c:5f:c1:
55:26:5c:83:38:46:12:9e:72:35:5b:2a:7d:cb:71:
61:a7:73:4b:43:99:ee:6f:f0:c9:41:fe:3b:13:60:
21:4d:07:e1:f6:c0:e4:53:ed:fd:03:5b:9f:31:d1:
cf:16:38:a5:df:8d:07:6e:f4:30:40:32:5d:35:55:
6e:9e:dd:21:49:4f:47:a5:80:65:32:e7:70:cf:bc:
ac:c3:60:ce:1d:f1:67:85:3f:12:c4:cc:aa:0e:6a:
0a:cd:1a:b7:9e:ba:54:7f:9b:c9:32:69:b0:1d:f3:
ed:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:14:6A:C6:11:A9:2B:83:92:5F:4D:D0:07:44:E9:EA:58:DE:70:D4
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/KxRqxhGpK4OSX03QB0Tp6ljecNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.68.0/24
45.83.236.0/24
45.150.198.0/23
91.213.200.0/24
91.216.169.0/24
91.216.190.0/24
91.217.135.0/24
Signature Algorithm: sha256WithRSAEncryption
32:f0:23:c6:73:43:a5:3d:55:6b:84:11:25:e7:84:b0:76:eb:
0b:70:77:36:37:21:f9:a4:a6:54:84:cd:ba:17:27:1c:ab:45:
1d:92:7d:46:2a:ee:54:f8:3b:c3:7b:bb:74:8e:a9:6c:53:28:
6e:96:1b:eb:a1:e8:7f:61:61:ee:20:c0:c8:84:a6:8e:eb:74:
6a:b8:34:7b:43:e9:ff:d3:cd:6a:cb:ea:fd:82:8c:90:5b:58:
10:d1:cc:ed:fb:39:ff:0a:bb:e5:55:7d:cd:30:3a:89:23:1a:
a4:45:25:45:88:6e:7b:59:12:8e:42:c9:3e:bd:dd:c3:dc:5f:
71:b2:71:bb:e0:32:3d:af:a7:74:e6:ab:da:60:0d:28:5a:4c:
bf:61:b3:0e:ab:c2:b3:3e:d9:a2:75:b6:4c:f9:49:30:57:21:
45:88:92:6f:2b:da:67:be:c7:e3:b6:84:75:45:4b:04:83:b2:
0a:49:53:19:84:56:e0:21:48:ba:c0:f2:25:32:aa:cd:a0:83:
94:55:d1:43:0a:6a:69:91:dc:31:53:2c:b0:f5:9d:01:74:99:
9f:56:ba:7c:9f:f6:fa:77:fa:70:4e:03:f6:25:4d:1f:ae:9f:
3d:2a:38:62:a9:17:2a:b7:36:8a:8f:30:21:e4:38:79:3e:1e:
aa:4d:5b:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYqzGpHq+4c6vUHGXk5TtfDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwOTIwMTQ1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjE0NmFjNjExYTkyYjgzOTI1ZjRkZDAwNzQ0ZTllYTU4ZGU3MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiVRYhh7y8osw6eLpM1RiIs7wNLd
sKRt86ecM3RBxJMx3ILfUMQdZCmL73djB5sYB5Mjt+dveYg5KVbDt63URvzX5ed+
x7t9dTBNyU94y2ZELB1Q1zu44me8H6t5y9ExmHMh2XJcRuhLskMPVALUikxkgCmf
PMze3Bhm4IvxS9eM+S8pxGFbIRDhQSF1W5rXipE8X8FVJlyDOEYSnnI1Wyp9y3Fh
p3NLQ5nub/DJQf47E2AhTQfh9sDkU+39A1ufMdHPFjil340HbvQwQDJdNVVunt0h
SU9HpYBlMudwz7ysw2DOHfFnhT8SxMyqDmoKzRq3nrpUf5vJMmmwHfPttwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCsUasYRqSuDkl9N0AdE6epY3nDUMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvS3hScXhoR3BLNE9TWDAzUUIwVHA2bGplY05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQpEAwQA
LVPsAwQBLZbGAwQAW9XIAwQAW9ipAwQAW9i+AwQAW9mHMA0GCSqGSIb3DQEBCwUA
A4IBAQAy8CPGc0OlPVVrhBEl54SwdusLcHc2NyH5pKZUhM26Fyccq0Udkn1GKu5U
+DvDe7t0jqlsUyhulhvroeh/YWHuIMDIhKaO63RquDR7Q+n/081qy+r9goyQW1gQ
0czt+zn/CrvlVX3NMDqJIxqkRSVFiG57WRKOQsk+vd3D3F9xsnG74DI9r6d05qva
YA0oWky/YbMOq8KzPtmidbZM+UkwVyFFiJJvK9pnvsfjtoR1RUsEg7IKSVMZhFbg
IUi6wPIlMqrNoIOUVdFDCmppkdwxUyyw9Z0BdJmfVrp8n/b6d/pwTgP2JU0frp89
KjhiqRcqtzaKjzAh5Dh5Ph6qTVv+
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:04 2024 by rpki-client on console-fra.rpki-client.org