Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/cKKVDdEV1oyX10g9ckHIvpNlnmk.roa
File: cKKVDdEV1oyX10g9ckHIvpNlnmk.roa (raw, json)
Hash identifier: Sd1q0pOR+33OwSwUjATQ4cw+KPbdNV/W8g4Hz1tnu9U=
Subject key identifier: 70:A2:95:0D:D1:15:D6:8C:97:D7:48:3D:72:41:C8:BE:93:65:9E:69
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018AFE7B73AF007053FE882E9B5DDB0CB15C
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/cKKVDdEV1oyX10g9ckHIvpNlnmk.roa
Signing time: Thu 05 Oct 2023 06:16:57 +0000
ROA not before: Thu 05 Oct 2023 06:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.186.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 15:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:7b:73:af:00:70:53:fe:88:2e:9b:5d:db:0c:b1:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Oct 5 06:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a2950dd115d68c97d7483d7241c8be93659e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c9:98:ed:c3:9f:08:b2:9e:dc:60:ad:4a:37:
aa:99:ef:ac:ec:ac:9f:e3:1f:1b:88:0a:67:a3:a0:
b7:1b:f0:eb:ac:09:3f:04:21:35:01:f4:17:4f:34:
24:35:9c:f4:f3:6c:08:4b:5e:94:35:d3:f6:c8:a5:
1f:aa:84:b6:06:08:b1:ae:d0:29:bc:86:5c:7b:7c:
6e:b4:81:11:f6:28:e7:fa:91:89:45:6a:f7:3d:be:
e2:eb:2b:24:f0:9d:16:c6:5c:1c:b1:da:3f:df:dc:
78:49:5a:ed:65:f1:04:b8:47:5a:01:2d:74:7e:ec:
17:5f:0a:d9:43:62:cb:61:5e:da:e0:f6:74:e0:37:
26:7b:ff:8c:e0:ee:a7:ee:6c:a4:56:3b:31:93:45:
df:3f:54:ca:a5:a5:67:4a:51:b8:b2:90:a8:f3:37:
45:ab:b8:de:bb:e0:b2:6f:1f:11:36:9a:84:b3:53:
f9:65:3a:40:57:92:42:be:94:4e:ff:04:1f:df:60:
e9:95:8b:35:da:fa:84:0f:a8:a4:36:7e:36:78:e7:
64:fa:b0:1f:b2:7a:5e:82:86:1c:21:86:12:5c:e8:
19:71:b1:cc:1e:c6:f0:e2:44:5b:4a:6e:09:b1:2e:
53:b1:44:1b:7d:1f:11:32:da:44:b4:b2:bf:93:66:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A2:95:0D:D1:15:D6:8C:97:D7:48:3D:72:41:C8:BE:93:65:9E:69
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/cKKVDdEV1oyX10g9ckHIvpNlnmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.213.174.0/24
91.213.186.0/24
Signature Algorithm: sha256WithRSAEncryption
65:93:31:6a:29:10:ac:74:14:20:5b:32:66:23:15:75:8f:da:
d3:40:f9:79:56:59:f7:da:f1:c0:8f:c1:6a:ee:09:78:d4:32:
c2:6c:fc:04:b3:b5:9f:e3:2d:71:ac:92:f6:85:ac:a5:e3:11:
da:90:86:57:cd:31:14:8d:a3:56:b5:f1:26:bf:26:8b:e0:36:
c8:de:57:5d:65:81:46:9d:4f:70:7f:ab:16:50:fb:5d:5c:b9:
b3:78:aa:47:e1:cb:8f:64:ec:6f:bf:49:0c:45:b4:fc:29:fe:
b0:72:d1:04:b2:d5:7b:93:1b:58:06:ce:25:28:56:d7:fa:b0:
65:fd:bc:9a:fe:76:ed:31:ca:2d:ed:41:e0:7c:f3:ed:b3:f8:
91:ea:bf:84:1e:30:1e:4c:c1:8d:94:5b:b8:a7:d6:d0:35:96:
43:cf:4f:a8:92:cd:73:7b:b0:7f:ce:18:d5:50:09:f4:90:34:
66:9f:8e:37:be:91:f0:cf:66:6f:1c:c5:ee:39:6b:90:27:7f:
e4:59:28:a4:22:35:e9:2f:8e:de:91:4c:f4:74:d2:5d:3d:29:
06:94:91:eb:8d:32:c1:5f:86:f7:43:c3:62:aa:93:bf:42:54:
f4:3e:a1:92:0b:a8:64:e2:2e:eb:ae:39:6d:63:97:36:89:b9:
dd:74:0f:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr+e3OvAHBT/ogum13bDLFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMxMDA1MDYxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGEyOTUwZGQxMTVkNjhjOTdkNzQ4M2Q3MjQxYzhiZTkzNjU5ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsmY7cOfCLKe3GCtSjeqme+s7Kyf
4x8biApno6C3G/DrrAk/BCE1AfQXTzQkNZz082wIS16UNdP2yKUfqoS2BgixrtAp
vIZce3xutIER9ijn+pGJRWr3Pb7i6ysk8J0Wxlwcsdo/39x4SVrtZfEEuEdaAS10
fuwXXwrZQ2LLYV7a4PZ04Dcme/+M4O6n7mykVjsxk0XfP1TKpaVnSlG4spCo8zdF
q7jeu+Cybx8RNpqEs1P5ZTpAV5JCvpRO/wQf32DplYs12vqED6ikNn42eOdk+rAf
snpegoYcIYYSXOgZcbHMHsbw4kRbSm4JsS5TsUQbfR8RMtpEtLK/k2acLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHCilQ3RFdaMl9dIPXJByL6TZZ5pMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvY0tLVkRkRVYxb3lYMTBnOWNrSEl2cE5sbm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZbFAwQA
W9WuAwQAW9W6MA0GCSqGSIb3DQEBCwUAA4IBAQBlkzFqKRCsdBQgWzJmIxV1j9rT
QPl5Vln32vHAj8Fq7gl41DLCbPwEs7Wf4y1xrJL2hayl4xHakIZXzTEUjaNWtfEm
vyaL4DbI3lddZYFGnU9wf6sWUPtdXLmzeKpH4cuPZOxvv0kMRbT8Kf6wctEEstV7
kxtYBs4lKFbX+rBl/bya/nbtMcot7UHgfPPts/iR6r+EHjAeTMGNlFu4p9bQNZZD
z0+oks1ze7B/zhjVUAn0kDRmn443vpHwz2ZvHMXuOWuQJ3/kWSikIjXpL47ekUz0
dNJdPSkGlJHrjTLBX4b3Q8NiqpO/QlT0PqGSC6hk4i7rrjltY5c2ibnddA/M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org