Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/cbknC-1sGJ3LuSHwwbJTB5tyQxI.roa
File: cbknC-1sGJ3LuSHwwbJTB5tyQxI.roa (raw, json)
Hash identifier: NrR8A63OoIToH2vGW4GGxOmgHFVPvrn43+PNLb7WspU=
Subject key identifier: 71:B9:27:0B:ED:6C:18:9D:CB:B9:21:F0:C1:B2:53:07:9B:72:43:12
Certificate issuer: /CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Certificate serial: 01903B027216C4E54A3C5621842F7FB5E8A2
Authority key identifier: DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/cbknC-1sGJ3LuSHwwbJTB5tyQxI.roa
Signing time: Fri 21 Jun 2024 13:35:34 +0000
ROA not before: Fri 21 Jun 2024 13:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28756
IP address blocks: 145.64.128.0/21 maxlen: 21
145.64.128.0/22 maxlen: 22
145.64.130.0/24 maxlen: 24
145.64.132.0/22 maxlen: 22
145.64.132.0/23 maxlen: 23
145.64.134.0/24 maxlen: 24
145.64.135.0/24 maxlen: 24
145.64.144.0/20 maxlen: 20
145.64.144.0/23 maxlen: 23
145.64.146.0/24 maxlen: 24
145.64.147.0/24 maxlen: 24
145.64.148.0/24 maxlen: 24
145.64.149.0/24 maxlen: 24
145.64.157.0/24 maxlen: 24
145.64.158.0/24 maxlen: 24
145.64.159.0/24 maxlen: 24
145.64.160.0/20 maxlen: 20
145.64.160.0/24 maxlen: 24
145.64.161.0/24 maxlen: 24
145.64.162.0/24 maxlen: 24
145.64.170.0/24 maxlen: 24
145.64.240.0/21 maxlen: 21
145.64.241.0/24 maxlen: 24
145.64.242.0/24 maxlen: 24
145.64.245.0/24 maxlen: 24
145.64.246.0/24 maxlen: 24
145.64.248.0/21 maxlen: 21
145.64.248.0/22 maxlen: 22
145.64.248.0/24 maxlen: 24
145.64.250.0/24 maxlen: 24
145.64.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jul 2024 09:24:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:02:72:16:c4:e5:4a:3c:56:21:84:2f:7f:b5:e8:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Validity
Not Before: Jun 21 13:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71b9270bed6c189dcbb921f0c1b253079b724312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:31:a5:f6:76:9f:25:15:a7:bf:19:67:8f:fc:
9f:bb:04:d9:40:c7:67:64:16:93:32:c8:38:5b:7f:
f6:46:71:fc:53:4a:46:ca:02:16:e2:6c:f7:84:1c:
56:7a:13:69:99:ba:07:80:be:f2:74:83:d9:08:9b:
99:1e:23:f4:62:51:eb:b3:9f:b8:8a:b5:17:b8:07:
29:a0:09:32:9d:a6:86:fe:10:51:43:38:6b:da:75:
9f:7f:67:98:52:af:b3:99:b0:e7:7f:3d:bd:97:ef:
60:90:0a:be:d9:1c:c3:d4:6b:90:df:e9:18:92:3f:
ff:bc:60:9b:fb:df:9f:39:a6:d3:1f:ab:cd:30:e9:
fd:c5:79:35:00:e6:5d:a6:52:0c:e1:2d:f9:0e:ac:
e2:ce:48:d3:7e:18:54:d6:c3:24:ec:ca:cc:c8:82:
62:58:8b:97:ca:04:9f:ef:f9:7d:1a:af:14:f7:6c:
49:92:b3:5f:1a:ff:45:e1:26:a4:a4:58:5c:db:a6:
aa:84:8b:d1:53:4c:aa:31:a2:83:f7:4d:16:ee:9a:
6c:25:11:51:8a:85:1e:1e:7b:0a:03:67:22:eb:81:
52:94:f1:dc:7d:67:4a:d0:68:2d:86:10:0f:ec:07:
8b:8a:da:65:5c:14:42:36:89:15:75:81:d9:8f:79:
99:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B9:27:0B:ED:6C:18:9D:CB:B9:21:F0:C1:B2:53:07:9B:72:43:12
X509v3 Authority Key Identifier:
keyid:DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/cbknC-1sGJ3LuSHwwbJTB5tyQxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.64.128.0/21
145.64.144.0-145.64.175.255
145.64.240.0/20
Signature Algorithm: sha256WithRSAEncryption
90:c6:44:88:bf:9b:5f:9b:7b:21:d5:f1:da:7c:0d:73:16:1e:
04:ec:9c:31:04:e9:29:53:a8:b9:92:fe:58:c1:15:1b:83:b9:
e4:db:55:77:72:a1:5e:7c:1c:33:a6:32:e8:e3:5b:a8:eb:7e:
4f:16:8f:08:46:82:c6:fe:c5:d4:0f:bf:38:0a:18:b0:fd:4b:
a0:10:6a:94:33:69:6b:2c:65:ca:11:ec:5b:f9:cd:01:70:a2:
3c:73:7b:7d:23:61:67:37:7f:21:72:02:bc:aa:1d:77:4c:f0:
6d:9c:bf:1c:7c:81:bc:5a:7e:71:28:c8:10:3b:2b:f6:48:5e:
10:e2:da:b6:f7:26:71:8b:18:f2:03:3f:ba:16:5b:8a:cb:29:
1a:78:82:54:9c:f2:05:a2:62:96:74:79:dd:b1:f9:2b:24:4e:
fc:fd:3e:e1:19:83:70:35:12:5d:65:fa:95:6b:c0:c7:75:c4:
a0:84:54:79:f9:5e:7f:52:0d:f1:ad:a3:2c:10:37:1e:ba:ed:
3b:7e:f8:01:11:0d:52:38:33:83:f4:b1:82:0d:b7:b4:43:2b:
f1:ee:3a:0f:68:96:3d:fc:be:e6:a0:d4:2e:57:e3:46:e5:7e:
ab:77:e4:d2:aa:14:d0:e5:24:b4:bd:51:3d:36:26:c3:11:5c:
41:8d:ba:2b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZA7AnIWxOVKPFYhhC9/teiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzc3YjVkMDIyYmYwYmU0YTYyMjRiNDdlZWE2Y2EwYjgx
YmYwMzcwHhcNMjQwNjIxMTMzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI5MjcwYmVkNmMxODlkY2JiOTIxZjBjMWIyNTMwNzliNzI0MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTGl9nafJRWnvxlnj/yfuwTZQMdn
ZBaTMsg4W3/2RnH8U0pGygIW4mz3hBxWehNpmboHgL7ydIPZCJuZHiP0YlHrs5+4
irUXuAcpoAkynaaG/hBRQzhr2nWff2eYUq+zmbDnfz29l+9gkAq+2RzD1GuQ3+kY
kj//vGCb+9+fOabTH6vNMOn9xXk1AOZdplIM4S35DqzizkjTfhhU1sMk7MrMyIJi
WIuXygSf7/l9Gq8U92xJkrNfGv9F4SakpFhc26aqhIvRU0yqMaKD900W7ppsJRFR
ioUeHnsKA2ci64FSlPHcfWdK0GgthhAP7AeLitplXBRCNokVdYHZj3mZwQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHG5JwvtbBidy7kh8MGyUwebckMSMB8GA1UdIwQY
MBaAFNw3e10CK/C+SmIktH7qbKC4G/A3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2It
OGIwNWI3NzhlMGQ1LzEvY2JrbkMtMXNHSjNMdVNId3diSlRCNXR5UXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2ItOGIwNWI3NzhlMGQ1
LzEvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDkUCAMAwD
BASRQJADBASRQKADBASRQPAwDQYJKoZIhvcNAQELBQADggEBAJDGRIi/m1+beyHV
8dp8DXMWHgTsnDEE6SlTqLmS/ljBFRuDueTbVXdyoV58HDOmMujjW6jrfk8WjwhG
gsb+xdQPvzgKGLD9S6AQapQzaWssZcoR7Fv5zQFwojxze30jYWc3fyFyAryqHXdM
8G2cvxx8gbxafnEoyBA7K/ZIXhDi2rb3JnGLGPIDP7oWW4rLKRp4glSc8gWiYpZ0
ed2x+SskTvz9PuEZg3A1El1l+pVrwMd1xKCEVHn5Xn9SDfGtoywQNx667Tt++AER
DVI4M4P0sYINt7RDK/HuOg9olj38vuag1C5X40blfqt35NKqFNDlJLS9UT02JsMR
XEGNuis=
-----END CERTIFICATE-----
Generated at Tue Jul 2 11:42:57 2024 by rpki-client on console-fra.rpki-client.org