Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/KKhaMWEq0BsTL0kBrZBULo4xfOU.roa
File: KKhaMWEq0BsTL0kBrZBULo4xfOU.roa (raw, json)
Hash identifier: rAx9xdS5Y2bX7sQqQx1cwTw4eV3L7lCs9+lah85Y/gQ=
Subject key identifier: 28:A8:5A:31:61:2A:D0:1B:13:2F:49:01:AD:90:54:2E:8E:31:7C:E5
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018CC7947B69ACF69FCD64A1F94654AD8DEA
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/KKhaMWEq0BsTL0kBrZBULo4xfOU.roa
Signing time: Tue 02 Jan 2024 00:30:46 +0000
ROA not before: Tue 02 Jan 2024 00:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.145.154.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 06:35:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7b:69:ac:f6:9f:cd:64:a1:f9:46:54:ad:8d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 2 00:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28a85a31612ad01b132f4901ad90542e8e317ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fc:40:04:0a:12:ef:d1:04:2b:eb:99:1d:85:
1f:a6:86:61:1f:31:a1:dd:2a:52:2d:71:c5:ed:3c:
ad:84:0a:8d:13:b9:30:5a:04:82:a3:e6:00:23:50:
b6:30:b4:6b:c7:86:b5:3c:5b:9e:62:8d:f9:62:2d:
ad:56:7f:e3:9b:6e:10:e1:8b:01:d4:87:7f:22:92:
78:74:86:67:4c:19:9b:85:00:df:6d:9e:e4:58:2e:
12:97:c8:09:df:17:b1:7f:36:f4:56:e6:1d:7a:50:
45:ed:b8:6e:3a:72:37:89:7d:69:0d:de:54:a4:df:
fb:db:df:90:75:cf:1f:f9:2c:dd:8a:62:1b:1e:83:
cc:e7:2d:27:b2:03:75:d0:31:64:d8:da:cf:d0:a3:
bf:7b:22:de:17:b6:51:01:a2:bc:8f:49:35:21:7e:
1d:c1:5e:75:50:0f:58:f3:51:f2:0e:bd:fc:82:d6:
88:eb:d2:3e:e6:3b:75:74:89:e0:50:c8:41:db:e1:
7f:09:ba:64:d9:d8:b1:9c:93:0d:ea:87:14:61:36:
cb:d4:fc:d1:b4:11:b8:df:dd:d6:06:96:1b:32:08:
d1:4f:27:7d:1d:79:d2:fb:65:74:97:29:5b:92:25:
11:38:9b:a8:d5:86:2d:64:17:e0:26:e8:cb:a5:04:
5c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A8:5A:31:61:2A:D0:1B:13:2F:49:01:AD:90:54:2E:8E:31:7C:E5
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/KKhaMWEq0BsTL0kBrZBULo4xfOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.154.0/23
Signature Algorithm: sha256WithRSAEncryption
19:66:db:df:a9:b0:80:8f:e3:45:1b:de:6e:88:4a:cf:8e:21:
e1:b1:a0:e9:c6:08:c9:9d:33:7a:29:88:bd:5c:1b:ea:0f:ee:
45:6a:a5:e8:37:34:1f:8a:f8:f4:4e:82:3d:27:6e:76:f1:6d:
cb:ab:d7:95:20:11:30:e3:f5:be:d3:b8:e4:08:79:5c:63:d1:
79:d8:dd:92:02:de:d4:f0:ad:0b:42:c5:0f:0f:c1:83:64:b7:
70:77:39:59:9a:d1:8a:05:20:6a:24:3f:be:f9:1d:60:d8:c5:
fe:91:2c:1a:98:2e:10:5e:3b:c5:70:49:02:2e:94:a8:e0:62:
44:4b:af:cd:c3:48:23:ae:ea:e1:eb:ca:b2:16:ee:a7:e0:05:
9a:28:ef:0d:14:ae:28:ea:ee:24:e9:25:8b:85:f7:de:9c:ce:
ad:62:af:47:61:f1:dd:16:d8:b6:a0:71:76:8e:33:7b:a8:94:
19:4c:f1:61:55:d5:f8:cc:9a:9d:01:99:18:7f:38:e8:4d:c6:
e1:c0:79:a9:97:e6:e7:9d:88:54:81:90:76:d5:cc:0e:b3:04:
41:75:7d:00:04:db:3f:fa:e0:a9:ba:6c:54:de:7a:9c:48:76:
ce:cc:a0:62:02:30:de:b7:9d:96:3b:5a:e0:57:95:1a:37:2b:
25:64:7e:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlHtprPafzWSh+UZUrY3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQwMTAyMDAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE4NWEzMTYxMmFkMDFiMTMyZjQ5MDFhZDkwNTQyZThlMzE3Y2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPxABAoS79EEK+uZHYUfpoZhHzGh
3SpSLXHF7TythAqNE7kwWgSCo+YAI1C2MLRrx4a1PFueYo35Yi2tVn/jm24Q4YsB
1Id/IpJ4dIZnTBmbhQDfbZ7kWC4Sl8gJ3xexfzb0VuYdelBF7bhuOnI3iX1pDd5U
pN/729+Qdc8f+SzdimIbHoPM5y0nsgN10DFk2NrP0KO/eyLeF7ZRAaK8j0k1IX4d
wV51UA9Y81HyDr38gtaI69I+5jt1dIngUMhB2+F/Cbpk2dixnJMN6ocUYTbL1PzR
tBG4393WBpYbMgjRTyd9HXnS+2V0lylbkiUROJuo1YYtZBfgJujLpQRcBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCioWjFhKtAbEy9JAa2QVC6OMXzlMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvS0toYU1XRXEwQnNUTDBrQnJaQlVMbzR4Zk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQAZZtvfqbCAj+NFG95uiErPjiHhsaDpxgjJnTN6KYi9
XBvqD+5FaqXoNzQfivj0ToI9J2528W3Lq9eVIBEw4/W+07jkCHlcY9F52N2SAt7U
8K0LQsUPD8GDZLdwdzlZmtGKBSBqJD+++R1g2MX+kSwamC4QXjvFcEkCLpSo4GJE
S6/Nw0gjrurh68qyFu6n4AWaKO8NFK4o6u4k6SWLhffenM6tYq9HYfHdFti2oHF2
jjN7qJQZTPFhVdX4zJqdAZkYfzjoTcbhwHmpl+bnnYhUgZB21cwOswRBdX0ABNs/
+uCpumxU3nqcSHbOzKBiAjDet52WO1rgV5UaNyslZH5Q
-----END CERTIFICATE-----
Generated at Mon Jan 29 11:27:41 2024 by rpki-client on console-fra.rpki-client.org