Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/_kzqmk2MjNecKcuU3zwsim2m0rM.roa
File: _kzqmk2MjNecKcuU3zwsim2m0rM.roa (raw, json)
Hash identifier: 2bjkWLk2dzZMyymjYlr+lJ1JU896q31dqjqMbOClUgo=
Subject key identifier: FE:4C:EA:9A:4D:8C:8C:D7:9C:29:CB:94:DF:3C:2C:8A:6D:A6:D2:B3
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 01856CEF3CB43223545174FBB590C3267A06
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/_kzqmk2MjNecKcuU3zwsim2m0rM.roa
Signing time: Sun 01 Jan 2023 10:44:55 +0000
ROA not before: Sun 01 Jan 2023 10:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57264
IP address blocks: 45.159.36.0/24 maxlen: 24
45.159.36.0/22 maxlen: 22
45.159.38.0/24 maxlen: 24
45.159.37.0/24 maxlen: 24
45.159.39.0/24 maxlen: 24
2a0f:7080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:3c:b4:32:23:54:51:74:fb:b5:90:c3:26:7a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Jan 1 10:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe4cea9a4d8c8cd79c29cb94df3c2c8a6da6d2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:15:68:9d:a4:0d:a3:74:f4:24:17:39:7d:24:
eb:b6:3f:b7:b7:65:72:5a:68:4d:05:25:c3:18:22:
71:53:4c:65:0d:ea:61:34:ff:91:9f:cc:bc:bb:3f:
fa:0b:dd:30:15:8b:d7:e0:f1:88:d1:30:af:0e:f5:
e3:54:e4:b9:f5:81:90:e6:17:15:26:c9:b0:ef:a4:
5b:dd:f6:13:50:f0:dc:88:fc:ac:bc:3a:30:63:ea:
e4:71:3a:25:8e:4a:3e:36:73:91:45:88:97:ab:1f:
a1:09:24:27:a4:5b:d9:96:df:70:4f:db:17:ab:16:
bc:d0:59:fb:9e:5c:4f:2f:6a:d2:fb:e9:3f:cb:c6:
42:08:b5:76:7e:ae:59:7e:b9:30:e8:44:65:b9:a4:
f1:d7:88:4f:0a:3d:c0:10:6b:66:7d:a9:62:49:8a:
95:3f:3a:95:cb:cc:13:f4:c1:56:56:2a:b3:49:84:
18:16:f0:4b:3d:96:52:44:8a:31:6a:e5:be:83:45:
4b:9a:ce:6c:a9:0f:e8:07:58:cb:6f:e4:41:5a:3f:
bd:e8:45:1f:a0:3c:4e:63:11:14:df:29:e9:8f:ea:
ac:fc:7a:ec:74:68:1f:40:83:8f:3b:83:a0:6b:e6:
5e:60:2f:f2:14:1b:ef:c8:37:b2:54:55:91:35:f7:
f8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4C:EA:9A:4D:8C:8C:D7:9C:29:CB:94:DF:3C:2C:8A:6D:A6:D2:B3
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/_kzqmk2MjNecKcuU3zwsim2m0rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.36.0/22
IPv6:
2a0f:7080::/29
Signature Algorithm: sha256WithRSAEncryption
9f:1b:b9:44:73:c8:c4:d7:2a:57:a4:20:b2:9d:a5:5b:31:ee:
02:95:52:d2:63:e8:c2:fb:47:54:92:fa:63:39:d9:b5:75:5a:
19:3a:eb:4f:29:67:2b:c8:61:89:8d:7f:ce:81:62:32:00:4c:
4d:cc:b7:bc:64:a8:e7:51:77:5b:b7:2b:6d:26:83:dc:6a:d2:
91:d4:de:83:9b:c4:03:f2:c6:18:f7:14:ad:ee:09:79:5d:40:
88:06:2d:ff:70:75:14:64:af:94:a4:9e:00:4b:c1:02:a0:b3:
5f:ec:30:43:6a:f4:33:5c:1b:10:d7:b2:c6:e2:11:63:ff:29:
a4:fd:9c:8e:38:76:29:d3:f2:4a:7c:f4:23:11:35:49:c8:c6:
5f:50:40:c1:92:0b:7b:e2:8d:6e:8b:f5:d6:db:26:d9:97:df:
c3:3e:c6:78:e6:e7:c7:b5:6f:1c:d4:e1:79:c3:d5:c9:84:62:
d0:51:07:56:33:cc:01:5d:6f:06:dc:ff:a9:f9:34:34:07:bb:
e7:45:f1:7b:33:b9:35:fb:5d:a2:80:07:f1:e9:3d:0e:7d:a6:
ef:58:8c:3f:95:ff:88:fd:c3:6f:9c:b1:7b:83:40:88:5e:ab:
ec:ca:52:eb:72:01:ab:38:85:d5:3b:8f:5d:6d:93:c7:ef:fd:
45:31:30:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs7zy0MiNUUXT7tZDDJnoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjMwMTAxMTA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRjZWE5YTRkOGM4Y2Q3OWMyOWNiOTRkZjNjMmM4YTZkYTZkMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBVonaQNo3T0JBc5fSTrtj+3t2Vy
WmhNBSXDGCJxU0xlDephNP+Rn8y8uz/6C90wFYvX4PGI0TCvDvXjVOS59YGQ5hcV
Jsmw76Rb3fYTUPDciPysvDowY+rkcToljko+NnORRYiXqx+hCSQnpFvZlt9wT9sX
qxa80Fn7nlxPL2rS++k/y8ZCCLV2fq5Zfrkw6ERluaTx14hPCj3AEGtmfaliSYqV
PzqVy8wT9MFWViqzSYQYFvBLPZZSRIoxauW+g0VLms5sqQ/oB1jLb+RBWj+96EUf
oDxOYxEU3ynpj+qs/HrsdGgfQIOPO4Oga+ZeYC/yFBvvyDeyVFWRNff4mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP5M6ppNjIzXnCnLlN88LIptptKzMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvX2t6cW1rMk1qTmVjS2N1VTN6d3NpbTJtMHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ8kMA0E
AgACMAcDBQMqD3CAMA0GCSqGSIb3DQEBCwUAA4IBAQCfG7lEc8jE1ypXpCCynaVb
Me4ClVLSY+jC+0dUkvpjOdm1dVoZOutPKWcryGGJjX/OgWIyAExNzLe8ZKjnUXdb
tyttJoPcatKR1N6Dm8QD8sYY9xSt7gl5XUCIBi3/cHUUZK+UpJ4AS8ECoLNf7DBD
avQzXBsQ17LG4hFj/ymk/ZyOOHYp0/JKfPQjETVJyMZfUEDBkgt74o1ui/XW2ybZ
l9/DPsZ45ufHtW8c1OF5w9XJhGLQUQdWM8wBXW8G3P+p+TQ0B7vnRfF7M7k1+12i
gAfx6T0OfabvWIw/lf+I/cNvnLF7g0CIXqvsylLrcgGrOIXVO49dbZPH7/1FMTDx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:59 2024 by rpki-client on console-fra.rpki-client.org