Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/Kx3WV9WN3vk-imXGJKi9TinSjGk.roa
File: Kx3WV9WN3vk-imXGJKi9TinSjGk.roa (raw, json)
Hash identifier: E8AWICiCKfs2ofWmv55wmLkE9NY4DSmK6glqMmg8SaQ=
Subject key identifier: 2B:1D:D6:57:D5:8D:DE:F9:3E:8A:65:C6:24:A8:BD:4E:29:D2:8C:69
Certificate issuer: /CN=57130f799f8a8985502a2ea3356037674085cfca
Certificate serial: 018BC8417DC61987126DF626E289DF118D06
Authority key identifier: 57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/Kx3WV9WN3vk-imXGJKi9TinSjGk.roa
Signing time: Mon 13 Nov 2023 10:36:57 +0000
ROA not before: Mon 13 Nov 2023 10:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.38.0/24 maxlen: 24
45.149.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Nov 2023 10:55:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:41:7d:c6:19:87:12:6d:f6:26:e2:89:df:11:8d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57130f799f8a8985502a2ea3356037674085cfca
Validity
Not Before: Nov 13 10:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b1dd657d58ddef93e8a65c624a8bd4e29d28c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ab:3a:d1:0c:d6:5a:16:22:a5:d4:b6:2f:35:
29:04:18:0c:a5:f1:11:5b:04:cd:f7:e1:e0:a4:91:
99:d5:da:4a:a8:9d:ad:dd:3f:6f:7f:b3:d7:83:f3:
0a:47:56:ce:a8:02:fa:f4:29:7c:d3:52:47:18:af:
26:73:76:12:ad:e1:77:8f:bc:92:a5:1f:f4:fc:9a:
94:3f:fd:7a:1f:18:08:49:79:57:32:97:4e:17:16:
42:ab:a6:73:ae:a0:dc:98:de:59:3d:e8:85:4b:7f:
41:b3:0b:11:8b:0e:1a:ee:a7:72:56:bf:61:65:49:
21:18:47:02:0f:8b:6e:3e:85:23:4d:24:7b:25:03:
33:db:e2:67:ee:91:7b:ec:ff:54:3b:95:b3:96:be:
03:d6:56:5d:48:eb:b9:42:f4:3e:3b:04:d8:85:84:
bf:3c:aa:62:8f:42:70:88:62:19:c4:67:a3:e9:7b:
1f:c8:58:25:53:0f:6d:38:7b:a4:77:9a:ba:3d:7d:
a0:73:0b:50:eb:22:d1:ff:56:7c:b9:57:b8:68:ec:
3d:d3:49:73:72:d2:58:da:7c:9c:56:47:c6:75:95:
4a:f8:aa:60:43:35:2d:5a:81:c4:0d:55:d1:27:53:
fb:61:56:ea:9c:49:b0:7a:20:6d:10:9c:25:c7:a1:
4f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1D:D6:57:D5:8D:DE:F9:3E:8A:65:C6:24:A8:BD:4E:29:D2:8C:69
X509v3 Authority Key Identifier:
keyid:57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/Kx3WV9WN3vk-imXGJKi9TinSjGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.36.0/24
45.149.38.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:8b:29:4b:af:41:09:4f:1a:8c:6b:b7:cd:76:28:cb:26:02:
4e:00:3a:a8:9d:f6:61:b0:f8:2f:40:f7:e0:cf:84:2a:cf:79:
01:1b:bf:c1:97:5a:3e:41:43:61:33:e0:0e:a8:92:44:ee:a6:
7a:13:7f:31:d7:79:13:c6:f5:51:a1:9c:c4:25:87:b2:2f:fd:
1a:f6:c8:04:75:80:ff:cf:31:52:3b:9f:08:c6:62:d6:99:d2:
bd:d5:e3:e9:eb:8a:4c:6f:f8:98:e6:c8:88:d9:6b:a5:eb:b4:
6e:39:2e:fe:d1:52:91:ec:44:b2:d7:dc:cf:1f:6e:21:cb:45:
a6:cc:c9:37:a4:b8:c4:44:ea:f1:fd:e8:72:5c:fe:3c:94:16:
21:4e:04:14:af:67:28:f7:f3:81:90:32:aa:3a:d1:4a:ad:bb:
a2:a8:09:78:1d:c0:b3:f8:33:14:48:78:86:19:9f:83:ae:48:
4c:4c:4a:4e:2f:4c:f4:c3:9c:b1:fa:8f:82:99:31:4d:e3:46:
70:e8:a4:37:7f:a6:63:63:df:2e:42:7b:11:c3:a8:95:0f:04:
69:2d:66:05:74:44:84:fb:d3:6b:8d:03:1c:91:f8:9a:39:b7:
a8:ce:44:5c:b8:e7:e7:86:c4:85:4b:33:75:a9:f9:3d:56:1d:
1b:ec:c1:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvIQX3GGYcSbfYm4onfEY0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTMwZjc5OWY4YTg5ODU1MDJhMmVhMzM1NjAzNzY3NDA4
NWNmY2EwHhcNMjMxMTEzMTAzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFkZDY1N2Q1OGRkZWY5M2U4YTY1YzYyNGE4YmQ0ZTI5ZDI4YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6s60QzWWhYipdS2LzUpBBgMpfER
WwTN9+HgpJGZ1dpKqJ2t3T9vf7PXg/MKR1bOqAL69Cl801JHGK8mc3YSreF3j7yS
pR/0/JqUP/16HxgISXlXMpdOFxZCq6ZzrqDcmN5ZPeiFS39BswsRiw4a7qdyVr9h
ZUkhGEcCD4tuPoUjTSR7JQMz2+Jn7pF77P9UO5Wzlr4D1lZdSOu5QvQ+OwTYhYS/
PKpij0JwiGIZxGej6XsfyFglUw9tOHukd5q6PX2gcwtQ6yLR/1Z8uVe4aOw900lz
ctJY2nycVkfGdZVK+KpgQzUtWoHEDVXRJ1P7YVbqnEmweiBtEJwlx6FP4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCsd1lfVjd75PoplxiSovU4p0oxpMB8GA1UdIwQY
MBaAFFcTD3mfiomFUCouozVgN2dAhc/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMt
ZDNiOTBhOWI5YjQxLzEvS3gzV1Y5V04zdmstaW1YR0pLaTlUaW5TakdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMtZDNiOTBhOWI5YjQx
LzEvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZUkAwQA
LZUmMA0GCSqGSIb3DQEBCwUAA4IBAQA7iylLr0EJTxqMa7fNdijLJgJOADqonfZh
sPgvQPfgz4Qqz3kBG7/Bl1o+QUNhM+AOqJJE7qZ6E38x13kTxvVRoZzEJYeyL/0a
9sgEdYD/zzFSO58IxmLWmdK91ePp64pMb/iY5siI2Wul67RuOS7+0VKR7ESy19zP
H24hy0WmzMk3pLjEROrx/ehyXP48lBYhTgQUr2co9/OBkDKqOtFKrbuiqAl4HcCz
+DMUSHiGGZ+DrkhMTEpOL0z0w5yx+o+CmTFN40Zw6KQ3f6ZjY98uQnsRw6iVDwRp
LWYFdESE+9NrjQMckfiaObeozkRcuOfnhsSFSzN1qfk9Vh0b7MEt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:02 2024 by rpki-client on console-fra.rpki-client.org