Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/KntBJ2vbNddfsv9vlLXpCsuRir4.roa
File: KntBJ2vbNddfsv9vlLXpCsuRir4.roa (raw, json)
Hash identifier: PvHWg0I9AHo4BQVglQLEF/clJv39nCkHjbo+9sjgp4g=
Subject key identifier: 2A:7B:41:27:6B:DB:35:D7:5F:B2:FF:6F:94:B5:E9:0A:CB:91:8A:BE
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 0189DF34FACCDBF4EAFF6DA101191B9F1FD3
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/KntBJ2vbNddfsv9vlLXpCsuRir4.roa
Signing time: Thu 10 Aug 2023 11:28:58 +0000
ROA not before: Thu 10 Aug 2023 11:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 91.132.114.0/23 maxlen: 32
103.53.82.0/23 maxlen: 32
193.28.237.0/24 maxlen: 32
45.114.8.0/22 maxlen: 32
45.114.12.0/22 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
103.240.180.0/22 maxlen: 32
103.53.216.0/22 maxlen: 32
193.19.204.0/24 maxlen: 32
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
45.145.104.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 27 Oct 2023 07:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:34:fa:cc:db:f4:ea:ff:6d:a1:01:19:1b:9f:1f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Aug 10 11:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a7b41276bdb35d75fb2ff6f94b5e90acb918abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ac:c9:df:8d:f7:4d:00:2b:7e:f3:6f:ca:fb:
1d:60:81:08:f3:c0:1a:94:00:14:6f:9f:ce:a5:57:
52:46:88:56:b9:dc:7e:93:c5:d9:12:d2:34:bc:76:
cb:86:6c:97:2f:99:ce:f3:e8:45:6b:98:fc:04:0f:
59:3a:ae:e2:31:cd:42:ac:87:9c:09:5d:11:fc:e2:
a8:06:f8:e2:06:af:6d:1d:08:97:94:0b:5d:61:f0:
20:65:0d:9e:d6:06:a2:08:b9:3b:55:c9:c0:a6:52:
aa:24:1f:59:ce:d1:e6:a4:f6:0d:a1:1f:36:9b:90:
a8:83:41:33:4d:98:55:cf:f6:79:88:65:b7:28:c8:
3d:35:8e:37:31:1b:04:e7:d2:03:20:c9:d3:b5:bb:
20:ea:fa:e7:e3:57:21:f7:64:ac:18:2f:83:94:5c:
82:e1:0f:be:c6:e4:74:0c:ed:c2:d8:53:58:3d:ee:
4e:b8:05:af:79:99:dd:6a:f1:9b:41:70:39:3e:95:
67:c8:d1:8b:60:5d:44:67:00:89:6d:3d:29:13:10:
54:da:30:64:ca:b2:b7:64:d1:7d:90:48:c4:e1:f2:
00:23:ca:e6:04:85:ae:d5:5f:08:56:be:b4:29:a0:
2c:47:80:64:b8:d5:b1:fc:2b:79:18:28:05:2b:41:
e9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7B:41:27:6B:DB:35:D7:5F:B2:FF:6F:94:B5:E9:0A:CB:91:8A:BE
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/KntBJ2vbNddfsv9vlLXpCsuRir4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.8.0/21
45.145.104.0/22
91.132.114.0/23
103.53.82.0/23
103.53.216.0/22
103.240.180.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:a0:dc:2c:05:ea:16:dd:92:21:ec:41:e1:fd:d2:04:7b:cc:
d3:ca:e4:4c:85:03:3b:f9:76:81:83:76:d5:e7:9f:dd:5d:dd:
d7:d2:5e:9f:14:e0:3d:6e:89:c3:64:92:d4:32:fb:d6:bd:e3:
3d:e8:7a:7a:9a:b0:27:8c:ff:5e:01:db:ba:55:c3:cd:1a:ce:
11:6b:f0:91:35:44:0a:aa:6b:d2:72:57:28:33:21:a3:c7:69:
b1:26:10:21:52:2a:82:e5:8c:0e:a6:11:fc:5c:41:37:53:2c:
19:85:87:0b:33:b9:8c:e9:f6:cb:de:62:51:2b:70:a7:b9:e4:
93:f2:94:a4:70:0a:32:b5:5a:7e:28:a7:f7:87:ef:a3:29:eb:
ed:9c:bd:7a:cb:4b:01:0e:e3:1c:eb:f2:45:7a:ca:f8:1f:88:
34:8c:a8:a7:bc:cc:b6:0c:62:22:39:1a:b8:fc:37:ba:fb:e1:
99:89:4c:2d:da:75:57:d6:5e:bd:27:a7:cd:69:6c:7e:22:88:
d0:7c:6e:e7:73:82:3f:2b:9e:a0:ef:4f:7d:61:42:27:13:20:
50:9d:e9:39:2a:5c:cd:71:35:4c:32:03:a2:a6:be:1e:a2:ff:
e0:3f:c9:33:c6:31:3f:f6:18:6a:53:c3:28:1b:c2:90:0c:ed:
77:29:96:14
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYnfNPrM2/Tq/22hARkbnx/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjMwODEwMTEyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdiNDEyNzZiZGIzNWQ3NWZiMmZmNmY5NGI1ZTkwYWNiOTE4YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqzJ3433TQArfvNvyvsdYIEI88Aa
lAAUb5/OpVdSRohWudx+k8XZEtI0vHbLhmyXL5nO8+hFa5j8BA9ZOq7iMc1CrIec
CV0R/OKoBvjiBq9tHQiXlAtdYfAgZQ2e1gaiCLk7VcnAplKqJB9ZztHmpPYNoR82
m5Cog0EzTZhVz/Z5iGW3KMg9NY43MRsE59IDIMnTtbsg6vrn41ch92SsGC+DlFyC
4Q++xuR0DO3C2FNYPe5OuAWveZndavGbQXA5PpVnyNGLYF1EZwCJbT0pExBU2jBk
yrK3ZNF9kEjE4fIAI8rmBIWu1V8IVr60KaAsR4BkuNWx/Ct5GCgFK0HpdQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCp7QSdr2zXXX7L/b5S16QrLkYq+MB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvS250QkoydmJOZGRmc3Y5dmxMWHBDc3VSaXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDLXIIAwQC
LZFoAwQBW4RyAwQBZzVSAwQCZzXYAwQCZ/C0AwQCwRPMAwQAwRy2AwQAwRy/AwQA
wRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQC3oNwsBeoW3ZIh7EHh/dIEe8zT
yuRMhQM7+XaBg3bV55/dXd3X0l6fFOA9bonDZJLUMvvWveM96Hp6mrAnjP9eAdu6
VcPNGs4Ra/CRNUQKqmvSclcoMyGjx2mxJhAhUiqC5YwOphH8XEE3UywZhYcLM7mM
6fbL3mJRK3CnueST8pSkcAoytVp+KKf3h++jKevtnL16y0sBDuMc6/JFesr4H4g0
jKinvMy2DGIiORq4/De6++GZiUwt2nVX1l69J6fNaWx+IojQfG7nc4I/K56g7099
YUInEyBQnek5KlzNcTVMMgOipr4eov/gP8kzxjE/9hhqU8MoG8KQDO13KZYU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org