Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/K9iHj94CYtEjzF4C3TiXUZZlqUk.roa
File: K9iHj94CYtEjzF4C3TiXUZZlqUk.roa (raw, json)
Hash identifier: G76IUHl/yoaJoRZEH+1JjQBm1M2frymt2ZycvemI5FU=
Subject key identifier: 2B:D8:87:8F:DE:02:62:D1:23:CC:5E:02:DD:38:97:51:96:65:A9:49
Certificate issuer: /CN=4d73d94019a3c235877df6bc1b29c76a0b64c9d0
Certificate serial: 01856F26C1D7C26DDB04AA9CD9930FD438C3
Authority key identifier: 4D:73:D9:40:19:A3:C2:35:87:7D:F6:BC:1B:29:C7:6A:0B:64:C9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXPZQBmjwjWHffa8GynHagtkydA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/K9iHj94CYtEjzF4C3TiXUZZlqUk.roa
Signing time: Sun 01 Jan 2023 21:04:48 +0000
ROA not before: Sun 01 Jan 2023 21:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200851
IP address blocks: 45.11.160.0/22 maxlen: 22
45.66.244.0/22 maxlen: 24
185.93.244.0/22 maxlen: 24
2a04:23c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Jun 2023 14:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c1:d7:c2:6d:db:04:aa:9c:d9:93:0f:d4:38:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d73d94019a3c235877df6bc1b29c76a0b64c9d0
Validity
Not Before: Jan 1 21:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd8878fde0262d123cc5e02dd3897519665a949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:17:54:5f:6d:ff:c7:89:ff:fe:6a:6b:21:8c:
aa:dc:43:42:ea:a2:be:78:36:75:6f:8f:ca:90:21:
34:26:5e:9c:fe:f7:1a:2f:57:cd:45:74:9d:22:b9:
ae:53:df:33:fc:c7:1b:a0:6b:61:9c:3d:34:19:89:
d0:8c:a0:eb:ef:ae:ea:5f:c9:06:2c:87:89:34:b4:
3e:82:6c:53:65:d8:81:e1:b8:48:57:7a:e5:05:f0:
d6:f4:b9:8a:eb:b8:27:20:f7:e3:3b:3a:c6:c0:8b:
5c:c0:56:7e:17:78:1e:f4:85:da:06:dc:1a:8c:b8:
f8:1b:72:8f:3e:54:27:97:03:70:51:16:c8:c2:3f:
6b:2f:bd:67:ed:ae:c8:62:ba:7e:69:e1:8b:dd:10:
62:b0:22:82:c5:fe:62:e8:b9:14:a8:11:de:65:0f:
86:0a:20:b4:cb:d6:57:fa:6e:df:46:f1:26:34:05:
1b:3d:07:54:76:2e:0d:16:86:bc:d0:81:af:88:c8:
b9:a5:1b:04:1d:2f:36:6e:a9:e3:61:2a:9c:1e:81:
e6:07:5d:2e:f2:44:6d:fe:73:6b:9f:e6:c5:66:35:
a1:fe:73:99:12:16:e7:6e:ca:f3:72:4f:3b:9d:b8:
79:40:58:39:4e:8f:e5:c0:3d:bb:fe:42:c6:d2:9a:
54:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D8:87:8F:DE:02:62:D1:23:CC:5E:02:DD:38:97:51:96:65:A9:49
X509v3 Authority Key Identifier:
keyid:4D:73:D9:40:19:A3:C2:35:87:7D:F6:BC:1B:29:C7:6A:0B:64:C9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXPZQBmjwjWHffa8GynHagtkydA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/K9iHj94CYtEjzF4C3TiXUZZlqUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/09482b-4d2a-4893-828d-96dc5ea0cc83/1/TXPZQBmjwjWHffa8GynHagtkydA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.160.0/22
45.66.244.0/22
185.93.244.0/22
IPv6:
2a04:23c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:4a:1c:04:9e:8d:ea:bd:67:d8:16:54:b9:2a:2d:a0:5c:65:
24:87:9d:91:e4:10:6f:a0:06:48:17:24:0b:15:5d:af:5e:c7:
da:09:1d:e6:91:99:c7:3c:b1:6d:f2:f3:aa:35:4e:23:ec:aa:
78:d9:76:76:21:c1:0b:a4:56:7a:97:09:25:c3:ca:cf:86:df:
6c:e0:5b:ab:cd:34:31:3f:3c:03:c3:a0:dd:54:45:ce:1e:dc:
08:0d:1e:68:d7:14:b1:f5:84:12:48:59:a2:08:42:df:cb:0c:
de:8c:91:63:16:f8:19:44:f7:06:2f:9f:e9:03:d8:62:83:95:
87:0b:50:12:7b:a6:16:e0:ee:e7:ce:42:85:ec:0d:9d:37:e7:
7c:3d:b9:ea:06:9f:d2:22:07:5a:29:2d:0d:ad:36:95:f7:3a:
7b:73:e3:52:fc:0b:d1:da:73:87:bc:e6:84:55:48:5e:6d:27:
85:13:52:5f:7f:71:3b:b2:e9:e1:21:d5:de:08:6a:65:ad:d0:
06:04:65:ed:4f:e2:a3:26:62:10:73:75:7a:f7:f6:89:53:41:
88:7b:10:43:cc:46:8d:9c:d8:11:7b:5b:f0:e9:12:78:fd:3c:
a0:47:1c:2d:f1:db:38:19:d5:b5:74:47:78:8a:ee:20:dc:7c:
0c:7c:1e:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvJsHXwm3bBKqc2ZMP1DjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzNkOTQwMTlhM2MyMzU4NzdkZjZiYzFiMjljNzZhMGI2
NGM5ZDAwHhcNMjMwMTAxMjEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ4ODc4ZmRlMDI2MmQxMjNjYzVlMDJkZDM4OTc1MTk2NjVhOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRdUX23/x4n//mprIYyq3ENC6qK+
eDZ1b4/KkCE0Jl6c/vcaL1fNRXSdIrmuU98z/McboGthnD00GYnQjKDr767qX8kG
LIeJNLQ+gmxTZdiB4bhIV3rlBfDW9LmK67gnIPfjOzrGwItcwFZ+F3ge9IXaBtwa
jLj4G3KPPlQnlwNwURbIwj9rL71n7a7IYrp+aeGL3RBisCKCxf5i6LkUqBHeZQ+G
CiC0y9ZX+m7fRvEmNAUbPQdUdi4NFoa80IGviMi5pRsEHS82bqnjYSqcHoHmB10u
8kRt/nNrn+bFZjWh/nOZEhbnbsrzck87nbh5QFg5To/lwD27/kLG0ppUFQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCvYh4/eAmLRI8xeAt04l1GWZalJMB8GA1UdIwQY
MBaAFE1z2UAZo8I1h332vBspx2oLZMnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhQWlFCbWp3aldIZmZhOEd5bkhhZ3RreWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wOTQ4MmItNGQyYS00ODkzLTgyOGQt
OTZkYzVlYTBjYzgzLzEvSzlpSGo5NENZdEVqekY0QzNUaVhVWlpscVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wOTQ4MmItNGQyYS00ODkzLTgyOGQtOTZkYzVlYTBjYzgz
LzEvVFhQWlFCbWp3aldIZmZhOEd5bkhhZ3RreWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQugAwQC
LUL0AwQCuV30MA0EAgACMAcDBQMqBCPAMA0GCSqGSIb3DQEBCwUAA4IBAQCZShwE
no3qvWfYFlS5Ki2gXGUkh52R5BBvoAZIFyQLFV2vXsfaCR3mkZnHPLFt8vOqNU4j
7Kp42XZ2IcELpFZ6lwklw8rPht9s4FurzTQxPzwDw6DdVEXOHtwIDR5o1xSx9YQS
SFmiCELfywzejJFjFvgZRPcGL5/pA9hig5WHC1ASe6YW4O7nzkKF7A2dN+d8Pbnq
Bp/SIgdaKS0NrTaV9zp7c+NS/AvR2nOHvOaEVUhebSeFE1Jff3E7sunhIdXeCGpl
rdAGBGXtT+KjJmIQc3V69/aJU0GIexBDzEaNnNgRe1vw6RJ4/TygRxwt8ds4GdW1
dEd4iu4g3HwMfB70
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:15 2024 by rpki-client on console-fra.rpki-client.org