Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/9LKJld3nsxagF0Tt-pp2U0UddNo.roa
File: 9LKJld3nsxagF0Tt-pp2U0UddNo.roa (raw, json)
Hash identifier: cvHWG121LZbtFe4u5aYQDRHNvm8So0FdEXkWsPGUFmQ=
Subject key identifier: F4:B2:89:95:DD:E7:B3:16:A0:17:44:ED:FA:9A:76:53:45:1D:74:DA
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 018CA6E4BF6E772E44E5C45BC03B95A8230F
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/9LKJld3nsxagF0Tt-pp2U0UddNo.roa
Signing time: Tue 26 Dec 2023 16:10:58 +0000
ROA not before: Tue 26 Dec 2023 16:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44076
IP address blocks: 45.141.72.0/22 maxlen: 24
192.214.160.0/19 maxlen: 24
45.129.40.0/21 maxlen: 32
45.135.244.0/22 maxlen: 24
45.137.172.0/22 maxlen: 24
193.148.160.0/19 maxlen: 24
45.142.4.0/22 maxlen: 24
193.19.129.0/24 maxlen: 24
193.19.130.0/24 maxlen: 24
188.34.64.0/18 maxlen: 24
213.17.0.0/18 maxlen: 24
2a05:b540::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Dec 2023 18:35:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:e4:bf:6e:77:2e:44:e5:c4:5b:c0:3b:95:a8:23:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Dec 26 16:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4b28995dde7b316a01744edfa9a7653451d74da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:58:62:e5:03:7f:18:7a:a5:bb:4c:81:61:54:
30:1d:3b:23:6a:67:88:08:62:85:bb:59:30:36:4d:
f5:92:1a:66:5f:e4:a9:05:cf:88:91:5e:e9:3d:a0:
a3:92:6e:60:41:43:c6:17:00:3d:a0:40:b7:e2:56:
b0:ce:05:c1:cb:4c:e4:c8:d5:09:f3:01:98:1e:79:
2f:dd:ba:11:7a:16:ce:2e:07:b5:27:02:a1:3a:28:
e9:57:00:c7:86:f2:b3:10:43:b7:36:d1:c8:6a:7e:
94:19:02:15:29:30:8d:cd:d7:e4:c1:0c:07:3f:22:
2b:4b:55:aa:36:22:2c:6e:13:6b:5f:37:ab:5b:4a:
1a:e0:81:d7:4c:9d:d8:ca:96:63:45:fd:43:a6:a1:
25:ff:76:ce:97:88:a6:bb:73:ca:04:03:40:eb:08:
bb:58:11:02:95:04:20:12:87:f7:cc:aa:ac:af:bd:
09:66:43:e7:a2:18:07:84:69:2a:d5:04:b2:76:66:
5b:83:c3:81:ad:ac:ff:7a:9e:b2:26:d5:40:4c:f2:
ce:90:e4:13:8b:a6:f9:45:96:16:f0:61:c1:c2:31:
c4:99:71:2c:87:bb:08:38:d8:69:aa:6b:86:68:28:
ef:ca:9b:9c:4f:6e:1a:5e:01:c2:f4:c9:6e:41:4e:
d4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B2:89:95:DD:E7:B3:16:A0:17:44:ED:FA:9A:76:53:45:1D:74:DA
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/9LKJld3nsxagF0Tt-pp2U0UddNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.40.0/21
45.135.244.0/22
45.137.172.0/22
45.141.72.0/22
45.142.4.0/22
188.34.64.0/18
192.214.160.0/19
193.19.129.0-193.19.130.255
193.148.160.0/19
213.17.0.0/18
IPv6:
2a05:b540::/29
Signature Algorithm: sha256WithRSAEncryption
59:31:1b:ce:ab:2f:2e:01:cb:56:91:a2:5d:65:b1:c2:fa:b4:
11:32:4e:51:77:f6:9f:86:da:a9:5b:d2:ed:12:3d:9c:96:0e:
2a:8a:53:9a:54:e2:3a:36:7a:49:77:72:e3:48:a0:9f:15:fe:
02:d6:0e:e3:bd:9d:b2:db:c6:f6:55:bc:fc:45:bc:fc:82:89:
19:f1:12:fe:c5:21:e7:4d:4b:cb:f7:85:f1:3f:b1:ee:02:ca:
3c:70:57:d3:5e:72:10:b7:12:b0:c8:e5:52:73:eb:cd:3b:f0:
99:18:2d:63:76:b4:f0:02:1d:64:db:38:47:1c:7b:cc:7f:35:
a0:16:e9:48:2e:68:42:4a:38:07:c5:9f:4f:a4:15:b6:68:1e:
dc:66:13:31:ff:6d:5c:f1:b3:a0:19:a6:c8:a9:1d:23:f0:f3:
37:58:f9:48:ea:0a:f5:cf:46:d0:14:aa:06:0f:87:54:0d:4e:
8f:d2:d9:b2:9b:51:73:c2:11:67:31:aa:fc:58:9c:da:55:71:
5e:6c:b7:1b:bd:84:e2:9d:ea:d5:26:4a:f4:ea:6d:c1:69:ed:
00:13:d7:b2:60:34:0d:2f:9c:3d:06:3f:52:a9:52:f8:c9:07:
85:b7:e3:2c:16:af:89:48:11:93:46:34:57:2c:ef:a4:5f:7c:
1a:9a:14:4c
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYym5L9udy5E5cRbwDuVqCMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjYwYjIzZmUzYjg2NDJkNmJmNDc1ZjhlYjdmY2FkOWQx
M2M0MTMwHhcNMjMxMjI2MTYxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIyODk5NWRkZTdiMzE2YTAxNzQ0ZWRmYTlhNzY1MzQ1MWQ3NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1hi5QN/GHqlu0yBYVQwHTsjameI
CGKFu1kwNk31khpmX+SpBc+IkV7pPaCjkm5gQUPGFwA9oEC34lawzgXBy0zkyNUJ
8wGYHnkv3boRehbOLge1JwKhOijpVwDHhvKzEEO3NtHIan6UGQIVKTCNzdfkwQwH
PyIrS1WqNiIsbhNrXzerW0oa4IHXTJ3YypZjRf1DpqEl/3bOl4imu3PKBANA6wi7
WBEClQQgEof3zKqsr70JZkPnohgHhGkq1QSydmZbg8OBraz/ep6yJtVATPLOkOQT
i6b5RZYW8GHBwjHEmXEsh7sIONhpqmuGaCjvypucT24aXgHC9MluQU7UBwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFPSyiZXd57MWoBdE7fqadlNFHXTaMB8GA1UdIwQY
MBaAFJJmCyP+O4ZC1r9HX463/K2dE8QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWIt
MTNlZjFjNDU1Y2M0LzEvOUxLSmxkM25zeGFnRjBUdC1wcDJVMFVkZE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWItMTNlZjFjNDU1Y2M0
LzEva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQDLYEoAwQC
LYf0AwQCLYmsAwQCLY1IAwQCLY4EAwQGvCJAAwQFwNagMAwDBADBE4EDBADBE4ID
BAXBlKADBAbVEQAwDQQCAAIwBwMFAyoFtUAwDQYJKoZIhvcNAQELBQADggEBAFkx
G86rLy4By1aRol1lscL6tBEyTlF39p+G2qlb0u0SPZyWDiqKU5pU4jo2ekl3cuNI
oJ8V/gLWDuO9nbLbxvZVvPxFvPyCiRnxEv7FIedNS8v3hfE/se4CyjxwV9NechC3
ErDI5VJz68078JkYLWN2tPACHWTbOEcce8x/NaAW6UguaEJKOAfFn0+kFbZoHtxm
EzH/bVzxs6AZpsipHSPw8zdY+UjqCvXPRtAUqgYPh1QNTo/S2bKbUXPCEWcxqvxY
nNpVcV5stxu9hOKd6tUmSvTqbcFp7QAT17JgNA0vnD0GP1KpUvjJB4W34ywWr4lI
EZNGNFcs76RffBqaFEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:04 2024 by rpki-client on console-fra.rpki-client.org