Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kk2LHq2V6rhaesy1gx4nR_L8wyQ.roa
File: kk2LHq2V6rhaesy1gx4nR_L8wyQ.roa (raw, json)
Hash identifier: 8WYkR4VhtB23ZdKSPdriRCmZnY3Vx4zXJoFuo7N7Gqw=
Subject key identifier: 92:4D:8B:1E:AD:95:EA:B8:5A:7A:CC:B5:83:1E:27:47:F2:FC:C3:24
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018F2986FA84A788483C2C0D537855607A27
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kk2LHq2V6rhaesy1gx4nR_L8wyQ.roa
Signing time: Mon 29 Apr 2024 11:04:22 +0000
ROA not before: Mon 29 Apr 2024 11:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.87.20.0/24 maxlen: 24
45.140.214.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.150.93.0/24 maxlen: 24
45.154.137.0/24 maxlen: 24
45.157.112.0/24 maxlen: 24
89.251.0.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
136.144.25.0/24 maxlen: 24
2a07:e343::/32 maxlen: 32
2a0f:e381::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 May 2024 14:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:86:fa:84:a7:88:48:3c:2c:0d:53:78:55:60:7a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 29 11:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=924d8b1ead95eab85a7accb5831e2747f2fcc324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:28:c4:c2:f6:6e:6c:b2:b1:f0:26:5a:6a:e5:
da:8a:4d:7c:a5:ea:12:67:81:59:dd:2d:b7:70:82:
78:9b:6a:d4:f7:82:2d:01:d9:71:7f:cb:5d:01:84:
2d:44:56:39:93:dd:60:30:08:2f:fb:0e:0e:b5:9b:
e3:e8:7c:30:e1:cd:ef:d0:12:03:0c:46:30:87:5c:
3e:e5:61:f5:a4:ca:21:a9:d9:76:fc:23:94:9e:f3:
93:d2:f6:dd:0c:84:c2:88:d8:f5:36:a8:58:60:97:
46:b6:27:3b:4f:90:b9:12:10:47:3d:c2:1d:9e:e1:
b2:2d:21:c0:1b:25:83:56:1f:ed:39:86:77:2a:4d:
68:91:f4:1d:6b:4a:65:84:cf:5c:41:ff:8e:f6:ab:
b2:c5:bc:0d:1f:e8:a0:37:e9:55:bd:ad:6a:8a:cf:
11:ea:4e:87:e8:e4:e1:7f:dd:c0:79:eb:87:60:ac:
fa:05:6b:4e:bd:b9:eb:f6:8b:87:55:63:3a:a5:ed:
52:a5:7d:97:67:bf:7a:6c:a7:f6:b4:a7:05:a6:e8:
9e:5c:f0:d5:1a:40:ce:e6:d6:01:59:8e:61:72:3a:
68:ad:c1:fb:1d:25:63:65:e8:38:e7:b3:02:fa:69:
44:de:67:a8:3b:9f:d0:e7:22:b4:d2:a0:af:cc:f4:
c9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4D:8B:1E:AD:95:EA:B8:5A:7A:CC:B5:83:1E:27:47:F2:FC:C3:24
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kk2LHq2V6rhaesy1gx4nR_L8wyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.20.0/24
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
45.150.93.0/24
45.154.137.0/24
45.157.112.0/24
89.251.0.0/24
89.251.2.0/24
136.144.25.0/24
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
69:34:0d:bf:cb:a2:09:ae:7f:fb:b7:4c:2c:2e:d5:26:a9:6b:
75:58:06:d4:60:68:4a:09:6a:05:3e:11:c0:67:1e:80:ea:25:
88:72:f0:dc:aa:93:98:4d:7d:0a:ac:d0:a7:61:c5:bf:dc:de:
af:22:1e:48:04:b7:cf:c8:02:17:d8:04:50:73:d6:7f:95:c2:
05:8a:bb:d5:1f:f0:96:72:23:fd:89:08:a2:3e:9a:3a:cb:61:
24:cf:5d:2e:65:51:e7:83:5d:3d:49:93:69:6c:c8:0b:75:7e:
76:4d:05:b3:cb:1b:30:e7:69:58:7e:66:f5:85:bd:12:6d:9a:
4d:b3:39:31:b8:2e:02:72:18:31:9b:1a:d8:38:3e:3a:f5:3f:
ab:7b:1e:38:5c:84:59:56:02:a7:a4:55:d4:b3:69:41:d9:84:
a5:3a:94:99:8f:4b:1a:45:11:12:51:6b:a9:fa:45:52:b9:8e:
bf:60:98:b4:66:d0:33:40:5a:25:8e:35:bd:5e:39:e5:d3:84:
00:ea:6a:14:a4:dc:64:a4:fd:f5:83:5f:e0:b4:db:16:b7:44:
de:33:97:34:da:da:26:a4:8f:ad:fe:d7:d4:ae:74:6e:4b:b4:
49:2c:be:3e:e8:99:40:c2:f2:24:58:7f:96:81:fe:07:80:5e:
b2:61:8f:2e
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY8phvqEp4hIPCwNU3hVYHonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNDI5MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRkOGIxZWFkOTVlYWI4NWE3YWNjYjU4MzFlMjc0N2YyZmNjMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CjEwvZubLKx8CZaauXaik18peoS
Z4FZ3S23cIJ4m2rU94ItAdlxf8tdAYQtRFY5k91gMAgv+w4OtZvj6Hww4c3v0BID
DEYwh1w+5WH1pMohqdl2/COUnvOT0vbdDITCiNj1NqhYYJdGtic7T5C5EhBHPcId
nuGyLSHAGyWDVh/tOYZ3Kk1okfQda0plhM9cQf+O9quyxbwNH+igN+lVva1qis8R
6k6H6OThf93AeeuHYKz6BWtOvbnr9ouHVWM6pe1SpX2XZ796bKf2tKcFpuieXPDV
GkDO5tYBWY5hcjporcH7HSVjZeg457MC+mlE3meoO5/Q5yK00qCvzPTJhwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJJNix6tleq4WnrMtYMeJ0fy/MMkMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEva2syTEhxMlY2cmhhZXN5MWd4NG5SX0w4d3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQALVcUAwQA
LYzWAwQALY7MAwQALY7OAwQALZCcAwQALZCeAwQALZH5AwQALZZdAwQALZqJAwQA
LZ1wAwQAWfsAAwQAWfsCAwQAiJAZMBQEAgACMA4DBQAqB+NDAwUAKg/jgTANBgkq
hkiG9w0BAQsFAAOCAQEAaTQNv8uiCa5/+7dMLC7VJqlrdVgG1GBoSglqBT4RwGce
gOoliHLw3KqTmE19CqzQp2HFv9zeryIeSAS3z8gCF9gEUHPWf5XCBYq71R/wlnIj
/YkIoj6aOsthJM9dLmVR54NdPUmTaWzIC3V+dk0Fs8sbMOdpWH5m9YW9Em2aTbM5
MbguAnIYMZsa2Dg+OvU/q3seOFyEWVYCp6RV1LNpQdmEpTqUmY9LGkURElFrqfpF
UrmOv2CYtGbQM0BaJY41vV455dOEAOpqFKTcZKT99YNf4LTbFrdE3jOXNNraJqSP
rf7X1K50bku0SSy+PuiZQMLyJFh/loH+B4BesmGPLg==
-----END CERTIFICATE-----
Generated at Fri May 10 19:24:30 2024 by rpki-client on console-fra.rpki-client.org