Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/KHok_k82vjB-sQjeFEZeZnk7QY0.roa
File: KHok_k82vjB-sQjeFEZeZnk7QY0.roa (raw, json)
Hash identifier: 8jwXcJLqgKxKD3FlCDQgF3YSdjL5XuEr6fGenz8PUUA=
Subject key identifier: 28:7A:24:FE:4F:36:BE:30:7E:B1:08:DE:14:46:5E:66:79:3B:41:8D
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0186E4AF6C49D738C7F6CC2B95CE5052EEAC
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/KHok_k82vjB-sQjeFEZeZnk7QY0.roa
Signing time: Wed 15 Mar 2023 09:52:27 +0000
ROA not before: Wed 15 Mar 2023 09:52:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56382
IP address blocks: 45.152.125.0/24 maxlen: 24
45.152.124.0/24 maxlen: 24
45.152.127.0/24 maxlen: 24
45.152.126.0/24 maxlen: 24
2a0f:5700:1220::/44 maxlen: 44
2a0f:5702::/32 maxlen: 48
2a0f:5701:fe80::/48 maxlen: 48
2a0f:5707:fe80::/48 maxlen: 48
2a0f:5700::/32 maxlen: 48
2a0f:5700:fe80::/48 maxlen: 48
2a0f:5707:ffff::/48 maxlen: 48
2a0f:5701:fe01::/48 maxlen: 48
2a0f:5701:1220::/44 maxlen: 44
2a0f:5707:1220::/44 maxlen: 44
2a0f:5707:ab80::/44 maxlen: 48
2a0f:5707:aa80::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jul 2023 08:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:af:6c:49:d7:38:c7:f6:cc:2b:95:ce:50:52:ee:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Mar 15 09:52:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=287a24fe4f36be307eb108de14465e66793b418d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:33:0c:af:6b:6d:20:93:fb:a2:cb:9e:d3:
07:2d:63:8f:f6:35:5d:a1:d1:64:2a:9f:e1:e4:52:
53:f4:e9:fb:9c:80:97:f9:6f:9a:6a:af:28:3b:f1:
a3:94:7e:64:72:ff:7c:db:78:d1:74:b9:fd:b4:44:
d9:03:8c:fa:29:a4:35:71:87:63:72:ad:01:66:78:
ac:32:1b:03:5e:5a:be:8e:70:fd:3c:e0:4f:b8:49:
89:b8:30:18:c2:4e:61:e0:11:63:2c:8f:01:52:f2:
34:97:2a:d0:04:cf:07:9b:68:62:79:6a:9e:a2:a1:
54:21:81:0a:a5:d8:52:01:18:fa:b9:a0:fb:60:26:
9b:8d:db:70:cb:b0:51:8e:56:92:bb:e9:3a:eb:28:
62:a5:9c:7f:8a:d4:40:b0:f7:6d:5b:1d:80:7f:f8:
7d:3d:1c:b1:87:ff:a1:d0:fb:e2:6d:1d:f4:aa:b9:
c2:f6:31:3c:a1:12:32:01:14:23:1e:d2:a7:29:cb:
2a:c0:0e:b7:6c:2a:65:cc:8e:8b:04:6d:73:ed:86:
51:41:94:8b:f5:af:16:3e:09:de:4e:27:08:a1:a3:
47:e1:06:53:c5:1d:8d:b9:bc:0f:fc:35:86:6e:4a:
77:f5:8c:57:f9:5a:36:e5:32:d0:4f:f1:b8:0f:a3:
a5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7A:24:FE:4F:36:BE:30:7E:B1:08:DE:14:46:5E:66:79:3B:41:8D
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/KHok_k82vjB-sQjeFEZeZnk7QY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.124.0/22
IPv6:
2a0f:5700::/32
2a0f:5701:1220::/44
2a0f:5701:fe01::/48
2a0f:5701:fe80::/48
2a0f:5702::/32
2a0f:5707:1220::/44
2a0f:5707:aa80::/44
2a0f:5707:ab80::/44
2a0f:5707:fe80::/48
2a0f:5707:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
97:23:3a:07:67:4c:ce:8f:65:a8:fc:c9:d6:12:58:48:09:e0:
e8:bd:bd:09:57:26:52:22:8d:02:df:ca:5e:cc:bd:27:41:3b:
93:10:19:ba:fa:46:78:2c:b5:e3:ad:e3:4e:a9:96:96:81:81:
08:6e:39:97:11:b9:63:37:02:12:d2:a6:b7:8e:bc:23:a0:d1:
ac:97:fa:5f:c8:41:0b:b9:51:b0:00:76:4a:c6:60:4b:5b:a3:
0b:03:55:d5:00:75:da:b2:40:fa:4a:40:55:14:02:a7:82:ed:
8a:c0:4f:ab:be:3c:ab:9b:63:76:a6:b5:5e:ac:c2:90:62:5a:
1f:f4:6b:5b:35:a6:d9:3e:70:5d:93:26:80:90:06:4f:2d:f4:
3f:98:c7:fc:70:39:04:4c:96:a9:21:17:3c:b4:cf:8c:11:4d:
95:a1:3b:de:ad:ba:b4:07:01:78:1b:2a:8d:1d:56:81:76:28:
11:13:4e:00:80:8c:6c:a8:8f:9d:a3:88:6a:71:c4:f0:63:6c:
62:42:42:ca:28:71:76:aa:2a:80:24:c3:45:18:48:6c:0f:49:
fe:c8:4a:5f:c9:6f:b3:37:3b:04:8a:ff:bf:c9:46:e2:42:0c:
72:22:22:1d:8e:a7:b7:9a:98:51:1c:e4:68:80:af:19:72:38:
86:5a:a8:1a
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYbkr2xJ1zjH9swrlc5QUu6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMzE1MDk1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODdhMjRmZTRmMzZiZTMwN2ViMTA4ZGUxNDQ2NWU2Njc5M2I0MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7gzDK9rbSCT+6LLntMHLWOP9jVd
odFkKp/h5FJT9On7nICX+W+aaq8oO/GjlH5kcv9823jRdLn9tETZA4z6KaQ1cYdj
cq0BZnisMhsDXlq+jnD9POBPuEmJuDAYwk5h4BFjLI8BUvI0lyrQBM8Hm2hieWqe
oqFUIYEKpdhSARj6uaD7YCabjdtwy7BRjlaSu+k66yhipZx/itRAsPdtWx2Af/h9
PRyxh/+h0PvibR30qrnC9jE8oRIyARQjHtKnKcsqwA63bCplzI6LBG1z7YZRQZSL
9a8WPgneTicIoaNH4QZTxR2NubwP/DWGbkp39YxX+Vo25TLQT/G4D6OlHwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCh6JP5PNr4wfrEI3hRGXmZ5O0GNMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvS0hva19rODJ2akItc1FqZUZFWmVabms3UVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDAMBAIAATAGAwQCLZh8MFwE
AgACMFYDBQAqD1cAAwcEKg9XARIgAwcAKg9XAf4BAwcAKg9XAf6AAwUAKg9XAgMH
BCoPVwcSIAMHBCoPVweqgAMHBCoPVwergAMHACoPVwf+gAMHACoPVwf//zANBgkq
hkiG9w0BAQsFAAOCAQEAlyM6B2dMzo9lqPzJ1hJYSAng6L29CVcmUiKNAt/KXsy9
J0E7kxAZuvpGeCy1463jTqmWloGBCG45lxG5YzcCEtKmt468I6DRrJf6X8hBC7lR
sAB2SsZgS1ujCwNV1QB12rJA+kpAVRQCp4LtisBPq748q5tjdqa1XqzCkGJaH/Rr
WzWm2T5wXZMmgJAGTy30P5jH/HA5BEyWqSEXPLTPjBFNlaE73q26tAcBeBsqjR1W
gXYoERNOAICMbKiPnaOIanHE8GNsYkJCyihxdqoqgCTDRRhIbA9J/shKX8lvszc7
BIr/v8lG4kIMciIiHY6nt5qYURzkaICvGXI4hlqoGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org