Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/kmut93_IW23rve_6sn6JOK4E1Uc.roa
File: kmut93_IW23rve_6sn6JOK4E1Uc.roa (raw, json)
Hash identifier: FAu5fDECxwgZqX666r9iI4qe7rojpgoyRCaDtX3Ud0I=
Subject key identifier: 92:6B:AD:F7:7F:C8:5B:6D:EB:BD:EF:FA:B2:7E:89:38:AE:04:D5:47
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0186EB04D32103FA46DD6624481AEAC83EC2
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/kmut93_IW23rve_6sn6JOK4E1Uc.roa
Signing time: Thu 16 Mar 2023 15:23:27 +0000
ROA not before: Thu 16 Mar 2023 15:23:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.153.238.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
77.83.70.0/24 maxlen: 24
171.22.188.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
84.252.84.0/23 maxlen: 23
45.11.232.0/24 maxlen: 24
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Mar 2023 15:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:eb:04:d3:21:03:fa:46:dd:66:24:48:1a:ea:c8:3e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Mar 16 15:23:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=926badf77fc85b6debbdeffab27e8938ae04d547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:54:4b:11:88:34:e6:70:56:3a:67:0b:27:2c:
5a:e5:36:c2:52:64:7c:73:0e:af:05:f7:06:18:04:
9c:98:95:07:b8:93:ed:54:2b:e8:b7:c9:ae:81:d4:
f4:ad:71:75:5e:76:ae:7b:ab:68:bf:4f:cc:07:96:
58:db:a8:5d:8e:ae:75:19:62:79:e4:12:64:bb:85:
09:f8:9a:33:a8:a9:89:da:c6:52:61:9d:df:f2:e9:
ee:0a:a5:81:fe:dd:ea:c5:55:ef:ab:07:0d:28:cf:
2b:62:21:c5:cd:84:14:9f:39:72:fb:0e:e4:78:8a:
f4:6a:8c:53:13:db:48:89:ad:95:97:a5:9e:d2:47:
1b:f3:e3:fc:c3:95:6c:04:3c:61:3c:0e:8e:81:38:
bc:1b:65:9e:c0:4b:05:3f:10:2d:c0:a0:bd:cc:2d:
ce:64:8e:5b:c9:99:0c:0b:d1:b6:25:ab:ed:81:a3:
33:b4:d7:e1:e5:d0:99:b6:12:40:87:dd:36:69:c5:
ff:7d:f5:d4:a1:90:90:04:25:61:50:4e:79:19:4a:
8f:d9:c3:18:6c:17:52:90:51:81:d0:27:17:7a:38:
e2:e4:a1:f6:0d:b9:96:35:99:9e:b4:6e:6a:e7:27:
0b:ac:f8:2c:76:6c:6b:b7:82:96:ac:16:0b:b6:79:
be:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6B:AD:F7:7F:C8:5B:6D:EB:BD:EF:FA:B2:7E:89:38:AE:04:D5:47
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/kmut93_IW23rve_6sn6JOK4E1Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.153.236.0-45.153.238.255
77.83.70.0/23
84.252.84.0/22
171.22.188.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:d9:68:6e:a3:6d:90:18:0e:57:53:ca:78:91:e9:49:23:91:
8c:b9:c3:14:74:9f:ec:6d:c9:54:fa:f3:31:71:d9:4c:4d:79:
23:36:57:5a:d8:19:3e:14:0a:db:fa:5b:12:93:f4:eb:8f:89:
62:0f:41:0a:d4:8f:de:2c:1e:d6:f0:1a:27:ef:ad:7e:7d:c7:
3d:4f:db:e6:63:4e:a0:04:13:88:fb:25:08:18:27:6e:91:ce:
e9:52:6a:1b:b9:a9:db:0c:a6:3f:1c:cf:d1:5c:ce:ea:53:01:
61:88:f2:98:37:fc:3f:bd:92:40:0c:0a:b1:62:fb:69:41:80:
d5:e3:5a:40:c4:d9:3c:07:2d:c4:75:81:1e:1d:33:d5:79:6d:
54:ea:e1:c7:9a:60:2b:9d:50:7c:f6:9e:ca:f8:04:0a:e5:a5:
18:4e:e8:6f:90:f8:e8:d8:36:d9:3c:4c:94:9a:60:4b:13:de:
f4:a6:56:df:dd:85:21:4c:b5:95:6c:7d:22:c6:b7:e7:3f:71:
56:1f:85:a9:67:a6:34:2c:3a:fe:0f:65:ed:97:cf:cb:42:40:
9c:65:c3:d6:76:3d:d6:c3:46:f7:01:92:92:d5:8e:26:b0:88:
29:92:6e:44:51:46:70:b3:b8:91:c0:12:8c:7a:e1:5d:47:99:
2f:88:26:45
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYbrBNMhA/pG3WYkSBrqyD7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwMzE2MTUyMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjZiYWRmNzdmYzg1YjZkZWJiZGVmZmFiMjdlODkzOGFlMDRkNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlRLEYg05nBWOmcLJyxa5TbCUmR8
cw6vBfcGGAScmJUHuJPtVCvot8mugdT0rXF1Xnaue6tov0/MB5ZY26hdjq51GWJ5
5BJku4UJ+JozqKmJ2sZSYZ3f8unuCqWB/t3qxVXvqwcNKM8rYiHFzYQUnzly+w7k
eIr0aoxTE9tIia2Vl6We0kcb8+P8w5VsBDxhPA6OgTi8G2WewEsFPxAtwKC9zC3O
ZI5byZkMC9G2JavtgaMztNfh5dCZthJAh902acX/ffXUoZCQBCVhUE55GUqP2cMY
bBdSkFGB0CcXejji5KH2DbmWNZmetG5q5ycLrPgsdmxrt4KWrBYLtnm+ewIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJJrrfd/yFtt673v+rJ+iTiuBNVHMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEva211dDkzX0lXMjNydmVfNnNuNkpPSzRFMVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALQvoMAwD
BAItmewDBAAtme4DBAFNU0YDBAJU/FQDBAGrFrwwDQYJKoZIhvcNAQELBQADggEB
AIzZaG6jbZAYDldTyniR6UkjkYy5wxR0n+xtyVT68zFx2UxNeSM2V1rYGT4UCtv6
WxKT9OuPiWIPQQrUj94sHtbwGifvrX59xz1P2+ZjTqAEE4j7JQgYJ26RzulSahu5
qdsMpj8cz9FczupTAWGI8pg3/D+9kkAMCrFi+2lBgNXjWkDE2TwHLcR1gR4dM9V5
bVTq4ceaYCudUHz2nsr4BArlpRhO6G+Q+OjYNtk8TJSaYEsT3vSmVt/dhSFMtZVs
fSLGt+c/cVYfhalnpjQsOv4PZe2Xz8tCQJxlw9Z2PdbDRvcBkpLVjiawiCmSbkRR
RnCzuJHAEox64V1HmS+IJkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:32 2024 by rpki-client on console-fra.rpki-client.org