Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/KVTk65-IuaJZCL6PCxY7YNR1mbA.roa
File: KVTk65-IuaJZCL6PCxY7YNR1mbA.roa (raw, json)
Hash identifier: NWzTqcLhV3OgtpkASDA5Kxl64vnuKyOXEREn7PMXlak=
Subject key identifier: 29:54:E4:EB:9F:88:B9:A2:59:08:BE:8F:0B:16:3B:60:D4:75:99:B0
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018C746DFBE0B00473FFC5DCD05B1A0726FD
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/KVTk65-IuaJZCL6PCxY7YNR1mbA.roa
Signing time: Sat 16 Dec 2023 21:00:14 +0000
ROA not before: Sat 16 Dec 2023 21:00:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.150.53.0/24 maxlen: 24
95.214.176.0/24 maxlen: 24
91.238.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:74:6d:fb:e0:b0:04:73:ff:c5:dc:d0:5b:1a:07:26:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Dec 16 21:00:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2954e4eb9f88b9a25908be8f0b163b60d47599b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:66:40:a0:64:61:7d:bf:0a:0f:7d:eb:2d:78:
b2:3d:26:0f:56:c5:e6:f6:e4:24:ca:74:05:31:76:
8b:78:b7:41:25:46:99:c9:a0:f2:44:84:28:fc:01:
f9:09:7a:07:c3:96:7d:6f:17:c2:6b:4b:db:84:ff:
30:d6:76:c8:f2:d5:0b:40:29:29:ad:61:db:59:24:
b9:19:ac:2d:49:a8:1c:09:05:c0:eb:b9:88:30:10:
9b:e4:6d:9f:e9:15:ac:8c:5d:d1:b4:a7:15:0a:7f:
22:d6:eb:6e:bd:1c:66:30:68:f6:11:f5:fc:7c:f0:
79:bb:50:9e:fc:ca:9d:89:3a:00:30:29:53:87:00:
03:10:e8:78:6b:b8:df:f8:d9:f6:8d:b3:8d:2f:62:
b9:de:f3:4d:97:81:fa:89:bb:40:09:a4:82:99:c2:
5f:73:ed:9a:cd:79:96:ba:ff:23:0e:90:e6:6f:3a:
1b:c8:07:f9:bb:3e:31:28:9b:1a:09:e6:74:1c:a0:
c5:96:d0:36:32:a4:73:a0:af:17:c6:ee:5e:83:5a:
3f:ff:94:a5:5c:d8:92:dd:03:02:34:26:aa:ce:4b:
23:2f:4a:0f:23:60:9e:db:35:6b:13:27:1e:9e:3d:
5c:56:29:2a:de:75:4d:93:1b:4b:ec:84:9a:a5:69:
f3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:54:E4:EB:9F:88:B9:A2:59:08:BE:8F:0B:16:3B:60:D4:75:99:B0
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/KVTk65-IuaJZCL6PCxY7YNR1mbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.53.0/24
91.238.93.0/24
95.214.176.0/24
Signature Algorithm: sha256WithRSAEncryption
23:06:6a:fe:9c:80:a8:2e:83:90:d2:c1:21:f7:84:1b:99:31:
e1:07:f7:a4:05:53:71:7a:0b:9a:a1:19:70:c4:f6:44:d7:36:
69:ca:5e:76:5b:34:c0:70:22:3d:91:12:cc:47:8a:af:25:32:
81:ef:a1:aa:fb:22:1d:31:93:c9:1e:5d:c2:18:14:5c:86:34:
6b:56:3e:91:8f:90:df:7d:3c:52:79:5a:43:ad:55:cd:85:87:
cb:7d:00:c0:db:94:37:8f:81:46:41:bc:ee:38:6e:67:1c:a3:
18:2c:94:47:41:c2:9f:52:49:f6:16:90:5d:34:0e:24:70:bd:
f9:64:d0:b5:1b:fe:15:7f:0c:10:a4:79:fc:95:92:0a:16:4d:
6b:78:82:1a:bd:ad:53:01:6b:a1:49:0a:f0:7d:97:ed:7b:9a:
a6:7f:5f:55:86:0d:e4:09:49:19:86:5e:bc:e2:00:0a:40:cc:
5c:39:9d:06:1b:99:1c:36:ce:f5:6f:f1:72:ab:c9:39:d9:bd:
0a:fb:a5:e9:07:92:a2:40:1f:46:b6:f6:e7:5d:bd:d4:ad:6a:
ca:c9:e4:ee:b4:af:d8:c6:c6:77:ea:8f:16:6e:8b:5d:af:1d:
9b:66:c9:7a:44:e1:ca:b3:99:ff:bc:80:a3:d9:61:9e:0e:2c:
79:7a:4a:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx0bfvgsARz/8Xc0FsaByb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMxMjE2MjEwMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU0ZTRlYjlmODhiOWEyNTkwOGJlOGYwYjE2M2I2MGQ0NzU5OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGZAoGRhfb8KD33rLXiyPSYPVsXm
9uQkynQFMXaLeLdBJUaZyaDyRIQo/AH5CXoHw5Z9bxfCa0vbhP8w1nbI8tULQCkp
rWHbWSS5GawtSagcCQXA67mIMBCb5G2f6RWsjF3RtKcVCn8i1utuvRxmMGj2EfX8
fPB5u1Ce/MqdiToAMClThwADEOh4a7jf+Nn2jbONL2K53vNNl4H6ibtACaSCmcJf
c+2azXmWuv8jDpDmbzobyAf5uz4xKJsaCeZ0HKDFltA2MqRzoK8Xxu5eg1o//5Sl
XNiS3QMCNCaqzksjL0oPI2Ce2zVrEycenj1cVikq3nVNkxtL7ISapWnzZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFClU5OufiLmiWQi+jwsWO2DUdZmwMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvS1ZUazY1LUl1YUpaQ0w2UEN4WTdZTlIxbWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZY1AwQA
W+5dAwQAX9awMA0GCSqGSIb3DQEBCwUAA4IBAQAjBmr+nICoLoOQ0sEh94QbmTHh
B/ekBVNxeguaoRlwxPZE1zZpyl52WzTAcCI9kRLMR4qvJTKB76Gq+yIdMZPJHl3C
GBRchjRrVj6Rj5DffTxSeVpDrVXNhYfLfQDA25Q3j4FGQbzuOG5nHKMYLJRHQcKf
Ukn2FpBdNA4kcL35ZNC1G/4VfwwQpHn8lZIKFk1reIIava1TAWuhSQrwfZfte5qm
f19Vhg3kCUkZhl684gAKQMxcOZ0GG5kcNs71b/Fyq8k52b0K+6XpB5KiQB9Gtvbn
Xb3UrWrKyeTutK/YxsZ36o8Wbotdrx2bZsl6ROHKs5n/vICj2WGeDix5ekpm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:00 2024 by rpki-client on console-fra.rpki-client.org