Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/kxSUWjxZys8IC4MDpkbOMIZgx7I.roa
File: kxSUWjxZys8IC4MDpkbOMIZgx7I.roa (raw, json)
Hash identifier: U4IXxZNxokI3FGS1Z84lkzVMYwr/yJI4dg5kPu1i3uk=
Subject key identifier: 93:14:94:5A:3C:59:CA:CF:08:0B:83:03:A6:46:CE:30:86:60:C7:B2
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01916BB53319373FE56BECEE7F585EA20DEE
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/kxSUWjxZys8IC4MDpkbOMIZgx7I.roa
Signing time: Mon 19 Aug 2024 17:35:22 +0000
ROA not before: Mon 19 Aug 2024 17:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 45.43.88.0/23 maxlen: 24
45.43.90.0/23 maxlen: 24
87.239.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 14:26:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:b5:33:19:37:3f:e5:6b:ec:ee:7f:58:5e:a2:0d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Aug 19 17:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9314945a3c59cacf080b8303a646ce308660c7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:44:33:5a:36:10:4d:5a:93:90:b9:3b:87:53:
48:b2:a4:68:1c:93:ee:0a:26:aa:e1:5a:fc:44:83:
1b:b3:fb:e2:af:2a:58:89:96:ef:8a:b6:b0:55:c7:
57:3e:30:21:34:83:65:cb:7c:bc:b5:09:0c:c3:d5:
e3:86:ff:62:bb:6d:22:dc:9c:d2:e4:66:f1:eb:1b:
46:b4:bb:50:19:dc:7d:a6:0d:a4:19:61:ec:e6:ef:
b2:92:f2:29:8e:70:1e:db:36:97:f5:98:85:12:58:
b6:94:a0:37:0a:37:8d:74:9b:d9:1d:c1:21:93:16:
fe:80:94:c5:a1:f6:d7:b4:43:e6:16:d6:c5:ce:0a:
bb:4a:1e:ed:08:c9:71:32:9c:e4:78:bd:02:1f:d8:
4b:36:bd:97:b0:6a:07:64:4b:18:35:58:92:bb:0f:
fe:16:61:5f:45:3c:58:d9:3e:3c:89:d7:75:14:5e:
70:1e:ef:3e:c0:6a:ed:6c:7a:c9:31:ab:b3:3e:c2:
bb:62:66:93:e1:0d:8e:ff:83:0b:03:df:78:9f:ac:
9c:19:03:43:42:95:d7:73:ea:c3:e3:56:32:f9:28:
46:b8:b1:8f:e0:7b:5a:17:10:fa:5c:7c:28:78:06:
68:80:30:f6:b8:e6:d7:f8:c2:e2:24:b3:61:fb:8b:
c7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:14:94:5A:3C:59:CA:CF:08:0B:83:03:A6:46:CE:30:86:60:C7:B2
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/kxSUWjxZys8IC4MDpkbOMIZgx7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.88.0/22
87.239.250.0/23
Signature Algorithm: sha256WithRSAEncryption
88:7d:3b:8c:5f:87:b7:79:e3:33:66:3d:0a:b9:75:c6:45:8d:
fa:7a:0a:dd:cc:f8:32:d9:c0:b9:2d:79:fb:ee:7c:79:74:24:
f7:7b:75:5b:9d:37:52:4d:96:13:ab:5e:dd:b3:6c:d2:57:a9:
cb:3f:3d:7d:42:9a:7e:d8:d2:01:4e:2d:a6:43:8c:de:0b:bc:
a0:ba:ae:d0:6e:f2:0f:29:a5:c2:6c:05:44:cd:27:19:5d:7b:
88:f6:07:52:a7:5d:1e:c4:2d:97:ce:e7:02:7f:43:6b:45:a8:
bf:14:f3:ea:a6:3a:97:fc:a2:42:8a:58:ed:bf:4e:03:a9:c2:
a5:2e:17:dd:3c:ac:6b:b5:14:a9:69:f8:01:dd:47:f7:9d:81:
13:60:b0:0b:8f:f8:7f:d4:df:21:11:24:91:3e:47:b0:92:8b:
b0:a3:e3:53:bc:10:28:a2:3b:e6:ed:2b:a8:88:ef:a3:37:5a:
84:21:2a:02:6f:fa:4b:db:fc:a3:58:f4:a7:96:42:1e:b8:78:
23:88:4d:ea:30:c7:f7:6a:62:03:a2:f5:13:c7:9d:94:e4:b4:
43:6a:6a:cb:12:1c:c4:51:5f:c1:c3:bb:15:37:2a:07:d0:5b:
24:6f:3e:13:74:ca:36:64:75:23:95:8e:7e:c0:b9:e8:f4:51:
d5:6f:29:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFrtTMZNz/la+zuf1heog3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwODE5MTczNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzE0OTQ1YTNjNTljYWNmMDgwYjgzMDNhNjQ2Y2UzMDg2NjBjN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30QzWjYQTVqTkLk7h1NIsqRoHJPu
Ciaq4Vr8RIMbs/virypYiZbvirawVcdXPjAhNINly3y8tQkMw9Xjhv9iu20i3JzS
5Gbx6xtGtLtQGdx9pg2kGWHs5u+ykvIpjnAe2zaX9ZiFEli2lKA3CjeNdJvZHcEh
kxb+gJTFofbXtEPmFtbFzgq7Sh7tCMlxMpzkeL0CH9hLNr2XsGoHZEsYNViSuw/+
FmFfRTxY2T48idd1FF5wHu8+wGrtbHrJMauzPsK7YmaT4Q2O/4MLA994n6ycGQND
QpXXc+rD41Yy+ShGuLGP4HtaFxD6XHwoeAZogDD2uObX+MLiJLNh+4vHdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJMUlFo8WcrPCAuDA6ZGzjCGYMeyMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEva3hTVVdqeFp5czhJQzRNRHBrYk9NSVpneDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLStYAwQB
V+/6MA0GCSqGSIb3DQEBCwUAA4IBAQCIfTuMX4e3eeMzZj0KuXXGRY36egrdzPgy
2cC5LXn77nx5dCT3e3VbnTdSTZYTq17ds2zSV6nLPz19Qpp+2NIBTi2mQ4zeC7yg
uq7QbvIPKaXCbAVEzScZXXuI9gdSp10exC2XzucCf0NrRai/FPPqpjqX/KJCiljt
v04DqcKlLhfdPKxrtRSpafgB3Uf3nYETYLALj/h/1N8hESSRPkewkouwo+NTvBAo
ojvm7SuoiO+jN1qEISoCb/pL2/yjWPSnlkIeuHgjiE3qMMf3amIDovUTx52U5LRD
amrLEhzEUV/Bw7sVNyoH0Fskbz4TdMo2ZHUjlY5+wLno9FHVbykR
-----END CERTIFICATE-----
Generated at Mon Aug 26 16:54:15 2024 by rpki-client on console-fra.rpki-client.org