Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KdRE8pKZvKA4izrMBPKfoHv1DrM.roa
File: KdRE8pKZvKA4izrMBPKfoHv1DrM.roa (raw, json)
Hash identifier: fRxCwPJnfQ7dz5USXUVVFPgLQ70kE4rkr9kVMvfs2Ww=
Subject key identifier: 29:D4:44:F2:92:99:BC:A0:38:8B:3A:CC:04:F2:9F:A0:7B:F5:0E:B3
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018AF7C73B9645B472BEA3681F85EF422143
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KdRE8pKZvKA4izrMBPKfoHv1DrM.roa
Signing time: Tue 03 Oct 2023 23:02:23 +0000
ROA not before: Tue 03 Oct 2023 23:02:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213220
IP address blocks: 45.8.209.0/24 maxlen: 24
213.108.196.0/24 maxlen: 24
2a0b:da00::/29 maxlen: 29
2a0d:2dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Nov 2023 08:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f7:c7:3b:96:45:b4:72:be:a3:68:1f:85:ef:42:21:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 3 23:02:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29d444f29299bca0388b3acc04f29fa07bf50eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:ac:e5:01:f6:69:e5:c9:e2:cd:44:3f:af:
c9:6c:f6:51:c8:5f:bd:71:50:72:7c:cc:f5:cb:56:
72:d7:57:e5:8a:51:81:e3:e5:8c:73:45:45:68:14:
55:f7:73:70:82:dc:0f:0a:d3:48:72:35:ed:1d:e9:
f0:a6:8e:ac:00:77:61:06:e0:f0:6c:61:50:f7:47:
92:1c:c1:bb:0f:34:db:a8:55:be:a5:1d:86:8a:73:
52:d2:05:35:61:eb:bf:51:32:6b:52:d5:72:02:74:
28:fc:2a:85:81:16:8d:37:98:23:00:6a:09:0d:29:
42:45:a4:e9:fe:01:56:a2:48:f6:6d:ad:20:29:2a:
ea:f3:56:5f:8c:9f:d2:ec:d3:5d:e3:b3:01:c5:85:
d9:16:1b:1b:55:e4:97:17:42:23:3c:76:29:e6:8b:
d9:68:61:64:43:9a:ef:db:9f:96:75:8b:1c:b6:91:
b5:b9:56:10:5b:70:fd:1e:48:d7:b5:1b:70:d0:af:
ff:f8:a0:a4:32:5d:de:d3:9e:bd:d9:bb:1d:a5:14:
6b:ed:ee:3b:b8:76:8d:02:11:ad:a6:cd:10:f8:31:
cc:70:5f:fe:43:bd:28:45:46:49:ff:34:d9:86:9a:
38:bf:ca:2c:69:ff:7d:83:56:38:c0:85:6e:d0:f9:
5e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D4:44:F2:92:99:BC:A0:38:8B:3A:CC:04:F2:9F:A0:7B:F5:0E:B3
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KdRE8pKZvKA4izrMBPKfoHv1DrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.209.0/24
213.108.196.0/24
IPv6:
2a0b:da00::/29
2a0d:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
51:82:26:b6:52:0d:96:52:05:79:fa:42:08:ab:63:ae:10:66:
68:18:45:89:47:98:d3:ee:fd:1b:ef:de:78:93:ba:5a:3e:c7:
46:7d:58:12:d3:b9:ac:99:2c:19:23:b3:00:82:b7:84:54:dd:
a5:77:52:93:f1:b3:6b:b8:5a:1e:f9:05:83:65:4f:51:92:b1:
14:36:74:8c:03:13:43:9a:35:d5:54:23:ad:63:3f:a7:56:de:
66:c3:f3:a4:5e:0b:10:98:7b:17:4c:7a:06:66:49:74:a7:02:
43:2f:02:14:c0:1d:d6:df:6a:67:5b:77:b4:ae:e8:89:e6:ae:
f9:c2:11:ef:d9:75:62:72:d1:da:4c:0a:f2:3d:76:2a:09:9a:
9e:33:12:22:e9:9d:9e:c8:05:fb:2a:65:75:07:d9:e3:9c:63:
c4:1d:fa:a0:ea:04:b1:d2:b2:ad:87:21:7d:f1:e3:72:7f:01:
55:c1:6e:fa:30:b2:b6:2b:4d:b1:ee:e3:23:a3:0d:fd:0b:22:
1d:66:5c:47:bd:df:7d:b0:45:02:99:a9:0c:1e:a7:d0:20:49:
43:70:3b:d9:a3:0e:7a:a7:72:a0:a6:0c:56:e5:c3:41:c6:b2:
46:81:9e:8f:30:91:86:e3:fc:cf:ac:08:c4:ee:9f:42:b5:9a:
bc:2e:0a:18
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYr3xzuWRbRyvqNoH4XvQiFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMDAzMjMwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ0NDRmMjkyOTliY2EwMzg4YjNhY2MwNGYyOWZhMDdiZjUwZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUus5QH2aeXJ4s1EP6/JbPZRyF+9
cVByfMz1y1Zy11flilGB4+WMc0VFaBRV93NwgtwPCtNIcjXtHenwpo6sAHdhBuDw
bGFQ90eSHMG7DzTbqFW+pR2GinNS0gU1Yeu/UTJrUtVyAnQo/CqFgRaNN5gjAGoJ
DSlCRaTp/gFWokj2ba0gKSrq81ZfjJ/S7NNd47MBxYXZFhsbVeSXF0IjPHYp5ovZ
aGFkQ5rv25+WdYsctpG1uVYQW3D9HkjXtRtw0K//+KCkMl3e05692bsdpRRr7e47
uHaNAhGtps0Q+DHMcF/+Q70oRUZJ/zTZhpo4v8osaf99g1Y4wIVu0PleiwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCnURPKSmbygOIs6zATyn6B79Q6zMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvS2RSRThwS1p2S0E0aXpyTUJQS2ZvSHYxRHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQALQjRAwQA
1WzEMBQEAgACMA4DBQMqC9oAAwUDKg0twDANBgkqhkiG9w0BAQsFAAOCAQEAUYIm
tlINllIFefpCCKtjrhBmaBhFiUeY0+79G+/eeJO6Wj7HRn1YEtO5rJksGSOzAIK3
hFTdpXdSk/Gza7haHvkFg2VPUZKxFDZ0jAMTQ5o11VQjrWM/p1beZsPzpF4LEJh7
F0x6BmZJdKcCQy8CFMAd1t9qZ1t3tK7oieau+cIR79l1YnLR2kwK8j12KgmanjMS
IumdnsgF+ypldQfZ45xjxB36oOoEsdKyrYchffHjcn8BVcFu+jCytitNse7jI6MN
/QsiHWZcR73ffbBFApmpDB6n0CBJQ3A72aMOeqdyoKYMVuXDQcayRoGejzCRhuP8
z6wIxO6fQrWavC4KGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org