Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1-K-V4xe5aJu-QuU2mXWC4x8gQ8c.roa
File: 1-K-V4xe5aJu-QuU2mXWC4x8gQ8c.roa (raw, json)
Hash identifier: 5ZVgxwsK1JZrFWm/UvQmhzmkDMEFDZDnY+U0269/iL0=
Subject key identifier: F8:AF:95:E3:17:B9:68:9B:BE:42:E5:36:99:75:82:E3:1F:20:43:C7
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 0185EDE41C0443890BEDA9B45E7C9DC0622D
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1-K-V4xe5aJu-QuU2mXWC4x8gQ8c.roa
Signing time: Thu 26 Jan 2023 11:43:47 +0000
ROA not before: Thu 26 Jan 2023 11:43:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43180
IP address blocks: 45.12.0.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 Nov 2023 19:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:e4:1c:04:43:89:0b:ed:a9:b4:5e:7c:9d:c0:62:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jan 26 11:43:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8af95e317b9689bbe42e536997582e31f2043c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d6:7e:61:41:ab:c4:4f:90:3a:02:2f:14:89:
1b:0b:7b:3a:a9:05:66:50:ce:6b:dc:5b:0f:c6:a3:
e6:64:ac:76:4c:5b:8f:7d:77:03:14:e4:cc:5f:26:
4c:47:1d:ec:ec:a8:b4:aa:2f:2f:ff:e4:c7:e3:b7:
fd:e9:5d:b8:62:83:4b:e1:da:45:96:87:1d:e2:23:
72:d1:3e:b9:d4:15:dc:43:91:f7:ba:45:f5:74:07:
21:48:f6:ef:52:d9:e2:3f:88:3c:85:dd:3f:ca:47:
68:1f:39:24:71:39:4a:6c:05:f1:aa:0e:fb:21:25:
07:af:0d:ef:da:09:c8:ce:66:ca:4d:2e:dc:7a:2b:
e5:77:bb:0f:8a:c6:77:a4:62:bc:50:01:48:37:c0:
63:7d:d7:cb:aa:d7:f2:80:2f:74:90:c2:95:e7:9c:
fb:11:60:51:50:65:97:fe:c5:cf:84:a5:cf:0c:2d:
c6:09:73:e1:ae:51:3c:3f:b3:54:cc:d7:d0:78:79:
db:57:c5:31:5c:d8:2e:6f:3a:1c:10:28:e9:80:47:
8c:b0:7f:1b:46:66:f5:d2:f9:fa:e3:22:b7:8d:25:
3a:16:67:e3:95:82:7d:f5:ea:cb:b0:12:a7:c4:53:
44:dc:63:a7:20:5a:73:9d:cc:38:d3:2c:b3:88:8c:
11:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AF:95:E3:17:B9:68:9B:BE:42:E5:36:99:75:82:E3:1F:20:43:C7
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1-K-V4xe5aJu-QuU2mXWC4x8gQ8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
176.119.31.0/24
185.254.199.0/24
195.66.210.0/24
195.128.248.0/23
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
18:eb:03:59:69:4d:b0:a8:d0:b1:eb:95:2d:16:23:bd:cd:ad:
6b:0a:7f:bb:c7:d0:f1:3a:01:c3:f1:39:6b:ce:3c:9c:34:62:
1d:07:30:b5:a0:e5:d4:6f:78:b7:7b:b1:49:56:bb:05:31:be:
9e:80:14:10:b1:8a:4e:cd:30:a6:a2:64:08:b3:22:41:1b:ba:
09:78:f7:06:38:6f:54:81:09:b7:66:f5:a0:da:14:f8:38:62:
fe:88:0a:b2:50:60:83:fc:ae:dd:cd:5a:29:45:5f:db:27:9d:
7a:3a:22:5c:bb:61:27:f8:e7:c0:62:31:dc:12:51:85:4c:90:
8a:fd:d2:0c:88:61:40:bd:c9:0b:99:76:35:e5:6f:d2:e4:09:
d9:94:21:5f:8b:63:90:69:c8:42:d2:0e:47:0d:34:aa:6f:ec:
99:48:3a:cb:ff:01:c9:8a:2c:54:26:2d:39:e6:05:8e:77:34:
f4:10:34:a3:b5:65:c6:19:cf:45:7a:22:37:e0:e8:0f:81:3f:
19:66:b6:99:d7:ca:28:2f:ac:e2:0e:d2:08:bc:a2:4a:14:00:
41:ab:93:ce:db:5d:88:71:1b:11:8f:f7:8c:44:ca:c9:7c:f0:
df:4b:51:e0:2b:7c:9a:64:c7:ad:1f:23:7d:83:be:c8:93:2f:
db:68:31:28
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYXt5BwEQ4kL7am0XnydwGItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjMwMTI2MTE0MzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFmOTVlMzE3Yjk2ODliYmU0MmU1MzY5OTc1ODJlMzFmMjA0M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNZ+YUGrxE+QOgIvFIkbC3s6qQVm
UM5r3FsPxqPmZKx2TFuPfXcDFOTMXyZMRx3s7Ki0qi8v/+TH47f96V24YoNL4dpF
locd4iNy0T651BXcQ5H3ukX1dAchSPbvUtniP4g8hd0/ykdoHzkkcTlKbAXxqg77
ISUHrw3v2gnIzmbKTS7ceivld7sPisZ3pGK8UAFIN8BjfdfLqtfygC90kMKV55z7
EWBRUGWX/sXPhKXPDC3GCXPhrlE8P7NUzNfQeHnbV8UxXNgubzocECjpgEeMsH8b
Rmb10vn64yK3jSU6FmfjlYJ99erLsBKnxFNE3GOnIFpzncw40yyziIwRuwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPivleMXuWibvkLlNpl1guMfIEPHMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvMS1LLVY0eGU1YUp1LVF1VTJtWFdDNHg4Z1E4Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvZDVkYTBjLTljZjMtNGY4Yi1hNTYyLWNiMTFiYzViMmYx
Yi8xL3N5eWNKdDk4ellyVGpZbTlYVWs0QzVPeDRBay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAC0LOQME
AS0MAAMEAC0MAwMEAFvQcwMEALB3HwMEALn+xwMEAMNC0gMEAcOA+DANBAIAAjAH
AwUAKgktwjANBgkqhkiG9w0BAQsFAAOCAQEAGOsDWWlNsKjQseuVLRYjvc2tawp/
u8fQ8ToBw/E5a848nDRiHQcwtaDl1G94t3uxSVa7BTG+noAUELGKTs0wpqJkCLMi
QRu6CXj3BjhvVIEJt2b1oNoU+Dhi/ogKslBgg/yu3c1aKUVf2yedejoiXLthJ/jn
wGIx3BJRhUyQiv3SDIhhQL3JC5l2NeVv0uQJ2ZQhX4tjkGnIQtIORw00qm/smUg6
y/8ByYosVCYtOeYFjnc09BA0o7VlxhnPRXoiN+DoD4E/GWa2mdfKKC+s4g7SCLyi
ShQAQauTzttdiHEbEY/3jETKyXzw30tR4Ct8mmTHrR8jfYO+yJMv22gxKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org