Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1-KvSJgPNzhib8rXK9YtBQ90vrxM.roa
File: 1-KvSJgPNzhib8rXK9YtBQ90vrxM.roa (raw, json)
Hash identifier: GaoSBldnUHqCJqbDp0fINF2HT3RFP79h4IkxNUty65k=
Subject key identifier: F8:AB:D2:26:03:CD:CE:18:9B:F2:B5:CA:F5:8B:41:43:DD:2F:AF:13
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 0189BF5B49C7333AD4C56E43C28A90EE0F4A
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1-KvSJgPNzhib8rXK9YtBQ90vrxM.roa
Signing time: Fri 04 Aug 2023 07:02:58 +0000
ROA not before: Fri 04 Aug 2023 07:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43641
IP address blocks: 91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
195.26.86.0/23 maxlen: 24
194.42.206.0/23 maxlen: 24
45.11.56.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 04 Aug 2023 07:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:5b:49:c7:33:3a:d4:c5:6e:43:c2:8a:90:ee:0f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Aug 4 07:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8abd22603cdce189bf2b5caf58b4143dd2faf13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:68:8c:e7:f3:9c:1d:87:96:76:ff:5b:7c:91:
89:f8:89:9a:07:7e:8c:7a:d4:2c:db:3d:2a:a3:5d:
c4:0f:a1:2e:eb:53:d6:00:2a:1e:77:db:ca:b9:36:
01:7f:e3:a0:55:59:8a:92:a4:1a:57:44:9b:7a:ae:
61:d9:e0:a2:64:54:07:6c:23:24:0b:f7:97:ed:7e:
47:3b:ad:de:26:1c:e3:0d:9b:5b:13:a9:cd:ef:2e:
cd:84:94:f1:c3:9f:5b:30:2f:23:09:f4:2d:50:ee:
b5:2b:e8:11:1b:8f:f0:5a:7e:57:a5:dc:5c:cd:36:
01:5a:35:fb:1e:da:43:b7:16:a8:23:33:d9:8b:d6:
63:22:bf:81:59:26:1d:9a:c5:40:67:f4:53:0c:86:
3d:8c:97:e5:ed:47:25:ba:1f:5c:16:75:73:ac:82:
6f:6c:b8:e0:5a:fa:3d:7e:0c:e5:68:e0:36:38:fb:
3f:7b:f5:78:93:46:91:1a:74:7f:d9:c1:3a:69:54:
40:6d:82:dc:c7:b0:93:66:cd:f9:1f:26:5c:88:87:
b4:71:3f:66:bc:66:45:87:b9:aa:d3:3c:04:f2:20:
cd:61:7b:70:ef:89:47:12:f5:97:bd:f1:90:cf:22:
98:15:fc:3b:eb:a5:29:9e:dd:a0:eb:ab:f4:b8:bb:
08:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AB:D2:26:03:CD:CE:18:9B:F2:B5:CA:F5:8B:41:43:DD:2F:AF:13
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1-KvSJgPNzhib8rXK9YtBQ90vrxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.11.59.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
185.254.199.0/24
194.42.206.0/23
195.26.86.0/23
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
95:74:60:7a:25:ec:ab:12:08:8c:48:43:bc:37:99:8c:e3:c1:
25:2a:f3:5b:1a:42:24:24:b8:f2:8c:62:6d:24:17:9b:c2:b9:
5c:a5:06:60:56:86:35:28:7b:e1:5c:41:1c:11:07:73:66:9b:
e8:06:09:c0:50:c6:e7:e5:84:f9:d3:80:f5:17:79:38:01:d6:
ce:a8:71:3b:2d:bb:3d:31:91:6e:13:39:f5:df:40:e8:c1:0b:
f0:84:5e:75:f3:a7:75:24:05:cf:d0:e4:43:4c:a1:fe:c2:96:
cc:cc:c2:3f:d9:18:c6:97:7f:c9:4c:4d:87:61:f5:f9:4a:8d:
52:4d:cd:f6:40:dc:13:47:34:12:f0:98:b9:41:a8:74:69:11:
e7:62:00:9f:35:48:5d:c2:43:0c:09:e9:74:eb:66:56:01:c9:
6a:da:af:5f:e6:ef:b8:e8:ec:76:14:29:e3:ed:87:18:43:f9:
3a:26:f0:1b:1f:06:84:97:58:f1:15:6d:94:ab:66:bd:c7:7c:
c5:88:21:26:69:ac:68:7d:01:f2:cb:b4:6e:91:11:a1:5f:99:
56:6a:f5:63:3e:a7:f8:10:81:cd:ec:ca:43:4d:62:9d:e9:cd:
69:6c:a4:6c:a6:48:59:78:05:3f:90:53:e2:08:11:d8:4f:d7:
56:f3:34:0b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYm/W0nHMzrUxW5DwoqQ7g9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjMwODA0MDcwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFiZDIyNjAzY2RjZTE4OWJmMmI1Y2FmNThiNDE0M2RkMmZhZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32iM5/OcHYeWdv9bfJGJ+ImaB36M
etQs2z0qo13ED6Eu61PWACoed9vKuTYBf+OgVVmKkqQaV0Sbeq5h2eCiZFQHbCMk
C/eX7X5HO63eJhzjDZtbE6nN7y7NhJTxw59bMC8jCfQtUO61K+gRG4/wWn5Xpdxc
zTYBWjX7HtpDtxaoIzPZi9ZjIr+BWSYdmsVAZ/RTDIY9jJfl7Ucluh9cFnVzrIJv
bLjgWvo9fgzlaOA2OPs/e/V4k0aRGnR/2cE6aVRAbYLcx7CTZs35HyZciIe0cT9m
vGZFh7mq0zwE8iDNYXtw74lHEvWXvfGQzyKYFfw766Upnt2g66v0uLsIwQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPir0iYDzc4Ym/K1yvWLQUPdL68TMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvMS1LdlNKZ1BOemhpYjhyWEs5WXRCUTkwdnJ4TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvZDVkYTBjLTljZjMtNGY4Yi1hNTYyLWNiMTFiYzViMmYx
Yi8xL3N5eWNKdDk4ellyVGpZbTlYVWs0QzVPeDRBay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAC0LOAME
AC0LOwMEAS2GrgMEAlverAMEAVvqxgMEALn+xwMEAcIqzgMEAcMaVjANBAIAAjAH
AwUAKgktwTANBgkqhkiG9w0BAQsFAAOCAQEAlXRgeiXsqxIIjEhDvDeZjOPBJSrz
WxpCJCS48oxibSQXm8K5XKUGYFaGNSh74VxBHBEHc2ab6AYJwFDG5+WE+dOA9Rd5
OAHWzqhxOy27PTGRbhM59d9A6MEL8IRedfOndSQFz9DkQ0yh/sKWzMzCP9kYxpd/
yUxNh2H1+UqNUk3N9kDcE0c0EvCYuUGodGkR52IAnzVIXcJDDAnpdOtmVgHJatqv
X+bvuOjsdhQp4+2HGEP5OibwGx8GhJdY8RVtlKtmvcd8xYghJmmsaH0B8su0bpER
oV+ZVmr1Yz6n+BCBzezKQ01inenNaWykbKZIWXgFP5BT4ggR2E/XVvM0Cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org