Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KbtU2TumBfKRF8j9MKnjPNUxrV4.roa
File: KbtU2TumBfKRF8j9MKnjPNUxrV4.roa (raw, json)
Hash identifier: nmrmn87lJlRM5JHJGppVbBUp23xYhvU79n/jvo5n1Rg=
Subject key identifier: 29:BB:54:D9:3B:A6:05:F2:91:17:C8:FD:30:A9:E3:3C:D5:31:AD:5E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018679CFA88D80911125C5C39D98199C7638
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KbtU2TumBfKRF8j9MKnjPNUxrV4.roa
Signing time: Wed 22 Feb 2023 15:48:17 +0000
ROA not before: Wed 22 Feb 2023 15:48:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212017
IP address blocks: 185.128.52.0/22 maxlen: 22
185.121.12.0/22 maxlen: 22
185.227.172.0/22 maxlen: 22
45.90.236.0/24 maxlen: 24
45.90.237.0/24 maxlen: 24
194.48.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:cf:a8:8d:80:91:11:25:c5:c3:9d:98:19:9c:76:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 22 15:48:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29bb54d93ba605f29117c8fd30a9e33cd531ad5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0f:08:18:7b:c0:41:7e:8e:02:f7:47:ff:7a:
5d:01:b3:df:e5:b8:50:be:ca:37:c9:81:8d:23:97:
4a:1e:3f:4e:83:a6:35:3f:26:e2:30:0f:67:fc:bc:
60:25:0f:20:5a:b9:0f:9a:bc:68:96:52:d8:f0:11:
56:2b:c5:8f:09:dc:8f:ec:43:c2:65:e8:f7:21:10:
66:94:65:3f:c5:3d:70:f7:5e:98:23:a4:8c:35:d5:
bf:1d:a1:70:a9:0a:66:d0:c9:46:9c:0d:48:20:11:
1d:48:c2:33:e0:29:3e:6f:a5:7c:fe:c9:2a:a8:1d:
4c:da:56:57:43:66:a7:23:8d:0a:f7:c4:6e:4b:42:
02:91:b7:c2:bc:50:7f:65:01:c8:bc:a8:38:5e:ba:
61:81:b0:88:82:de:c2:df:fb:85:ea:9a:dc:7e:57:
8b:6c:7f:1c:bf:76:b1:e2:57:5a:43:0a:b0:ee:17:
ed:83:cc:c9:71:14:08:65:2c:69:ae:94:05:96:67:
9e:b5:a4:53:7c:b7:a5:18:85:4a:8f:8b:5c:22:05:
89:23:71:44:a3:25:4e:44:dc:81:dd:36:69:88:34:
f1:b6:d7:0e:08:ef:1e:92:51:7d:49:1a:da:22:f0:
90:98:e7:27:9f:38:04:72:78:5d:fc:4c:b9:55:02:
07:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BB:54:D9:3B:A6:05:F2:91:17:C8:FD:30:A9:E3:3C:D5:31:AD:5E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KbtU2TumBfKRF8j9MKnjPNUxrV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/23
185.121.12.0/22
185.128.52.0/22
185.227.172.0/22
194.48.140.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:a6:17:31:9a:ea:8a:e5:0b:a2:0e:97:f0:10:d6:07:5a:a6:
54:b3:6b:e8:e7:5a:2c:e8:6b:72:23:ed:27:e7:cb:15:eb:66:
95:88:0c:e7:52:f3:7f:e3:f5:56:8c:38:54:c3:54:d1:de:97:
c4:06:7e:4a:ad:7f:01:1a:e4:c6:84:89:f0:56:85:de:32:a9:
e8:b0:16:e6:ff:8b:f8:6c:7f:1c:33:2c:96:a9:98:ad:13:c2:
cb:6b:d0:c3:a5:f3:82:65:67:23:4e:1a:d6:5d:36:de:19:bd:
61:d9:ad:92:e4:0b:dd:67:49:95:cb:3d:24:83:07:0e:a6:c0:
9c:ee:8f:1d:37:d0:d0:2c:70:ed:c6:53:e1:99:f7:7f:84:ae:
42:de:28:67:bb:2e:ff:c6:a0:75:d5:87:57:39:a9:4a:02:ee:
d9:86:8e:89:49:a1:92:bb:ed:4a:3f:13:ed:5e:98:0b:5b:14:
d6:f7:7c:7c:b8:98:c1:3b:f2:4b:9a:c3:fd:d9:76:dc:b5:00:
81:98:53:b2:49:19:e7:16:cc:22:84:42:9b:62:b9:10:db:60:
0f:1c:2a:fa:04:e5:b8:d5:45:42:56:ea:89:6f:7d:72:53:83:
e3:92:9b:0f:d2:64:d8:5a:01:aa:2f:37:c6:d9:cf:83:33:46:
ce:d1:51:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZ5z6iNgJERJcXDnZgZnHY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMjIyMTU0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJiNTRkOTNiYTYwNWYyOTExN2M4ZmQzMGE5ZTMzY2Q1MzFhZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ8IGHvAQX6OAvdH/3pdAbPf5bhQ
vso3yYGNI5dKHj9Og6Y1PybiMA9n/LxgJQ8gWrkPmrxollLY8BFWK8WPCdyP7EPC
Zej3IRBmlGU/xT1w916YI6SMNdW/HaFwqQpm0MlGnA1IIBEdSMIz4Ck+b6V8/skq
qB1M2lZXQ2anI40K98RuS0ICkbfCvFB/ZQHIvKg4XrphgbCIgt7C3/uF6prcfleL
bH8cv3ax4ldaQwqw7hftg8zJcRQIZSxprpQFlmeetaRTfLelGIVKj4tcIgWJI3FE
oyVORNyB3TZpiDTxttcOCO8eklF9SRraIvCQmOcnnzgEcnhd/Ey5VQIH8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCm7VNk7pgXykRfI/TCp4zzVMa1eMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS2J0VTJUdW1CZktSRjhqOU1LbmpQTlV4clY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVrsAwQC
uXkMAwQCuYA0AwQCueOsAwQCwjCMMA0GCSqGSIb3DQEBCwUAA4IBAQBcphcxmuqK
5QuiDpfwENYHWqZUs2vo51os6GtyI+0n58sV62aViAznUvN/4/VWjDhUw1TR3pfE
Bn5KrX8BGuTGhInwVoXeMqnosBbm/4v4bH8cMyyWqZitE8LLa9DDpfOCZWcjThrW
XTbeGb1h2a2S5AvdZ0mVyz0kgwcOpsCc7o8dN9DQLHDtxlPhmfd/hK5C3ihnuy7/
xqB11YdXOalKAu7Zho6JSaGSu+1KPxPtXpgLWxTW93x8uJjBO/JLmsP92XbctQCB
mFOySRnnFswihEKbYrkQ22APHCr6BOW41UVCVuqJb31yU4PjkpsP0mTYWgGqLzfG
2c+DM0bO0VEN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org