Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/kLPCNATM_VYLiCEOI2D7KXJgLLo.roa
File: kLPCNATM_VYLiCEOI2D7KXJgLLo.roa (raw, json)
Hash identifier: od5PkTotvriXwOTD8QTWVTWMB6i0ziRwWbZQW1xMJX0=
Subject key identifier: 90:B3:C2:34:04:CC:FD:56:0B:88:21:0E:23:60:FB:29:72:60:2C:BA
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018CC86F1068068E467125A6E591DE5C3EC7
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/kLPCNATM_VYLiCEOI2D7KXJgLLo.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.18.0/24 maxlen: 24
5.11.24.0/22 maxlen: 22
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.21.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 08:42:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:10:68:06:8e:46:71:25:a6:e5:91:de:5c:3e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90b3c23404ccfd560b88210e2360fb2972602cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8f:9f:4f:31:b6:9b:f0:04:43:7b:dc:17:b6:
04:40:e7:e1:b5:02:e7:85:0c:39:03:9e:a3:a7:bb:
88:aa:24:f6:f9:65:57:17:0f:9f:37:99:10:c2:df:
1c:ec:79:3e:fc:4e:ab:46:53:ea:c3:a6:1b:cb:61:
9a:6c:30:97:28:23:21:2f:2b:e4:0d:df:0b:67:51:
20:78:06:3e:4d:36:6f:36:2c:11:e9:c5:1a:9c:15:
38:aa:81:03:be:3c:4b:74:89:23:66:da:ec:4e:b3:
72:52:1a:d4:2b:32:94:a8:2c:c6:ed:0e:a5:dd:26:
43:64:8c:4c:08:4b:02:11:d3:6d:62:44:49:ca:52:
3a:b4:50:b7:84:c7:af:ff:68:ca:b8:08:bb:d2:79:
9c:03:bd:f2:63:16:c8:04:a5:dd:3a:3e:f2:fc:74:
61:71:5e:a9:b0:7c:4d:35:84:81:51:03:85:11:81:
02:24:0a:0b:6b:1b:35:2f:f9:af:37:ef:7e:38:c7:
e1:9a:10:b9:a6:1c:a7:69:9f:7f:80:17:68:3b:8f:
b7:b6:96:46:e2:e2:fa:28:85:20:37:05:bd:f4:dd:
42:6d:6a:84:aa:8d:e4:1d:fb:e6:9f:fc:26:d7:c4:
fc:7b:f5:bb:b8:24:cd:74:ce:5a:62:96:52:fb:dc:
2c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B3:C2:34:04:CC:FD:56:0B:88:21:0E:23:60:FB:29:72:60:2C:BA
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/kLPCNATM_VYLiCEOI2D7KXJgLLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/21
80.251.10.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:4c:96:5a:e2:1a:f0:03:c3:fc:0d:aa:20:17:9a:f3:7b:3a:
d5:6b:5e:da:30:bb:e3:e9:8f:89:fa:33:ae:c5:ab:7a:e9:bf:
99:2c:5a:23:55:5f:7d:7b:85:3e:96:15:db:c9:3a:16:59:86:
27:23:17:3c:93:03:cb:b9:bd:8f:c2:dd:6c:a1:20:21:35:5f:
78:3c:a6:45:a2:86:a5:04:4f:51:80:26:d6:dd:d4:80:3b:51:
58:f4:56:a2:55:75:e1:6a:0e:d3:64:96:43:5d:aa:32:0a:db:
2d:95:72:f3:90:35:5a:9e:b6:d7:b5:2d:03:eb:e0:ea:4c:20:
e8:6b:07:60:7a:96:55:f8:d8:ad:98:16:4a:b7:df:52:99:a7:
b3:55:d6:73:01:6d:9b:47:34:cf:34:ae:6f:2f:a0:fe:54:0a:
e7:ae:7d:ad:5e:a8:33:38:20:39:d7:ab:53:90:84:0d:21:64:
ac:3e:a5:37:56:9a:09:f1:c8:66:a6:19:4d:eb:e7:be:f6:fe:
c8:b7:5c:8b:e5:7d:2a:b4:bb:76:8f:78:ef:da:2e:e3:0c:51:
a7:ed:97:d2:37:1e:18:05:80:7b:3c:24:34:9f:b5:19:fc:d5:
cc:36:ee:e6:16:a7:32:00:15:44:2d:53:f9:11:80:be:92:5f:
b7:fe:5d:f2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIbxBoBo5GcSWm5ZHeXD7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGIzYzIzNDA0Y2NmZDU2MGI4ODIxMGUyMzYwZmIyOTcyNjAyY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Y+fTzG2m/AEQ3vcF7YEQOfhtQLn
hQw5A56jp7uIqiT2+WVXFw+fN5kQwt8c7Hk+/E6rRlPqw6Yby2GabDCXKCMhLyvk
Dd8LZ1EgeAY+TTZvNiwR6cUanBU4qoEDvjxLdIkjZtrsTrNyUhrUKzKUqCzG7Q6l
3SZDZIxMCEsCEdNtYkRJylI6tFC3hMev/2jKuAi70nmcA73yYxbIBKXdOj7y/HRh
cV6psHxNNYSBUQOFEYECJAoLaxs1L/mvN+9+OMfhmhC5phynaZ9/gBdoO4+3tpZG
4uL6KIUgNwW99N1CbWqEqo3kHfvmn/wm18T8e/W7uCTNdM5aYpZS+9wsbQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJCzwjQEzP1WC4ghDiNg+ylyYCy6MB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEva0xQQ05BVE1fVllMaUNFT0kyRDdLWEpnTExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAMFCxgDBAFQ+wowDQYJKoZIhvcNAQELBQADggEBAFtMllri
GvADw/wNqiAXmvN7OtVrXtowu+Ppj4n6M67Fq3rpv5ksWiNVX317hT6WFdvJOhZZ
hicjFzyTA8u5vY/C3WyhICE1X3g8pkWihqUET1GAJtbd1IA7UVj0VqJVdeFqDtNk
lkNdqjIK2y2VcvOQNVqette1LQPr4OpMIOhrB2B6llX42K2YFkq331KZp7NV1nMB
bZtHNM80rm8voP5UCueufa1eqDM4IDnXq1OQhA0hZKw+pTdWmgnxyGamGU3r5772
/si3XIvlfSq0u3aPeO/aLuMMUaftl9I3HhgFgHs8JDSftRn81cw27uYWpzIAFUQt
U/kRgL6SX7f+XfI=
-----END CERTIFICATE-----
Generated at Mon Nov 18 10:07:14 2024 by rpki-client on console-fra.rpki-client.org