Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kQxSpDKLy4wQtS6crCqAu2lHeys.roa
File: kQxSpDKLy4wQtS6crCqAu2lHeys.roa (raw, json)
Hash identifier: kEy98OE7LMCmxE7JY8OMeDSKaGchOAQDQt5BXF8pbEU=
Subject key identifier: 91:0C:52:A4:32:8B:CB:8C:10:B5:2E:9C:AC:2A:80:BB:69:47:7B:2B
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 01906EF43CF377B1FE16B1AAA27EDC8E2BD0
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kQxSpDKLy4wQtS6crCqAu2lHeys.roa
Signing time: Mon 01 Jul 2024 15:40:18 +0000
ROA not before: Mon 01 Jul 2024 15:40:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.147.159.0/24 maxlen: 24
77.111.117.0/24 maxlen: 24
77.111.123.0/24 maxlen: 24
92.61.106.0/24 maxlen: 24
92.61.109.0/24 maxlen: 24
185.112.240.0/24 maxlen: 24
185.112.241.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
185.112.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 09:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:f4:3c:f3:77:b1:fe:16:b1:aa:a2:7e:dc:8e:2b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jul 1 15:40:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=910c52a4328bcb8c10b52e9cac2a80bb69477b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:12:65:8e:1b:6e:06:87:f0:27:ab:f3:6f:9f:
c0:f4:16:16:ac:48:68:63:14:53:76:0e:1c:63:14:
30:12:f4:65:7e:44:ee:b9:42:e6:12:71:26:bd:c1:
6a:4f:f3:86:ea:bc:26:27:24:6d:27:e3:fc:61:0e:
07:a4:67:26:7f:f7:6d:b3:44:4e:61:3d:a5:58:9d:
bf:dd:0a:bd:b6:54:26:73:b1:01:28:f8:fb:e0:04:
b8:74:e5:85:cb:bb:6e:e8:9f:26:cf:a0:f0:2f:01:
a1:c1:bb:7a:3d:20:40:05:b9:e0:ac:3c:61:18:dc:
9e:89:40:97:9d:0b:ff:e9:78:8e:ac:98:79:fb:e4:
52:4a:cb:19:98:05:eb:91:a9:ba:9d:0f:ea:b9:d8:
4a:51:07:0d:af:61:42:d0:df:ac:d4:22:ee:b9:2e:
bd:df:44:b6:39:72:84:a2:2f:eb:1b:d2:27:74:9d:
cb:f2:c1:e3:1b:7e:2f:95:5e:58:17:16:ad:31:80:
6b:d0:34:49:88:82:6a:80:59:60:97:79:32:6c:14:
f5:3e:07:26:50:59:93:ac:ef:1f:a2:82:6c:5f:c8:
03:4d:59:39:ee:f2:50:e8:c3:66:69:8e:d3:05:9b:
45:f1:7b:62:0a:ac:42:0e:2a:ec:99:1e:90:98:ac:
1f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0C:52:A4:32:8B:CB:8C:10:B5:2E:9C:AC:2A:80:BB:69:47:7B:2B
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kQxSpDKLy4wQtS6crCqAu2lHeys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.159.0/24
77.111.117.0/24
77.111.123.0/24
92.61.106.0/24
92.61.109.0/24
185.112.240.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:92:8b:68:cb:9d:36:2f:d6:72:01:e7:7a:e5:8b:ac:bd:b5:
eb:92:2b:9d:a1:60:79:d5:5d:73:47:2a:15:87:23:eb:b0:f2:
23:79:23:b7:2f:a1:95:3e:c1:46:f8:62:4f:29:73:df:cc:04:
30:41:b0:0a:cf:60:60:5b:96:9e:87:a0:03:5c:9b:5f:ea:ba:
95:85:d3:b2:7d:83:16:93:8d:65:88:bf:df:5a:28:00:e5:7a:
f1:57:6c:0e:8c:a7:79:8b:84:93:2a:1e:6f:6d:7f:36:d5:6d:
05:07:a7:f0:93:0e:ba:34:a6:d4:73:46:12:c2:1d:08:5f:8e:
8d:af:8b:80:44:fa:dc:66:fc:ae:83:1a:73:1c:c3:fc:fd:a5:
c1:72:5b:39:2d:c3:09:9e:92:c0:3f:41:b0:13:68:48:5d:52:
ec:ac:8c:96:5f:e6:19:92:ff:f3:52:6b:e4:c0:a2:5f:26:25:
e5:8c:b0:ac:62:c6:e9:45:0b:2f:22:8c:11:c2:be:64:44:33:
17:df:e4:5a:06:7b:be:a8:b8:d0:0e:1c:9d:62:b6:72:7e:5c:
e1:23:42:db:24:29:4a:7b:88:df:40:ab:f3:ad:9d:a4:5a:a2:
9b:8b:de:ce:47:8c:67:9e:dd:b3:54:27:c2:12:c2:d5:2b:7f:
5f:02:65:84
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBu9Dzzd7H+FrGqon7cjivQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwNzAxMTU0MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBjNTJhNDMyOGJjYjhjMTBiNTJlOWNhYzJhODBiYjY5NDc3YjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BJljhtuBofwJ6vzb5/A9BYWrEho
YxRTdg4cYxQwEvRlfkTuuULmEnEmvcFqT/OG6rwmJyRtJ+P8YQ4HpGcmf/dts0RO
YT2lWJ2/3Qq9tlQmc7EBKPj74AS4dOWFy7tu6J8mz6DwLwGhwbt6PSBABbngrDxh
GNyeiUCXnQv/6XiOrJh5++RSSssZmAXrkam6nQ/qudhKUQcNr2FC0N+s1CLuuS69
30S2OXKEoi/rG9IndJ3L8sHjG34vlV5YFxatMYBr0DRJiIJqgFlgl3kybBT1Pgcm
UFmTrO8fooJsX8gDTVk57vJQ6MNmaY7TBZtF8XtiCqxCDirsmR6QmKwfhwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJEMUqQyi8uMELUunKwqgLtpR3srMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEva1F4U3BES0x5NHdRdFM2Y3JDcUF1MmxIZXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZOfAwQA
TW91AwQATW97AwQAXD1qAwQAXD1tAwQCuXDwMA0GCSqGSIb3DQEBCwUAA4IBAQDQ
kotoy502L9ZyAed65YusvbXrkiudoWB51V1zRyoVhyPrsPIjeSO3L6GVPsFG+GJP
KXPfzAQwQbAKz2BgW5aeh6ADXJtf6rqVhdOyfYMWk41liL/fWigA5XrxV2wOjKd5
i4STKh5vbX821W0FB6fwkw66NKbUc0YSwh0IX46Nr4uARPrcZvyugxpzHMP8/aXB
cls5LcMJnpLAP0GwE2hIXVLsrIyWX+YZkv/zUmvkwKJfJiXljLCsYsbpRQsvIowR
wr5kRDMX3+RaBnu+qLjQDhydYrZyflzhI0LbJClKe4jfQKvzrZ2kWqKbi97OR4xn
nt2zVCfCEsLVK39fAmWE
-----END CERTIFICATE-----
Generated at Wed Jul 24 12:45:20 2024 by rpki-client on console-ams.rpki-client.org