Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/K89UzuUB3sPTtNJumTvZdrd4FtQ.roa
File: K89UzuUB3sPTtNJumTvZdrd4FtQ.roa (raw, json)
Hash identifier: 1wvl/AV0W9zsxr9GOarJh1lUY35luuTSNJcfgv7F3tg=
Subject key identifier: 2B:CF:54:CE:E5:01:DE:C3:D3:B4:D2:6E:99:3B:D9:76:B7:78:16:D4
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018D6B90A002441737ACE7DA0E1D160642B0
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/K89UzuUB3sPTtNJumTvZdrd4FtQ.roa
Signing time: Fri 02 Feb 2024 20:44:16 +0000
ROA not before: Fri 02 Feb 2024 20:44:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.131.3.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 21:16:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:90:a0:02:44:17:37:ac:e7:da:0e:1d:16:06:42:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Feb 2 20:44:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bcf54cee501dec3d3b4d26e993bd976b77816d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:10:e7:62:9c:cb:af:44:d4:10:fe:2f:2e:6d:
bd:bd:1a:ab:1e:58:9b:df:ae:1d:d8:e4:21:7b:dd:
41:17:9c:cf:f5:08:9c:71:bc:06:d3:70:49:89:e3:
c1:2e:83:de:86:54:67:e9:55:b6:78:ff:9a:df:43:
b2:08:d8:7a:d4:6e:bd:4b:5e:4e:69:b3:c0:23:0e:
7f:50:9b:65:07:f0:bd:8b:e7:06:96:61:f4:7a:ec:
45:8a:92:8f:7a:1d:82:0a:51:79:b8:ca:ce:d4:46:
7a:61:0a:f6:b6:7f:ef:5d:a2:8f:3d:43:29:70:91:
6e:cc:34:90:48:c1:70:dc:54:b9:77:6b:25:b4:0f:
5d:9d:19:e0:7c:32:6e:19:72:78:40:70:80:db:10:
75:42:f1:f8:37:43:1f:50:22:17:60:1e:b6:2c:7c:
c6:5d:b9:d8:46:d2:19:10:9a:3d:ae:95:7f:b4:1c:
4c:2b:9e:4e:5f:12:b1:14:5e:f9:c1:3e:a4:cc:5e:
81:aa:29:3a:3a:26:b6:c7:a9:ce:32:24:a2:ef:5c:
9b:b1:20:98:b3:d4:eb:6f:ce:41:c5:62:85:e1:77:
eb:45:b9:9b:6f:91:ad:b0:92:56:4f:3e:83:d3:1e:
86:17:34:dd:de:5e:b7:5f:14:23:9d:37:03:96:20:
3b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CF:54:CE:E5:01:DE:C3:D3:B4:D2:6E:99:3B:D9:76:B7:78:16:D4
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/K89UzuUB3sPTtNJumTvZdrd4FtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.3.0/24
45.141.150.0/24
77.83.200.0/23
Signature Algorithm: sha256WithRSAEncryption
33:ae:43:7a:49:61:ff:d2:1a:c0:df:02:c5:69:6a:30:8a:34:
05:b4:06:12:03:35:00:0b:ff:65:74:e2:29:a7:84:f7:d3:2c:
ed:51:22:84:b8:c8:ca:f7:bc:80:32:58:89:0a:ab:32:49:45:
8b:ff:5a:43:eb:6c:18:d8:cd:fc:15:40:43:0e:99:0d:21:10:
54:69:39:90:9b:62:e6:62:44:68:18:00:57:c9:ff:cc:76:60:
b2:a8:f2:c5:05:e7:4c:d8:16:62:cb:2c:f0:6b:a4:aa:7f:91:
7e:c4:ce:dc:a6:23:68:f2:17:3a:a3:c1:ef:d4:b9:fe:21:99:
48:b4:05:0d:34:87:f9:34:03:cc:4e:a6:4a:45:70:39:ca:1a:
9e:f8:4f:47:b8:6e:80:f9:49:1a:ee:67:51:1b:8b:be:e3:2f:
46:d6:df:b8:97:d7:3b:07:7a:a1:0c:c8:ca:9c:5e:a0:8a:29:
2d:a2:98:6e:f8:9b:3b:ce:35:e8:61:f9:96:2c:e4:73:f4:65:
b0:1c:0f:09:a7:ab:f6:af:8d:2c:18:c5:5f:84:dc:4c:7d:ef:
91:69:48:0e:54:33:30:a7:e8:46:3d:a3:62:fb:f6:4d:43:ef:
7f:d7:1d:0a:c6:fa:cc:85:37:dc:a6:9b:28:9b:1c:06:8e:a9:
28:bb:ab:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1rkKACRBc3rOfaDh0WBkKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwMjAyMjA0NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmNmNTRjZWU1MDFkZWMzZDNiNGQyNmU5OTNiZDk3NmI3NzgxNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhDnYpzLr0TUEP4vLm29vRqrHlib
364d2OQhe91BF5zP9QiccbwG03BJiePBLoPehlRn6VW2eP+a30OyCNh61G69S15O
abPAIw5/UJtlB/C9i+cGlmH0euxFipKPeh2CClF5uMrO1EZ6YQr2tn/vXaKPPUMp
cJFuzDSQSMFw3FS5d2sltA9dnRngfDJuGXJ4QHCA2xB1QvH4N0MfUCIXYB62LHzG
XbnYRtIZEJo9rpV/tBxMK55OXxKxFF75wT6kzF6Bqik6Oia2x6nOMiSi71ybsSCY
s9Trb85BxWKF4XfrRbmbb5GtsJJWTz6D0x6GFzTd3l63XxQjnTcDliA7dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCvPVM7lAd7D07TSbpk72Xa3eBbUMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvSzg5VXp1VUIzc1BUdE5KdW1UdlpkcmQ0RnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYMDAwQA
LY2WAwQBTVPIMA0GCSqGSIb3DQEBCwUAA4IBAQAzrkN6SWH/0hrA3wLFaWowijQF
tAYSAzUAC/9ldOIpp4T30yztUSKEuMjK97yAMliJCqsySUWL/1pD62wY2M38FUBD
DpkNIRBUaTmQm2LmYkRoGABXyf/MdmCyqPLFBedM2BZiyyzwa6Sqf5F+xM7cpiNo
8hc6o8Hv1Ln+IZlItAUNNIf5NAPMTqZKRXA5yhqe+E9HuG6A+Uka7mdRG4u+4y9G
1t+4l9c7B3qhDMjKnF6giiktophu+Js7zjXoYfmWLORz9GWwHA8Jp6v2r40sGMVf
hNxMfe+RaUgOVDMwp+hGPaNi+/ZNQ+9/1x0KxvrMhTfcppsomxwGjqkou6t4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:28 2025 by rpki-client