Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/kSwhKremxL7HwU0Vjau-LcppH4w.roa
File: kSwhKremxL7HwU0Vjau-LcppH4w.roa (raw, json)
Hash identifier: tHopfUGrDra7KHJV4zUX4bd+RYlnGGK6d0bjVfcMR1w=
Subject key identifier: 91:2C:21:2A:B7:A6:C4:BE:C7:C1:4D:15:8D:AB:BE:2D:CA:69:1F:8C
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018DEA9E21C4ED9B9343DF979DE7F8F65053
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/kSwhKremxL7HwU0Vjau-LcppH4w.roa
Signing time: Tue 27 Feb 2024 12:50:48 +0000
ROA not before: Tue 27 Feb 2024 12:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 12:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:9e:21:c4:ed:9b:93:43:df:97:9d:e7:f8:f6:50:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 27 12:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=912c212ab7a6c4bec7c14d158dabbe2dca691f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b5:f3:32:cc:6c:7b:d5:ef:35:7a:2e:f3:e7:
e4:f6:6a:5e:af:57:49:9c:06:06:90:59:b5:15:56:
d3:7e:bd:5e:44:22:e7:62:b3:39:98:b6:5f:fb:2b:
83:05:7e:c5:90:09:4a:57:10:0e:d6:5a:d3:0c:fd:
8f:f8:5a:d4:a7:f0:46:77:b6:7a:48:5a:54:9c:fc:
37:6f:cc:a0:c1:1f:64:e6:a8:e1:f4:cf:36:6d:f3:
da:c2:c3:5e:99:33:bd:2b:cb:65:82:61:62:7b:a1:
b1:e6:30:52:08:90:8f:23:19:25:b2:a5:34:1c:61:
f8:24:da:ea:06:08:a4:fe:03:f1:01:c0:3d:34:2e:
ab:4d:4b:7b:ee:9f:e1:2a:15:05:83:46:79:d4:94:
be:96:62:0a:d7:2b:0d:8f:cd:52:18:54:a8:aa:dc:
7f:a4:59:84:d6:4b:33:3d:c4:dd:3a:0f:c2:02:45:
dd:f3:cd:8a:9a:94:87:9c:e7:5e:af:9e:60:dc:4b:
2f:25:ab:b9:8c:a4:c3:26:e0:26:62:65:7a:fb:4a:
a2:88:25:d1:59:56:7c:77:4a:eb:45:38:c2:7f:b2:
16:aa:e3:5a:eb:8f:58:6c:1a:8e:54:d4:1f:19:4a:
74:3b:06:4c:c2:93:92:ed:95:ed:3b:c5:e8:d2:e8:
5d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2C:21:2A:B7:A6:C4:BE:C7:C1:4D:15:8D:AB:BE:2D:CA:69:1F:8C
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/kSwhKremxL7HwU0Vjau-LcppH4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
93.152.206.0/24
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.220.0/23
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:86:74:9b:47:4f:60:e3:ed:88:f8:57:5d:13:99:4b:25:63:
f8:39:b6:8b:2f:f3:ea:96:97:a8:db:30:37:60:41:b5:f1:ef:
49:a2:f1:f6:16:c7:e2:71:15:2a:37:73:2d:13:f8:fb:13:7f:
92:a3:77:42:6a:eb:60:b3:6b:98:59:fd:d8:db:ae:c2:de:7d:
6e:57:c2:28:63:a7:91:ff:70:2c:d2:df:40:5b:63:79:a5:a9:
ab:b8:07:93:a0:5d:59:a3:43:30:be:cf:2d:2a:a3:b5:c2:f8:
6a:38:2f:43:d9:3e:36:a4:45:1b:49:7e:4a:41:ba:ad:6f:2c:
3e:7b:b3:b2:e0:61:36:4e:6c:0a:1c:77:a6:54:a3:54:5e:d1:
97:97:51:b4:39:ac:1d:1d:4e:ef:b6:fd:25:1f:d5:0e:da:27:
05:47:e3:a6:d0:51:d8:25:96:bc:28:2e:23:b0:55:a2:0c:61:
4e:1d:34:59:ed:10:2e:ca:b7:44:8a:6d:26:f9:68:b0:ed:36:
36:61:d6:3f:7e:38:f8:41:17:dc:a7:1a:a9:a1:87:aa:30:6a:
08:81:99:28:18:e7:8d:25:bb:c6:dc:bb:c7:58:97:91:3b:53:
c0:72:87:bb:aa:16:ca:33:f1:00:b9:ef:dd:2a:e9:31:d8:d7:
3a:00:50:16
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY3qniHE7ZuTQ9+Xnef49lBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMjI3MTI1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJjMjEyYWI3YTZjNGJlYzdjMTRkMTU4ZGFiYmUyZGNhNjkxZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprXzMsxse9XvNXou8+fk9mper1dJ
nAYGkFm1FVbTfr1eRCLnYrM5mLZf+yuDBX7FkAlKVxAO1lrTDP2P+FrUp/BGd7Z6
SFpUnPw3b8ygwR9k5qjh9M82bfPawsNemTO9K8tlgmFie6Gx5jBSCJCPIxklsqU0
HGH4JNrqBgik/gPxAcA9NC6rTUt77p/hKhUFg0Z51JS+lmIK1ysNj81SGFSoqtx/
pFmE1kszPcTdOg/CAkXd882KmpSHnOder55g3EsvJau5jKTDJuAmYmV6+0qiiCXR
WVZ8d0rrRTjCf7IWquNa649YbBqOVNQfGUp0OwZMwpOS7ZXtO8Xo0uhdsQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJEsISq3psS+x8FNFY2rvi3KaR+MMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEva1N3aEtyZW14TDdId1UwVmphdS1MY3BwSDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQALY3oAwQA
LY3rAwQAXZjOMAwDBABdmNEDBAJdmNAwDAMEAF2Y1QMEAF2Y2AMEAV2Y3AMEAF2Y
3zANBgkqhkiG9w0BAQsFAAOCAQEAPoZ0m0dPYOPtiPhXXROZSyVj+Dm2iy/z6paX
qNswN2BBtfHvSaLx9hbH4nEVKjdzLRP4+xN/kqN3QmrrYLNrmFn92Nuuwt59blfC
KGOnkf9wLNLfQFtjeaWpq7gHk6BdWaNDML7PLSqjtcL4ajgvQ9k+NqRFG0l+SkG6
rW8sPnuzsuBhNk5sChx3plSjVF7Rl5dRtDmsHR1O77b9JR/VDtonBUfjptBR2CWW
vCguI7BVogxhTh00We0QLsq3RIptJvlosO02NmHWP344+EEX3KcaqaGHqjBqCIGZ
KBjnjSW7xty7x1iXkTtTwHKHu6oWyjPxALnv3SrpMdjXOgBQFg==
-----END CERTIFICATE-----
Generated at Fri Mar 1 16:01:14 2024 by rpki-client on console-fra.rpki-client.org