Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/KHDtFU_kLO6Sp3e9f9h_BInozTk.roa
File: KHDtFU_kLO6Sp3e9f9h_BInozTk.roa (raw, json)
Hash identifier: FJWhS1cHeVDZAyhh5b5CPVOlHrkh0B4hsG9cAvBa2Ts=
Subject key identifier: 28:70:ED:15:4F:E4:2C:EE:92:A7:77:BD:7F:D8:7F:04:89:E8:CD:39
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01920F32EE567AA219CF27F62F95A28AE75A
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/KHDtFU_kLO6Sp3e9f9h_BInozTk.roa
Signing time: Fri 20 Sep 2024 11:30:48 +0000
ROA not before: Fri 20 Sep 2024 11:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39144
IP address blocks: 45.155.241.0/24 maxlen: 24
194.143.211.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 10:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:32:ee:56:7a:a2:19:cf:27:f6:2f:95:a2:8a:e7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Sep 20 11:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2870ed154fe42cee92a777bd7fd87f0489e8cd39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:a8:f8:2c:5a:1f:95:e0:01:d3:46:5a:50:
5e:46:d5:fc:f2:84:af:d8:b9:d9:db:19:cb:84:13:
14:d8:89:96:60:fb:e8:62:c0:a0:76:aa:4c:a5:54:
49:61:9b:9a:e6:f4:43:fc:79:98:7c:ba:07:e6:54:
aa:21:45:bb:fe:d3:52:d7:0e:3f:ef:48:88:bb:02:
0e:dd:98:17:a1:e1:11:8b:b9:07:50:86:e3:46:7c:
5d:a0:12:e3:d7:3b:35:e6:e2:4e:7c:d9:91:13:f3:
1f:52:79:37:a0:ca:1c:c4:79:0b:76:3a:95:83:d3:
de:8d:7a:75:1b:14:65:34:21:c5:bd:29:91:aa:9d:
67:bf:2b:5d:90:ab:da:60:a9:65:ea:8d:d9:cb:33:
5e:13:5b:fb:2e:4c:dd:d8:f1:d0:43:f0:d1:62:25:
74:8c:9a:50:2e:4d:69:36:50:35:d1:c8:1b:4b:84:
0b:78:82:18:8b:5d:d4:8b:7c:82:9d:76:11:67:91:
66:fb:ef:e0:d6:9b:bd:e2:b0:a6:69:26:f3:7c:67:
20:30:3b:46:f6:b9:5f:96:ad:49:eb:bd:62:46:28:
e0:bf:97:25:c1:7c:06:b3:64:ff:29:bb:8a:88:94:
75:8c:b7:b1:80:2d:18:63:f8:ee:a5:0c:94:ab:54:
14:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:70:ED:15:4F:E4:2C:EE:92:A7:77:BD:7F:D8:7F:04:89:E8:CD:39
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/KHDtFU_kLO6Sp3e9f9h_BInozTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.241.0/24
194.143.211.0/24
194.143.214.0/24
195.114.192.0/24
Signature Algorithm: sha256WithRSAEncryption
39:9e:6a:d4:cb:9d:2f:bd:da:67:3f:7c:e5:c1:f3:ba:8d:7f:
34:b4:06:40:da:78:2a:6c:85:f5:43:ff:57:bd:31:07:c5:82:
1b:af:09:c1:74:3e:0c:35:47:35:00:d5:8f:70:58:26:30:4e:
fb:81:a3:7d:e3:be:81:10:fc:10:e2:3c:0a:f0:df:bf:51:98:
02:6a:04:23:15:be:c3:55:5f:e3:29:ae:3c:d5:ad:64:5d:2e:
6b:d5:07:56:d5:fb:f0:37:ea:a1:49:ac:81:6e:d9:b1:5a:b8:
d5:45:bc:90:9a:50:d3:43:f5:77:09:b1:85:90:85:40:0a:12:
a9:0a:10:64:c8:46:ac:0e:ac:7d:5c:71:da:58:e7:89:99:b8:
a2:6b:54:82:2b:68:35:23:d6:4f:99:3c:de:38:37:63:fe:89:
ab:b9:f4:4c:fd:3f:6e:95:e4:0d:62:c3:28:b3:f8:c5:a9:6d:
0f:d3:7f:8c:62:b6:89:7e:ac:6c:a2:2b:de:48:9e:32:21:d7:
64:87:be:70:ee:61:2e:5f:d0:fd:7c:b2:f5:d9:f4:33:cc:a9:
ea:13:31:c6:40:61:fd:27:9b:f0:99:ff:45:af:9f:e3:75:af:
49:f9:0d:1f:0c:80:89:a7:6c:81:88:7b:59:e3:94:ff:99:00:
45:d6:0d:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIPMu5WeqIZzyf2L5WiiudaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwOTIwMTEzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODcwZWQxNTRmZTQyY2VlOTJhNzc3YmQ3ZmQ4N2YwNDg5ZThjZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/qo+CxaH5XgAdNGWlBeRtX88oSv
2LnZ2xnLhBMU2ImWYPvoYsCgdqpMpVRJYZua5vRD/HmYfLoH5lSqIUW7/tNS1w4/
70iIuwIO3ZgXoeERi7kHUIbjRnxdoBLj1zs15uJOfNmRE/MfUnk3oMocxHkLdjqV
g9PejXp1GxRlNCHFvSmRqp1nvytdkKvaYKll6o3ZyzNeE1v7Lkzd2PHQQ/DRYiV0
jJpQLk1pNlA10cgbS4QLeIIYi13Ui3yCnXYRZ5Fm++/g1pu94rCmaSbzfGcgMDtG
9rlflq1J671iRijgv5clwXwGs2T/KbuKiJR1jLexgC0YY/jupQyUq1QUSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFChw7RVP5Czukqd3vX/YfwSJ6M05MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvS0hEdEZVX2tMTzZTcDNlOWY5aF9CSW5velRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZvxAwQA
wo/TAwQAwo/WAwQAw3LAMA0GCSqGSIb3DQEBCwUAA4IBAQA5nmrUy50vvdpnP3zl
wfO6jX80tAZA2ngqbIX1Q/9XvTEHxYIbrwnBdD4MNUc1ANWPcFgmME77gaN9476B
EPwQ4jwK8N+/UZgCagQjFb7DVV/jKa481a1kXS5r1QdW1fvwN+qhSayBbtmxWrjV
RbyQmlDTQ/V3CbGFkIVAChKpChBkyEasDqx9XHHaWOeJmbiia1SCK2g1I9ZPmTze
ODdj/omrufRM/T9uleQNYsMos/jFqW0P03+MYraJfqxsoiveSJ4yIddkh75w7mEu
X9D9fLL12fQzzKnqEzHGQGH9J5vwmf9Fr5/jda9J+Q0fDICJp2yBiHtZ45T/mQBF
1g3J
-----END CERTIFICATE-----
Generated at Fri Nov 15 14:01:50 2024 by rpki-client on console-fra.rpki-client.org