Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/KP1ofchiyLhCfsMfMbf162Dz6N8.roa
File: KP1ofchiyLhCfsMfMbf162Dz6N8.roa (raw, json)
Hash identifier: XyrLZxLN3WFPN8OUCU+bZLOM8kIPQn90rft4iEKyNd4=
Subject key identifier: 28:FD:68:7D:C8:62:C8:B8:42:7E:C3:1F:31:B7:F5:EB:60:F3:E8:DF
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 018F709F448CC35DAE119C5DF6C61AC13E61
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/KP1ofchiyLhCfsMfMbf162Dz6N8.roa
Signing time: Mon 13 May 2024 06:23:56 +0000
ROA not before: Mon 13 May 2024 06:23:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.242.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 06:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:70:9f:44:8c:c3:5d:ae:11:9c:5d:f6:c6:1a:c1:3e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: May 13 06:23:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28fd687dc862c8b8427ec31f31b7f5eb60f3e8df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:06:64:c6:99:3d:df:17:59:10:bc:67:30:59:
0e:a8:cf:0e:22:9e:28:37:58:79:08:42:98:2c:fd:
6e:59:1a:30:93:58:4a:90:65:b0:77:25:f8:20:19:
b8:5d:19:ad:8a:5a:d4:61:99:28:b0:5c:b0:cd:8a:
ac:da:a0:b4:40:f4:02:d5:24:a9:a3:a1:ba:8c:cd:
cb:a6:f2:88:5c:f6:45:4d:83:96:c5:4f:96:59:6f:
3f:97:d8:61:4c:72:d3:b6:29:cf:be:fc:0d:db:4c:
89:09:c3:3e:f1:30:9a:4c:b2:fb:26:2a:58:1d:ac:
68:71:ff:fe:f5:61:3a:8c:17:9d:b0:e9:74:21:5f:
4b:30:41:8b:b2:58:bc:0d:d5:0d:36:43:17:1e:82:
e8:22:5f:7e:32:e6:87:9d:da:f3:fd:10:cf:63:bd:
cf:b4:d1:68:95:d1:f3:ba:cf:30:a0:cc:0a:da:5d:
2e:80:8a:d1:40:f6:44:79:b7:ad:62:43:fe:74:10:
36:7e:c2:2a:4b:e9:93:9a:0c:8a:79:44:35:d8:6f:
6e:fe:ff:74:5d:93:a6:a8:68:46:de:c4:38:64:c7:
ad:b4:c9:a2:5d:05:18:4b:13:fe:ad:95:2a:ad:a6:
6f:43:25:22:cd:8b:1a:c3:d9:86:8f:dc:0a:51:3a:
d8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FD:68:7D:C8:62:C8:B8:42:7E:C3:1F:31:B7:F5:EB:60:F3:E8:DF
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/KP1ofchiyLhCfsMfMbf162Dz6N8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/24
194.143.214.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:c6:d5:66:40:bc:6d:7b:70:3b:b6:da:9b:b4:50:5f:a5:35:
98:d4:11:cf:f8:e2:a7:f1:45:5a:72:6d:83:c4:b2:a2:e5:04:
74:3a:ee:62:f4:bd:96:df:79:f7:c6:3a:e4:44:f2:26:21:c5:
9c:e9:b9:10:b8:95:c8:ad:c2:98:ca:71:5c:51:12:fe:7c:df:
ff:5d:70:18:28:11:ee:f3:0b:25:5f:a0:ca:57:5f:fc:17:f1:
2e:44:93:fb:52:99:84:6c:e0:b5:bd:32:28:ea:a0:c0:d6:2a:
54:3d:c9:d2:fd:ca:ad:68:b1:ef:ef:15:15:35:fc:d0:41:6f:
41:e8:21:31:86:1f:cc:f4:24:56:e0:f0:f3:5c:6a:56:dc:2a:
97:f7:bf:3c:62:28:d9:da:07:b1:4d:6a:4c:c9:ad:0f:c6:04:
0b:47:7a:0a:26:1d:0e:6d:9f:6e:cd:7a:fe:ec:e2:91:25:83:
53:9a:7d:38:1d:27:6f:be:e3:46:c2:6e:a3:f6:5a:5b:27:18:
a7:14:66:18:43:54:f0:98:07:a7:13:63:22:10:96:0b:4b:27:
a2:c0:e7:76:48:96:b3:38:71:d8:a9:a5:34:27:fa:c2:26:79:
28:ba:64:3a:b1:f2:30:3b:e4:af:9a:00:6d:5f:9d:79:aa:56:
f7:4a:51:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9wn0SMw12uEZxd9sYawT5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNTEzMDYyMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZkNjg3ZGM4NjJjOGI4NDI3ZWMzMWYzMWI3ZjVlYjYwZjNlOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgZkxpk93xdZELxnMFkOqM8OIp4o
N1h5CEKYLP1uWRowk1hKkGWwdyX4IBm4XRmtilrUYZkosFywzYqs2qC0QPQC1SSp
o6G6jM3LpvKIXPZFTYOWxU+WWW8/l9hhTHLTtinPvvwN20yJCcM+8TCaTLL7JipY
Haxocf/+9WE6jBedsOl0IV9LMEGLsli8DdUNNkMXHoLoIl9+MuaHndrz/RDPY73P
tNFoldHzus8woMwK2l0ugIrRQPZEebetYkP+dBA2fsIqS+mTmgyKeUQ12G9u/v90
XZOmqGhG3sQ4ZMettMmiXQUYSxP+rZUqraZvQyUizYsaw9mGj9wKUTrYKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCj9aH3IYsi4Qn7DHzG39etg8+jfMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvS1Axb2ZjaGl5TGhDZnNNZk1iZjE2MkR6Nk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZvyAwQA
wo/WMA0GCSqGSIb3DQEBCwUAA4IBAQBsxtVmQLxte3A7ttqbtFBfpTWY1BHP+OKn
8UVacm2DxLKi5QR0Ou5i9L2W33n3xjrkRPImIcWc6bkQuJXIrcKYynFcURL+fN//
XXAYKBHu8wslX6DKV1/8F/EuRJP7UpmEbOC1vTIo6qDA1ipUPcnS/cqtaLHv7xUV
NfzQQW9B6CExhh/M9CRW4PDzXGpW3CqX9788YijZ2gexTWpMya0PxgQLR3oKJh0O
bZ9uzXr+7OKRJYNTmn04HSdvvuNGwm6j9lpbJxinFGYYQ1TwmAenE2MiEJYLSyei
wOd2SJazOHHYqaU0J/rCJnkoumQ6sfIwO+SvmgBtX515qlb3SlG2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:40 2024 by rpki-client on console-ams.rpki-client.org