Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kBYffRpq12_KUOF3JWo-xPYKbl8.roa
File: kBYffRpq12_KUOF3JWo-xPYKbl8.roa (raw, json)
Hash identifier: TgQkE3DLyy1hssOFa6xeW9ROdpMSOCkO0p0zUjd8LII=
Subject key identifier: 90:16:1F:7D:1A:6A:D7:6F:CA:50:E1:77:25:6A:3E:C4:F6:0A:6E:5F
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0191B16E5159C27E578AE2C37E99345047B1
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kBYffRpq12_KUOF3JWo-xPYKbl8.roa
Signing time: Mon 02 Sep 2024 06:31:22 +0000
ROA not before: Mon 02 Sep 2024 06:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.242.0/24 maxlen: 24
194.143.211.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 07:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:6e:51:59:c2:7e:57:8a:e2:c3:7e:99:34:50:47:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Sep 2 06:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90161f7d1a6ad76fca50e177256a3ec4f60a6e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:66:2f:fc:4c:20:de:a2:04:8f:bd:1b:82:
e8:be:78:2d:fe:f9:01:af:d8:ee:b9:18:98:f4:af:
54:9d:71:1e:5b:eb:8d:56:81:07:53:1e:b0:1e:48:
e6:aa:6d:0e:85:ff:b9:ea:47:f3:42:dc:9a:0a:fd:
f1:a0:8d:b1:da:de:35:63:b1:05:85:67:13:45:1c:
1d:a6:98:c7:f1:58:d9:8b:20:63:3d:1b:c1:ab:78:
00:22:ae:52:0c:ea:fe:bd:89:1e:b7:0b:02:09:f8:
13:5c:bd:a1:59:97:3b:f3:63:2b:11:ab:af:ae:47:
34:c1:25:04:54:90:8c:df:f8:a1:b3:6c:ea:05:0d:
f8:12:40:b8:27:4c:91:99:2e:0d:29:b4:48:88:11:
32:a6:89:b7:fe:16:31:34:2e:6d:8a:bd:04:e4:66:
7c:69:54:d1:64:ed:cd:af:39:54:27:d4:0f:95:ca:
13:bc:36:b9:49:db:93:0b:d8:87:e3:ed:b4:1a:96:
35:94:8e:18:50:8c:6a:df:9c:9c:1c:77:05:6e:c9:
d2:ec:81:b7:e5:41:00:5f:97:1a:49:6d:04:e6:63:
74:70:48:41:87:42:1f:c1:62:6e:96:d0:32:27:ec:
35:eb:05:1c:aa:9f:f4:e5:18:77:b6:00:5d:16:9c:
35:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:16:1F:7D:1A:6A:D7:6F:CA:50:E1:77:25:6A:3E:C4:F6:0A:6E:5F
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kBYffRpq12_KUOF3JWo-xPYKbl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/24
194.143.211.0/24
194.143.214.0/24
195.114.192.0/24
Signature Algorithm: sha256WithRSAEncryption
04:18:2c:d0:2f:89:4e:75:6c:01:f3:e7:a3:ac:b4:bd:59:de:
8d:cd:f5:dd:50:3c:c5:15:d9:2a:4f:72:fb:56:de:ad:9b:c1:
be:1c:09:49:83:26:e5:25:db:c5:84:45:7f:51:d5:b0:a1:0d:
0a:d6:db:22:f0:35:53:0a:c1:78:5c:c9:a2:1b:69:65:2f:d0:
3e:e3:87:48:25:75:55:3d:0e:7c:94:85:bb:c9:d8:a4:a8:14:
19:ed:20:c5:a1:b5:8e:4b:0e:d5:28:ff:ce:13:83:ca:e3:57:
c5:c4:a3:47:7c:5e:76:74:65:5d:e1:49:b4:a9:d1:eb:e7:8a:
97:09:c6:b2:43:bc:df:d5:bb:2b:47:b7:cc:62:dd:6f:5b:85:
22:9e:a5:10:d8:c9:6c:88:99:be:1c:6e:64:e9:14:d1:b7:ec:
a3:2f:00:73:0a:d8:b4:1b:27:11:05:c1:26:62:2e:cf:bc:ef:
d8:8e:d4:50:ef:c6:45:98:ce:4b:b2:bc:7d:a5:a9:fb:92:03:
cd:fd:22:e6:d7:73:d7:e2:a3:2e:b3:9e:d0:22:fe:61:71:d5:
2f:b8:cb:1a:21:fa:cf:d7:dd:4e:53:71:fb:c7:c0:43:2b:d2:
1e:55:61:56:0c:5d:50:3d:74:71:12:19:0e:42:8c:ef:94:5c:
d7:ed:b3:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGxblFZwn5XiuLDfpk0UEexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwOTAyMDYzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDE2MWY3ZDFhNmFkNzZmY2E1MGUxNzcyNTZhM2VjNGY2MGE2ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstlmL/xMIN6iBI+9G4Lovngt/vkB
r9juuRiY9K9UnXEeW+uNVoEHUx6wHkjmqm0Ohf+56kfzQtyaCv3xoI2x2t41Y7EF
hWcTRRwdppjH8VjZiyBjPRvBq3gAIq5SDOr+vYketwsCCfgTXL2hWZc782MrEauv
rkc0wSUEVJCM3/ihs2zqBQ34EkC4J0yRmS4NKbRIiBEypom3/hYxNC5tir0E5GZ8
aVTRZO3NrzlUJ9QPlcoTvDa5SduTC9iH4+20GpY1lI4YUIxq35ycHHcFbsnS7IG3
5UEAX5caSW0E5mN0cEhBh0IfwWJultAyJ+w16wUcqp/05Rh3tgBdFpw11QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJAWH30aatdvylDhdyVqPsT2Cm5fMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEva0JZZmZScHExMl9LVU9GM0pXby14UFlLYmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZvyAwQA
wo/TAwQAwo/WAwQAw3LAMA0GCSqGSIb3DQEBCwUAA4IBAQAEGCzQL4lOdWwB8+ej
rLS9Wd6NzfXdUDzFFdkqT3L7Vt6tm8G+HAlJgyblJdvFhEV/UdWwoQ0K1tsi8DVT
CsF4XMmiG2llL9A+44dIJXVVPQ58lIW7ydikqBQZ7SDFobWOSw7VKP/OE4PK41fF
xKNHfF52dGVd4Um0qdHr54qXCcayQ7zf1bsrR7fMYt1vW4UinqUQ2MlsiJm+HG5k
6RTRt+yjLwBzCti0GycRBcEmYi7PvO/YjtRQ78ZFmM5Lsrx9pan7kgPN/SLm13PX
4qMus57QIv5hcdUvuMsaIfrP191OU3H7x8BDK9IeVWFWDF1QPXRxEhkOQozvlFzX
7bPp
-----END CERTIFICATE-----
Generated at Wed Sep 4 09:07:41 2024 by rpki-client on console-fra.rpki-client.org