Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/DoUKa1_vkNhXxWiZu2w1IBZXbh4.roa
File: DoUKa1_vkNhXxWiZu2w1IBZXbh4.roa (raw, json)
Hash identifier: lCK6HwColjP3AqyBRXeBlx4XdmHWPLrjQXAwOyRfVOo=
Subject key identifier: 0E:85:0A:6B:5F:EF:90:D8:57:C5:68:99:BB:6C:35:20:16:57:6E:1E
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 0191347146ECF02BB0BD1F0046A2E3434C65
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/DoUKa1_vkNhXxWiZu2w1IBZXbh4.roa
Signing time: Fri 09 Aug 2024 00:02:04 +0000
ROA not before: Fri 09 Aug 2024 00:02:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.23.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
178.255.222.0/24 maxlen: 32
185.159.128.0/24 maxlen: 32
185.228.235.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
193.176.190.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Aug 2024 10:43:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:34:71:46:ec:f0:2b:b0:bd:1f:00:46:a2:e3:43:4c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Aug 9 00:02:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e850a6b5fef90d857c56899bb6c352016576e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c1:0b:37:85:73:b3:7c:81:13:e6:f6:cb:de:
ec:25:31:71:bd:4c:0b:e7:ed:81:e8:77:61:b4:45:
55:5f:e9:c8:64:11:18:60:27:a1:1f:4c:8a:78:ad:
a3:dc:d0:20:09:02:77:36:27:b8:82:0d:ef:63:25:
34:a5:bd:b8:cf:90:43:bb:35:1c:b6:c5:e2:5a:01:
eb:e2:7c:cf:f6:2d:7a:c9:2c:a5:3b:ea:22:30:d2:
52:af:b1:d7:d9:10:29:5e:8a:03:3c:31:47:b8:e1:
15:ea:8d:1e:b7:85:aa:37:4a:b6:66:6d:26:a8:d0:
3d:eb:b6:b8:1a:48:61:af:90:2b:ff:72:ee:c5:cb:
be:5b:30:2b:5f:dc:5e:49:e1:92:3d:eb:e7:12:43:
0c:e7:bb:87:ce:fe:ee:3b:88:55:af:2b:44:da:a1:
6d:ad:ec:e5:71:d0:af:36:34:db:d2:4e:59:95:6a:
34:37:fb:51:15:a3:e1:15:55:fd:5d:ae:32:b0:52:
f5:55:50:10:b0:8e:5a:f9:be:f0:ce:9f:34:00:c1:
ce:6a:33:9c:4c:48:1a:f7:d3:d7:37:2c:cd:ff:b1:
0f:57:cb:e5:58:2b:56:2f:f0:d5:c6:6a:f9:c1:94:
3c:7e:18:39:02:c9:3e:3e:51:fc:43:3e:82:47:2c:
c6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:85:0A:6B:5F:EF:90:D8:57:C5:68:99:BB:6C:35:20:16:57:6E:1E
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/DoUKa1_vkNhXxWiZu2w1IBZXbh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.23.0/24
45.156.25.0/24
45.156.27.0/24
178.255.222.0/24
185.159.128.0/24
185.228.235.0/24
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
193.176.190.0/24
194.36.170.0/23
194.36.209.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
45:21:9c:ac:65:01:30:e9:b2:c4:ec:ba:7e:90:02:30:38:ca:
93:67:8c:09:85:ac:43:a5:3a:3a:24:8f:72:fe:85:1d:10:22:
92:eb:a4:df:db:d6:97:4c:5e:a3:1d:72:47:e3:4a:14:59:8c:
ca:73:e0:cc:cc:02:0c:fc:d2:c4:d4:0e:c8:fb:bc:06:80:5f:
4f:5d:59:d4:ea:ef:30:64:c9:b7:77:03:74:5d:1e:b6:9f:19:
9b:bf:7d:03:79:40:33:5e:0d:3b:ec:d2:58:01:54:6d:73:7b:
63:98:30:27:8f:d2:c6:98:f1:49:d0:1e:59:9c:d3:7c:14:1a:
00:89:9f:25:d7:8c:eb:ce:8f:4f:10:2d:86:76:47:21:af:99:
10:6f:56:db:66:43:65:05:8e:69:fb:62:21:6a:bf:1a:41:bb:
9a:4e:4e:23:f5:18:ce:12:83:cc:f5:d2:96:11:fa:0f:b9:b1:
52:9a:a8:c7:fd:cf:a0:18:70:8e:ff:8c:00:9d:aa:ea:b2:6a:
ad:42:61:9b:e6:ee:e6:75:57:da:a6:30:11:d1:2a:65:bd:3c:
44:c4:a5:d0:2d:54:ea:50:94:62:e0:8d:dd:20:16:7f:19:f6:
60:e0:ad:6e:49:47:5d:26:e0:7d:c1:2d:73:e4:a1:a5:3f:d1:
a4:b9:63:de
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZE0cUbs8CuwvR8ARqLjQ0xlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjQwODA5MDAwMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTg1MGE2YjVmZWY5MGQ4NTdjNTY4OTliYjZjMzUyMDE2NTc2ZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8ELN4Vzs3yBE+b2y97sJTFxvUwL
5+2B6HdhtEVVX+nIZBEYYCehH0yKeK2j3NAgCQJ3Nie4gg3vYyU0pb24z5BDuzUc
tsXiWgHr4nzP9i16ySylO+oiMNJSr7HX2RApXooDPDFHuOEV6o0et4WqN0q2Zm0m
qNA967a4Gkhhr5Ar/3Luxcu+WzArX9xeSeGSPevnEkMM57uHzv7uO4hVrytE2qFt
rezlcdCvNjTb0k5ZlWo0N/tRFaPhFVX9Xa4ysFL1VVAQsI5a+b7wzp80AMHOajOc
TEga99PXNyzN/7EPV8vlWCtWL/DVxmr5wZQ8fhg5Ask+PlH8Qz6CRyzG+wIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFA6FCmtf75DYV8VombtsNSAWV24eMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvRG9VS2ExX3ZrTmhYeFdpWnUydzFJQlpYYmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAC2cFwME
AC2cGQMEAC2cGwMEALL/3gMEALmfgAMEALnk6wMEAMGwmQMEAMGwngMEAMGwswME
AMGwvgMEAcIkqgMEAMIk0TAMAwQBwnTWAwQBwnTYAwQAwngYAwQAwnh0MA0EAgAC
MAcDBQAqE3wAMA0GCSqGSIb3DQEBCwUAA4IBAQBFIZysZQEw6bLE7Lp+kAIwOMqT
Z4wJhaxDpTo6JI9y/oUdECKS66Tf29aXTF6jHXJH40oUWYzKc+DMzAIM/NLE1A7I
+7wGgF9PXVnU6u8wZMm3dwN0XR62nxmbv30DeUAzXg077NJYAVRtc3tjmDAnj9LG
mPFJ0B5ZnNN8FBoAiZ8l14zrzo9PEC2Gdkchr5kQb1bbZkNlBY5p+2Ihar8aQbua
Tk4j9RjOEoPM9dKWEfoPubFSmqjH/c+gGHCO/4wAnarqsmqtQmGb5u7mdVfapjAR
0SplvTxExKXQLVTqUJRi4I3dIBZ/GfZg4K1uSUddJuB9wS1z5KGlP9GkuWPe
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:03:22 2025 by rpki-client