Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/aKRUMrGYTYmd5_Vxi3-6lmvjPvg.roa
File: aKRUMrGYTYmd5_Vxi3-6lmvjPvg.roa (raw, json)
Hash identifier: 00TBD/18kYxLlhROyIaP6Y6i9PqrSL1kAYOyHonVYVw=
Subject key identifier: 68:A4:54:32:B1:98:4D:89:9D:E7:F5:71:8B:7F:BA:96:6B:E3:3E:F8
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 019155A89E0CF67DE14EF7CA594914C308E7
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/aKRUMrGYTYmd5_Vxi3-6lmvjPvg.roa
Signing time: Thu 15 Aug 2024 10:49:59 +0000
ROA not before: Thu 15 Aug 2024 10:49:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
178.255.222.0/24 maxlen: 32
185.159.128.0/24 maxlen: 32
185.228.235.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
193.176.190.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 Aug 2024 13:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:a8:9e:0c:f6:7d:e1:4e:f7:ca:59:49:14:c3:08:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Aug 15 10:49:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68a45432b1984d899de7f5718b7fba966be33ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1e:c6:3d:e5:76:75:8b:16:5d:9b:ee:8f:42:
6b:86:55:43:8f:55:75:be:fe:1b:b6:ea:d5:50:1f:
4e:84:85:9d:5f:b7:45:2f:d7:fa:62:46:3a:30:b0:
0e:3a:07:98:0c:e7:fd:65:e2:7e:0e:64:ce:c5:ea:
38:f5:27:e0:2f:3a:be:12:d1:c1:46:e7:76:84:ab:
e2:3f:5a:40:78:65:72:7e:19:a3:d3:9a:0d:cd:7c:
55:86:fe:f8:52:97:52:7a:0d:a2:ce:d7:54:2e:28:
63:1a:9d:ec:ad:97:23:1f:99:be:24:b1:25:5f:bf:
56:26:af:d1:46:37:9a:3c:c5:53:e1:81:b5:27:3f:
13:a6:88:4a:f2:d6:c4:e7:74:1f:b3:1b:2f:ab:0a:
83:88:fb:75:bc:57:25:c0:d1:83:c5:a0:d7:08:9c:
9a:47:fb:34:2d:79:7e:e4:41:13:01:be:82:2b:9d:
6e:e8:91:f1:5d:2c:29:55:b7:cc:6b:3c:71:d2:6f:
c8:16:2f:c7:0a:45:da:8f:1f:5f:f8:95:2b:7a:6f:
c4:df:b5:26:93:0b:64:a2:e5:16:79:f7:08:ce:56:
ff:57:4f:f6:c8:43:69:83:91:e4:0f:9e:a7:55:2c:
63:d5:e5:91:ff:0d:12:e8:f7:45:8c:30:e4:a9:f0:
ee:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A4:54:32:B1:98:4D:89:9D:E7:F5:71:8B:7F:BA:96:6B:E3:3E:F8
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/aKRUMrGYTYmd5_Vxi3-6lmvjPvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.22.0-45.156.25.255
45.156.27.0/24
178.255.222.0/24
185.159.128.0/24
185.228.235.0/24
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
193.176.190.0/24
194.36.170.0/23
194.36.209.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
2d:f1:dd:4b:f5:b1:48:a6:c9:54:8e:0e:db:ef:c0:c5:1f:b7:
e9:d7:f9:3f:4c:11:97:6c:a7:3c:72:d7:2d:a7:59:35:a3:9a:
6d:95:7f:e8:f6:43:91:d3:40:5b:6e:e2:eb:24:0a:2d:32:4f:
dd:e1:5b:b2:9f:59:9e:c8:90:8a:fc:93:6f:b9:b4:be:42:a8:
f7:8f:67:f1:1a:a8:2d:98:22:33:0b:14:bd:97:4b:d4:ef:61:
e3:a1:d9:2e:bf:59:2a:c2:b9:fd:a7:ef:67:e3:70:76:f4:97:
29:eb:85:8f:69:b2:5b:24:3b:08:55:e8:22:97:33:23:13:b6:
1d:0c:16:60:b2:18:18:f4:1b:f2:2c:cf:27:39:6f:43:a6:73:
ac:9c:07:6b:90:b1:fc:c1:ba:0e:e1:12:99:eb:c2:6b:e5:19:
d5:76:c3:5e:34:70:47:f7:99:ab:4b:ca:d6:88:08:8c:54:e5:
c2:b5:da:08:3b:0b:20:c2:7d:f1:9a:ec:e0:76:18:14:c8:34:
05:fd:92:69:04:a0:a8:50:57:29:d6:43:14:64:fa:21:29:02:
7e:47:5f:00:7c:1d:9b:2e:23:c2:63:61:2a:6c:11:2b:22:f5:
6e:5b:d2:df:c3:6d:d7:6b:9a:58:36:4c:54:8d:26:ac:c8:ab:
c9:29:1f:f1
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZFVqJ4M9n3hTvfKWUkUwwjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjQwODE1MTA0OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE0NTQzMmIxOTg0ZDg5OWRlN2Y1NzE4YjdmYmE5NjZiZTMzZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB7GPeV2dYsWXZvuj0JrhlVDj1V1
vv4bturVUB9OhIWdX7dFL9f6YkY6MLAOOgeYDOf9ZeJ+DmTOxeo49SfgLzq+EtHB
Rud2hKviP1pAeGVyfhmj05oNzXxVhv74UpdSeg2iztdULihjGp3srZcjH5m+JLEl
X79WJq/RRjeaPMVT4YG1Jz8TpohK8tbE53QfsxsvqwqDiPt1vFclwNGDxaDXCJya
R/s0LXl+5EETAb6CK51u6JHxXSwpVbfMazxx0m/IFi/HCkXajx9f+JUrem/E37Um
kwtkouUWefcIzlb/V0/2yENpg5HkD56nVSxj1eWR/w0S6PdFjDDkqfDupwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFGikVDKxmE2Jnef1cYt/upZr4z74MB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvYUtSVU1yR1lUWW1kNV9WeGkzLTZsbXZqUHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswagQCAAEwZDAMAwQBLZwW
AwQBLZwYAwQALZwbAwQAsv/eAwQAuZ+AAwQAueTrAwQAwbCZAwQAwbCeAwQAwbCz
AwQAwbC+AwQBwiSqAwQAwiTRMAwDBAHCdNYDBAHCdNgDBADCeBgDBADCeHQwDQQC
AAIwBwMFACoTfAAwDQYJKoZIhvcNAQELBQADggEBAC3x3Uv1sUimyVSODtvvwMUf
t+nX+T9MEZdspzxy1y2nWTWjmm2Vf+j2Q5HTQFtu4uskCi0yT93hW7KfWZ7IkIr8
k2+5tL5CqPePZ/EaqC2YIjMLFL2XS9TvYeOh2S6/WSrCuf2n72fjcHb0lynrhY9p
slskOwhV6CKXMyMTth0MFmCyGBj0G/Iszyc5b0Omc6ycB2uQsfzBug7hEpnrwmvl
GdV2w140cEf3matLytaICIxU5cK12gg7CyDCffGa7OB2GBTINAX9kmkEoKhQVynW
QxRk+iEpAn5HXwB8HZsuI8JjYSpsESsi9W5b0t/Dbddrmlg2TFSNJqzIq8kpH/E=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:26 2025 by rpki-client