Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/_KpWYWXQXO6GHf36wBRhPAo2p78.roa
File: _KpWYWXQXO6GHf36wBRhPAo2p78.roa (raw, json)
Hash identifier: EBv5l2ENs4nO1m9RQMtaZ+//w7AN4tenTwn9LxhtcdA=
Subject key identifier: FC:AA:56:61:65:D0:5C:EE:86:1D:FD:FA:C0:14:61:3C:0A:36:A7:BF
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 018DF97FA45580E592467AEDBB9489E66B8D
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/_KpWYWXQXO6GHf36wBRhPAo2p78.roa
Signing time: Fri 01 Mar 2024 10:11:48 +0000
ROA not before: Fri 01 Mar 2024 10:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.3.32.0/19 maxlen: 19
45.78.80.0/20 maxlen: 20
65.111.0.0/19 maxlen: 19
104.207.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 19 Mar 2024 04:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:7f:a4:55:80:e5:92:46:7a:ed:bb:94:89:e6:6b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Mar 1 10:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcaa566165d05cee861dfdfac014613c0a36a7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7b:02:8e:46:b0:59:46:b1:52:1d:11:fb:6a:
1d:69:62:c0:29:b9:ae:d9:ec:48:f8:4b:d7:c4:d2:
54:43:db:56:ba:43:b7:5e:a8:fd:15:3e:98:59:37:
05:a3:4f:34:62:6a:2e:d0:df:17:48:16:aa:58:f5:
f0:20:f6:d0:86:f7:90:f1:af:a7:a6:81:0c:fe:3b:
ae:7f:fc:08:5c:fd:29:b4:f6:f1:b0:82:f7:ac:1e:
e5:81:70:e4:64:6f:e3:06:ae:34:f9:bd:3f:e0:2c:
ff:21:04:d0:0f:a8:d2:e4:ed:02:f7:a8:d1:0e:e9:
f2:3c:98:fb:7a:35:c1:3e:47:a4:e3:cb:7a:62:f3:
7b:09:c8:22:6d:5a:67:8c:df:a7:22:2f:29:e2:4e:
e5:52:4d:14:18:51:ee:5d:b7:1c:89:b5:74:31:ad:
9c:10:ef:d0:07:a6:62:3c:0f:58:2b:7c:36:70:67:
f9:4a:85:31:f8:61:57:a8:d3:0b:db:ba:9f:c9:14:
7f:9f:ae:a8:3e:45:b9:b4:5b:f4:3b:55:a2:61:32:
2e:75:68:ba:7e:64:da:3b:9e:a3:6e:47:83:de:85:
fd:b7:76:72:f4:5b:d4:64:3a:d8:77:99:4b:47:bc:
ce:33:25:7c:41:e7:41:f6:d8:05:6f:fd:c7:76:79:
39:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AA:56:61:65:D0:5C:EE:86:1D:FD:FA:C0:14:61:3C:0A:36:A7:BF
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/_KpWYWXQXO6GHf36wBRhPAo2p78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
45.78.80.0/20
65.111.0.0/19
104.207.32.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:fc:a9:a6:3f:23:b6:58:cc:21:65:2f:d6:14:d8:1c:0b:42:
f3:a3:56:e3:eb:09:ba:23:d8:f5:aa:36:ed:e8:84:ea:93:63:
42:81:62:01:87:85:8c:c4:34:f9:e5:3b:98:1e:4d:da:25:fc:
01:91:f4:ae:f8:29:02:db:ea:83:fa:b7:e4:2f:95:3d:0c:a1:
30:29:7f:2a:a8:d4:ea:9d:87:72:5f:36:15:79:66:94:2d:97:
29:c4:cb:39:c7:75:02:16:b9:7f:f2:4f:44:70:f9:fd:b4:90:
dd:a4:28:91:ef:29:86:73:f9:2b:b9:5d:10:d2:06:08:4e:61:
3e:e0:98:8d:f6:04:e9:63:b0:8a:5b:2e:45:39:a5:bd:bc:73:
75:d6:cb:71:02:49:36:cc:c2:9d:17:4d:31:10:f3:b9:eb:a9:
77:2d:8f:c1:8f:0d:8f:6d:64:5e:3a:b1:87:e3:0c:c2:85:75:
55:5d:a1:e8:d1:d9:cd:82:11:59:39:ec:e4:79:92:72:94:9f:
6c:65:68:c6:c5:14:40:37:e3:ba:c2:57:34:de:12:41:27:95:
af:a5:4f:bf:05:51:55:0f:4d:43:e5:1f:b6:fc:f1:af:e9:b1:
0e:82:f1:db:26:28:03:a2:0d:77:ea:90:de:b0:21:88:70:37:
e5:4f:bb:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY35f6RVgOWSRnrtu5SJ5muNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjQwMzAxMTAxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FhNTY2MTY1ZDA1Y2VlODYxZGZkZmFjMDE0NjEzYzBhMzZhN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXsCjkawWUaxUh0R+2odaWLAKbmu
2exI+EvXxNJUQ9tWukO3Xqj9FT6YWTcFo080Ymou0N8XSBaqWPXwIPbQhveQ8a+n
poEM/juuf/wIXP0ptPbxsIL3rB7lgXDkZG/jBq40+b0/4Cz/IQTQD6jS5O0C96jR
DunyPJj7ejXBPkek48t6YvN7CcgibVpnjN+nIi8p4k7lUk0UGFHuXbccibV0Ma2c
EO/QB6ZiPA9YK3w2cGf5SoUx+GFXqNML27qfyRR/n66oPkW5tFv0O1WiYTIudWi6
fmTaO56jbkeD3oX9t3Zy9FvUZDrYd5lLR7zOMyV8QedB9tgFb/3Hdnk53wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPyqVmFl0Fzuhh39+sAUYTwKNqe/MB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvX0twV1lXWFFYTzZHSGYzNndCUmhQQW8ycDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFLQMgAwQE
LU5QAwQFQW8AAwQFaM8gMA0GCSqGSIb3DQEBCwUAA4IBAQCa/KmmPyO2WMwhZS/W
FNgcC0Lzo1bj6wm6I9j1qjbt6ITqk2NCgWIBh4WMxDT55TuYHk3aJfwBkfSu+CkC
2+qD+rfkL5U9DKEwKX8qqNTqnYdyXzYVeWaULZcpxMs5x3UCFrl/8k9EcPn9tJDd
pCiR7ymGc/kruV0Q0gYITmE+4JiN9gTpY7CKWy5FOaW9vHN11stxAkk2zMKdF00x
EPO566l3LY/Bjw2PbWReOrGH4wzChXVVXaHo0dnNghFZOezkeZJylJ9sZWjGxRRA
N+O6wlc03hJBJ5WvpU+/BVFVD01D5R+2/PGv6bEOgvHbJigDog136pDesCGIcDfl
T7sk
-----END CERTIFICATE-----
Generated at Tue Mar 19 07:20:32 2024 by rpki-client on console.sobornost.net