Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/ffbf18-aa03-434c-8bbd-141450f10a85/1/KITqeBZr9LSmTBdC0B3H88dtD_A.roa
File: KITqeBZr9LSmTBdC0B3H88dtD_A.roa (raw, json)
Hash identifier: tvxm8XOqajbWuqz17RoXtMpcSW4FmrG5EYtsbH7fpVM=
Subject key identifier: 28:84:EA:78:16:6B:F4:B4:A6:4C:17:42:D0:1D:C7:F3:C7:6D:0F:F0
Certificate issuer: /CN=bb62fe6b7f3d364332bcd6e0daf79226ccf809e2
Certificate serial: 01856D5D2526B38411ADD9A94A53CB7CE89E
Authority key identifier: BB:62:FE:6B:7F:3D:36:43:32:BC:D6:E0:DA:F7:92:26:CC:F8:09:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u2L-a389NkMyvNbg2veSJsz4CeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/ffbf18-aa03-434c-8bbd-141450f10a85/1/KITqeBZr9LSmTBdC0B3H88dtD_A.roa
Signing time: Sun 01 Jan 2023 12:44:58 +0000
ROA not before: Sun 01 Jan 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42466
IP address blocks: 91.189.144.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:25:26:b3:84:11:ad:d9:a9:4a:53:cb:7c:e8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb62fe6b7f3d364332bcd6e0daf79226ccf809e2
Validity
Not Before: Jan 1 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2884ea78166bf4b4a64c1742d01dc7f3c76d0ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6e:fc:de:61:15:e0:85:7c:83:cc:a0:15:79:
8f:74:ab:7b:cb:36:04:8a:ba:56:70:73:8f:43:95:
3c:4e:c3:98:70:79:31:c5:af:d6:0b:ce:b1:4e:ae:
6e:bf:99:d9:a5:fa:1e:9f:16:23:f3:6c:2c:fc:7f:
34:dc:84:69:b6:92:7f:73:53:8e:17:57:31:84:cf:
ee:9d:0d:95:14:11:80:95:f4:c5:b5:fb:ef:b9:ba:
fa:02:cf:39:1e:b9:2d:40:2e:c6:19:d1:ab:93:ca:
d3:5c:84:ee:dd:6c:ab:a0:47:c0:74:8c:58:9d:5b:
5d:c6:3a:42:07:b3:86:0a:5d:c9:25:09:54:69:d5:
9d:0e:8c:92:6c:7b:de:02:c5:76:6a:25:30:77:a9:
b2:84:92:31:b2:5d:b2:1d:44:6f:99:d5:43:07:6b:
c0:03:31:23:1e:77:25:57:9a:90:05:8a:80:e4:0f:
e0:80:a7:23:bd:ad:62:e2:2e:b2:6c:f4:c2:6e:23:
35:40:42:96:44:c0:41:ab:e8:4e:99:e3:fc:bd:d3:
e7:47:e5:e9:c9:50:ad:49:3f:1a:31:3b:d7:2a:80:
11:58:d1:df:c7:23:ea:03:5d:d3:80:e8:90:39:47:
08:c3:4d:a9:ac:38:f9:d6:50:2f:19:95:fe:81:92:
50:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:84:EA:78:16:6B:F4:B4:A6:4C:17:42:D0:1D:C7:F3:C7:6D:0F:F0
X509v3 Authority Key Identifier:
keyid:BB:62:FE:6B:7F:3D:36:43:32:BC:D6:E0:DA:F7:92:26:CC:F8:09:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u2L-a389NkMyvNbg2veSJsz4CeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ffbf18-aa03-434c-8bbd-141450f10a85/1/KITqeBZr9LSmTBdC0B3H88dtD_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ffbf18-aa03-434c-8bbd-141450f10a85/1/u2L-a389NkMyvNbg2veSJsz4CeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.144.0/21
Signature Algorithm: sha256WithRSAEncryption
01:42:df:ff:1e:f5:63:7a:8b:86:0a:12:cb:f9:d8:3f:65:d8:
b5:cd:eb:56:30:ba:c9:9a:8f:5f:29:5b:59:8a:4e:b2:d4:25:
5c:14:f3:86:38:02:29:09:85:57:7e:a1:c4:67:ef:57:cc:aa:
bf:fe:54:2d:74:56:8e:6d:38:4d:27:2c:0c:67:8c:4b:d0:8e:
44:5e:70:70:81:9c:c3:bd:45:cb:64:ad:2b:07:52:8c:fc:85:
3f:da:73:ed:5a:8b:2f:02:de:89:0a:27:e1:c5:85:2e:89:fa:
a5:fd:d5:a5:27:b9:ce:0f:d8:bd:fc:7d:62:04:4d:4a:d3:07:
c1:35:08:ac:cc:09:04:b5:1e:7e:9b:e7:2f:6b:7e:c2:2f:6a:
ea:41:70:9e:bf:30:cf:79:53:eb:22:69:c2:dc:bd:b1:ec:b8:
bc:05:91:e5:9b:37:c9:41:1b:2c:7c:de:b1:e0:c8:9b:78:a5:
cd:e3:e0:88:d4:1b:87:39:19:d4:f1:38:db:e5:15:b7:0a:d2:
33:af:e3:43:48:c3:c2:e7:4d:9a:d7:37:c1:14:1f:7c:c2:5d:
4a:c5:74:ed:08:21:6f:3a:19:40:73:44:0f:01:56:ae:c3:a6:
d1:98:38:d2:70:2b:c3:4b:cd:6d:3a:62:7b:05:0d:c7:f5:45:
b4:4b:f3:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXSUms4QRrdmpSlPLfOieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNjJmZTZiN2YzZDM2NDMzMmJjZDZlMGRhZjc5MjI2Y2Nm
ODA5ZTIwHhcNMjMwMTAxMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg0ZWE3ODE2NmJmNGI0YTY0YzE3NDJkMDFkYzdmM2M3NmQwZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm783mEV4IV8g8ygFXmPdKt7yzYE
irpWcHOPQ5U8TsOYcHkxxa/WC86xTq5uv5nZpfoenxYj82ws/H803IRptpJ/c1OO
F1cxhM/unQ2VFBGAlfTFtfvvubr6As85HrktQC7GGdGrk8rTXITu3WyroEfAdIxY
nVtdxjpCB7OGCl3JJQlUadWdDoySbHveAsV2aiUwd6myhJIxsl2yHURvmdVDB2vA
AzEjHnclV5qQBYqA5A/ggKcjva1i4i6ybPTCbiM1QEKWRMBBq+hOmeP8vdPnR+Xp
yVCtST8aMTvXKoARWNHfxyPqA13TgOiQOUcIw02prDj51lAvGZX+gZJQwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiE6ngWa/S0pkwXQtAdx/PHbQ/wMB8GA1UdIwQY
MBaAFLti/mt/PTZDMrzW4Nr3kibM+AniMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTJMLWEzODlOa015dk5iZzJ2ZVNKc3o0Q2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mZmJmMTgtYWEwMy00MzRjLThiYmQt
MTQxNDUwZjEwYTg1LzEvS0lUcWVCWnI5TFNtVEJkQzBCM0g4OGR0RF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mZmJmMTgtYWEwMy00MzRjLThiYmQtMTQxNDUwZjEwYTg1
LzEvdTJMLWEzODlOa015dk5iZzJ2ZVNKc3o0Q2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW72QMA0G
CSqGSIb3DQEBCwUAA4IBAQABQt//HvVjeouGChLL+dg/Zdi1zetWMLrJmo9fKVtZ
ik6y1CVcFPOGOAIpCYVXfqHEZ+9XzKq//lQtdFaObThNJywMZ4xL0I5EXnBwgZzD
vUXLZK0rB1KM/IU/2nPtWosvAt6JCifhxYUuifql/dWlJ7nOD9i9/H1iBE1K0wfB
NQiszAkEtR5+m+cva37CL2rqQXCevzDPeVPrImnC3L2x7Li8BZHlmzfJQRssfN6x
4MibeKXN4+CI1BuHORnU8Tjb5RW3CtIzr+NDSMPC502a1zfBFB98wl1KxXTtCCFv
OhlAc0QPAVauw6bRmDjScCvDS81tOmJ7BQ3H9UW0S/Pm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:17 2024 by rpki-client on console-ams.rpki-client.org