Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rKN8iz7TgU-qiJ91xgQNMf4nt8M.roa
File: rKN8iz7TgU-qiJ91xgQNMf4nt8M.roa (raw, json)
Hash identifier: gwL5Fe/kzitZt4NRRpmN53PKwLPXT5l3STpBykcf8OQ=
Subject key identifier: AC:A3:7C:8B:3E:D3:81:4F:AA:88:9F:75:C6:04:0D:31:FE:27:B7:C3
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01881BFD0F97DFC3456A36B3D7B926EEC031
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rKN8iz7TgU-qiJ91xgQNMf4nt8M.roa
Signing time: Sun 14 May 2023 20:39:09 +0000
ROA not before: Sun 14 May 2023 20:39:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.220.236.0/22 maxlen: 24
91.132.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Aug 2023 10:51:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1b:fd:0f:97:df:c3:45:6a:36:b3:d7:b9:26:ee:c0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 14 20:39:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aca37c8b3ed3814faa889f75c6040d31fe27b7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:8d:52:aa:13:fe:01:1a:6f:27:a3:5b:1d:
e1:39:b6:97:3b:0f:3e:e2:82:21:1a:2e:0e:a1:ff:
ff:8f:fb:f8:73:e2:69:bd:14:9a:cd:28:48:4e:7e:
70:2f:f7:3f:93:1f:6a:9e:ce:98:6c:53:41:8f:06:
b4:d3:4b:8a:66:9e:b0:9b:68:fa:53:c8:35:33:22:
1f:58:8c:ad:76:e5:fb:58:28:c7:4c:af:9a:2a:0c:
a0:f3:32:25:95:ea:e6:f0:22:f5:cf:fe:56:a5:80:
d2:6d:ae:78:79:b9:4e:f2:2c:45:79:41:50:56:3d:
8b:16:35:29:cc:ae:e0:fd:f4:e8:aa:3d:07:8a:ee:
45:06:9d:0d:da:04:a7:ac:c8:66:c6:fa:1d:fd:14:
06:64:5e:a4:29:46:f6:19:b7:c0:75:7f:e7:3f:8f:
2b:af:d0:65:b5:29:53:56:d6:ca:60:fc:6f:49:ff:
da:4b:c3:2f:c3:cc:9f:3a:19:49:c3:78:b0:b4:b3:
94:24:b5:ed:06:37:50:e6:cc:65:6f:db:2b:35:23:
ef:43:3d:b4:0c:10:32:62:c8:bf:88:0f:7c:57:fc:
dd:da:fe:99:b4:cb:21:f6:31:20:86:13:d6:6d:3e:
9d:35:60:d3:0b:86:80:84:c4:52:4b:95:a0:94:71:
ab:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A3:7C:8B:3E:D3:81:4F:AA:88:9F:75:C6:04:0D:31:FE:27:B7:C3
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rKN8iz7TgU-qiJ91xgQNMf4nt8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.59.0/24
185.220.236.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:e9:fe:6e:ea:68:82:ca:c7:1c:30:0d:82:ba:38:96:1b:b9:
59:21:3c:62:c3:d6:97:8d:23:2f:04:c1:d1:17:18:64:08:a8:
e6:43:78:10:b5:2e:0e:bc:97:7b:a6:d3:5c:9b:b7:42:7e:83:
00:14:e8:5b:16:73:20:5a:29:4c:23:75:55:19:d5:ae:3e:6e:
5a:1f:6b:fb:32:c5:32:a9:0f:cb:52:22:29:df:e7:b3:c7:af:
89:d4:60:90:25:1e:02:59:b5:a2:2f:b2:f0:10:27:24:1a:1b:
4a:43:f4:c7:8d:7f:40:f0:3c:2f:b3:dc:bd:66:c6:c5:29:2a:
18:92:df:f1:f0:68:8e:ec:ed:77:1e:83:f9:77:0b:66:b2:cd:
b9:97:33:0f:93:da:9a:05:cb:d0:4c:cf:dd:d4:03:98:83:4e:
c1:9d:4a:7d:96:59:21:c0:70:72:13:46:f5:bf:98:c3:af:59:
87:7a:dd:45:5b:d4:cf:33:30:6a:07:e0:77:09:63:cd:78:0f:
44:32:b0:1d:c5:d1:3a:82:45:2f:92:73:dd:b7:69:a6:9e:17:
8f:90:c1:80:18:78:80:6b:bd:7c:12:c0:94:28:df:a0:7e:11:
93:36:8a:66:1f:97:41:60:87:5b:96:9b:d5:e3:09:10:da:5b:
a7:aa:76:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgb/Q+X38NFajaz17km7sAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNTE0MjAzOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2EzN2M4YjNlZDM4MTRmYWE4ODlmNzVjNjA0MGQzMWZlMjdiN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7SNUqoT/gEabyejWx3hObaXOw8+
4oIhGi4Oof//j/v4c+JpvRSazShITn5wL/c/kx9qns6YbFNBjwa000uKZp6wm2j6
U8g1MyIfWIytduX7WCjHTK+aKgyg8zIllerm8CL1z/5WpYDSba54eblO8ixFeUFQ
Vj2LFjUpzK7g/fToqj0Hiu5FBp0N2gSnrMhmxvod/RQGZF6kKUb2GbfAdX/nP48r
r9BltSlTVtbKYPxvSf/aS8Mvw8yfOhlJw3iwtLOUJLXtBjdQ5sxlb9srNSPvQz20
DBAyYsi/iA98V/zd2v6ZtMsh9jEghhPWbT6dNWDTC4aAhMRSS5WglHGrAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKyjfIs+04FPqoifdcYEDTH+J7fDMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcktOOGl6N1RnVS1xaUo5MXhnUU5NZjRudDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW4Q7AwQC
udzsMA0GCSqGSIb3DQEBCwUAA4IBAQDN6f5u6miCysccMA2CujiWG7lZITxiw9aX
jSMvBMHRFxhkCKjmQ3gQtS4OvJd7ptNcm7dCfoMAFOhbFnMgWilMI3VVGdWuPm5a
H2v7MsUyqQ/LUiIp3+ezx6+J1GCQJR4CWbWiL7LwECckGhtKQ/THjX9A8Dwvs9y9
ZsbFKSoYkt/x8GiO7O13HoP5dwtmss25lzMPk9qaBcvQTM/d1AOYg07BnUp9llkh
wHByE0b1v5jDr1mHet1FW9TPMzBqB+B3CWPNeA9EMrAdxdE6gkUvknPdt2mmnheP
kMGAGHiAa718EsCUKN+gfhGTNopmH5dBYIdblpvV4wkQ2lunqnbv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org