Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/KMfrM32SPD2GpeQRkirlwFglzfY.roa
File: KMfrM32SPD2GpeQRkirlwFglzfY.roa (raw, json)
Hash identifier: mWiCOH2nV64Y70vachx5sUusXh1s3tHOP3tYzj138L8=
Subject key identifier: 28:C7:EB:33:7D:92:3C:3D:86:A5:E4:11:92:2A:E5:C0:58:25:CD:F6
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018CC42534187F9A17DE5A6191AA8BFD8B46
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/KMfrM32SPD2GpeQRkirlwFglzfY.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 160.214.98.0/24 maxlen: 24
160.214.97.0/24 maxlen: 24
160.214.96.0/24 maxlen: 24
160.214.101.0/24 maxlen: 24
160.214.99.0/24 maxlen: 24
160.214.102.0/24 maxlen: 24
160.214.103.0/24 maxlen: 24
160.214.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 15:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:34:18:7f:9a:17:de:5a:61:91:aa:8b:fd:8b:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28c7eb337d923c3d86a5e411922ae5c05825cdf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:bf:30:7e:63:9e:59:17:fc:46:ef:ed:8d:81:
c1:92:14:ae:c3:58:b0:bc:07:f4:03:9a:76:96:0b:
e7:0e:cf:af:a1:bd:bf:c6:2c:98:b6:bd:01:54:ae:
9e:88:a3:f5:9d:2a:3e:dc:0a:99:f9:bb:a2:b7:7c:
95:aa:76:bb:70:6b:a2:b3:81:34:5e:5e:32:3c:1b:
0e:2d:c8:1a:72:45:4d:92:43:c4:3a:e7:11:30:09:
5b:62:43:85:05:a7:e5:a0:3f:01:5f:e3:88:a6:76:
93:4a:f8:06:f9:cd:af:0d:15:c5:9a:e3:cf:e2:0f:
0c:90:d6:94:ff:f7:c4:49:e7:23:dd:39:1c:d5:cb:
47:30:16:30:7b:e4:94:68:55:00:a4:d0:a9:d3:fa:
62:a5:4f:29:b3:b8:8f:a2:66:8d:02:97:3b:b0:ff:
d5:f5:0e:40:53:e7:8e:22:0f:ee:68:42:4a:07:7b:
c4:7f:88:e2:b1:da:46:88:51:11:bc:f2:37:84:38:
7d:cf:84:5d:b4:f4:ae:1a:87:8e:43:32:3e:53:ef:
8b:1c:f2:06:d0:94:6a:8f:69:ba:07:f4:f7:8f:97:
c4:f6:69:3a:87:f2:37:60:f8:19:e2:42:0b:52:c2:
68:7c:1b:48:f4:40:25:55:0d:df:f7:92:cd:b7:30:
44:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C7:EB:33:7D:92:3C:3D:86:A5:E4:11:92:2A:E5:C0:58:25:CD:F6
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/KMfrM32SPD2GpeQRkirlwFglzfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.96.0/22
160.214.101.0-160.214.103.255
160.214.108.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:55:bf:4d:6b:70:55:8b:24:ac:8b:7c:b9:1c:7c:f0:cd:9f:
7d:03:e7:bb:13:f4:ba:36:4c:b8:d4:ab:fe:66:89:ee:f6:0e:
8c:4e:ce:e3:b4:64:c0:6e:84:c0:2d:2d:9d:9d:42:b4:02:1e:
a4:22:7b:8f:c1:96:03:63:ad:8c:8d:5d:1b:3a:e6:19:20:c3:
23:a7:70:51:49:f7:f5:24:53:09:c7:93:40:94:4e:f6:54:3d:
5d:90:67:64:94:5b:66:3b:9e:ef:18:c9:ef:0b:ef:58:56:43:
e4:e5:b1:25:5f:83:5e:95:70:b6:65:aa:e9:56:49:aa:86:06:
17:8d:54:c0:cc:a6:c9:e2:1e:c4:ad:5e:59:1d:ff:99:5b:69:
3a:4f:5f:f6:36:a2:17:4d:63:bc:6c:a8:3e:92:9b:11:a5:30:
6e:99:8e:f8:17:34:e4:06:ca:54:82:c5:12:55:dc:80:27:f7:
5c:56:38:6e:e3:91:e4:e9:0a:0a:b6:61:2d:be:13:ba:a3:e0:
b9:85:58:b6:cd:74:e9:e4:52:d0:8f:cd:9f:e7:70:ac:d1:aa:
60:b1:d0:98:2c:cc:4c:cc:be:fa:03:1d:c5:20:8f:3b:e3:6e:
b1:9b:b0:f2:5d:58:28:79:72:5b:6d:6b:34:af:1c:b5:4e:08:
2c:ad:87:16
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJTQYf5oX3lphkaqL/YtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM3ZWIzMzdkOTIzYzNkODZhNWU0MTE5MjJhZTVjMDU4MjVjZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA878wfmOeWRf8Ru/tjYHBkhSuw1iw
vAf0A5p2lgvnDs+vob2/xiyYtr0BVK6eiKP1nSo+3AqZ+buit3yVqna7cGuis4E0
Xl4yPBsOLcgackVNkkPEOucRMAlbYkOFBafloD8BX+OIpnaTSvgG+c2vDRXFmuPP
4g8MkNaU//fESecj3Tkc1ctHMBYwe+SUaFUApNCp0/pipU8ps7iPomaNApc7sP/V
9Q5AU+eOIg/uaEJKB3vEf4jisdpGiFERvPI3hDh9z4RdtPSuGoeOQzI+U++LHPIG
0JRqj2m6B/T3j5fE9mk6h/I3YPgZ4kILUsJofBtI9EAlVQ3f95LNtzBEYQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCjH6zN9kjw9hqXkEZIq5cBYJc32MB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvS01mck0zMlNQRDJHcGVRUmtpcmx3RmdsemZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCoNZgMAwD
BACg1mUDBAOg1mADBACg1mwwDQYJKoZIhvcNAQELBQADggEBALFVv01rcFWLJKyL
fLkcfPDNn30D57sT9Lo2TLjUq/5mie72DoxOzuO0ZMBuhMAtLZ2dQrQCHqQie4/B
lgNjrYyNXRs65hkgwyOncFFJ9/UkUwnHk0CUTvZUPV2QZ2SUW2Y7nu8Yye8L71hW
Q+TlsSVfg16VcLZlqulWSaqGBheNVMDMpsniHsStXlkd/5lbaTpPX/Y2ohdNY7xs
qD6SmxGlMG6ZjvgXNOQGylSCxRJV3IAn91xWOG7jkeTpCgq2YS2+E7qj4LmFWLbN
dOnkUtCPzZ/ncKzRqmCx0JgszEzMvvoDHcUgjzvjbrGbsPJdWCh5clttazSvHLVO
CCythxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org