Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/KBXgke-DTKaERSXJbbEdjkNXugg.roa
File: KBXgke-DTKaERSXJbbEdjkNXugg.roa (raw, json)
Hash identifier: B8X9V94mc8KvRJejejVBBRkcUFz1PLU0J4KIu/rkdqc=
Subject key identifier: 28:15:E0:91:EF:83:4C:A6:84:45:25:C9:6D:B1:1D:8E:43:57:BA:08
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01875962395152F9934A44472DF70EB35F80
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/KBXgke-DTKaERSXJbbEdjkNXugg.roa
Signing time: Fri 07 Apr 2023 01:43:42 +0000
ROA not before: Fri 07 Apr 2023 01:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.77.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 03:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:59:62:39:51:52:f9:93:4a:44:47:2d:f7:0e:b3:5f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Apr 7 01:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2815e091ef834ca6844525c96db11d8e4357ba08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:70:f1:df:19:4e:42:06:41:67:6e:32:30:79:
68:29:fe:7e:44:e2:82:ba:d2:93:3c:4c:ba:2b:12:
8a:8b:cb:ff:9e:95:e0:48:3f:56:74:91:c4:fd:c1:
36:00:21:57:73:46:2f:c6:8d:74:d6:e9:83:90:97:
ff:8b:77:9d:f3:b5:26:63:a9:31:02:cd:43:28:e5:
4e:71:66:62:1e:b7:4f:9d:fb:6c:2b:f8:af:e2:67:
2c:80:00:1e:7b:16:64:f9:ea:11:e3:9d:3a:48:35:
b9:6b:0e:e3:df:c0:bb:97:f2:69:ea:4a:fa:1d:e6:
7b:98:c9:7f:00:39:6f:43:83:d7:25:06:5d:a4:e1:
70:ad:0e:e0:b2:ef:b9:0b:6d:3f:ed:03:f3:44:c9:
1a:94:22:13:cb:a8:26:a4:f4:79:0f:50:40:aa:97:
42:39:52:10:77:eb:d5:1c:b3:95:9a:e5:df:b1:a7:
0d:83:1b:62:a6:fe:20:9a:68:68:98:98:de:9b:3d:
b3:24:65:39:04:ed:94:db:e6:0a:ac:48:91:76:43:
db:b6:8e:f5:b4:e7:24:7a:f2:cd:84:8e:77:4b:c9:
52:44:7c:0f:25:5e:d4:db:37:cf:c1:9d:89:af:97:
bb:04:0e:7f:7e:df:9e:0e:05:7d:d3:22:19:00:b2:
d1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:15:E0:91:EF:83:4C:A6:84:45:25:C9:6D:B1:1D:8E:43:57:BA:08
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/KBXgke-DTKaERSXJbbEdjkNXugg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
163.171.77.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:05:4a:a0:8b:7f:ad:c1:ff:c3:f1:82:58:b6:1d:98:31:7d:
72:74:81:7d:29:6a:a7:db:4b:a9:13:9c:20:f1:a0:c4:99:95:
62:33:c9:4a:d6:76:aa:e8:83:cd:6b:28:ba:53:f2:dd:4a:28:
66:2d:89:98:d7:0d:21:ba:f0:3d:94:ec:3f:a3:fd:1c:c0:1c:
9d:5c:23:60:6a:35:d8:6f:9e:93:7e:38:61:c2:20:ef:18:5c:
f1:00:2a:a5:42:eb:08:44:01:8b:06:f4:7b:9e:ad:8b:66:a2:
0c:21:04:5c:69:b1:78:a0:81:ec:30:03:24:75:92:38:34:8b:
2c:f9:ee:80:39:6b:ca:ef:02:ad:29:ac:20:55:8d:6b:f4:49:
6c:8a:4d:80:9d:f2:26:9f:87:a8:c9:54:5f:af:ef:4e:6f:3b:
7b:3c:85:8e:85:52:56:ca:40:ca:44:4d:7a:01:8d:f8:51:d3:
70:9d:48:19:d4:3c:25:27:07:45:1c:0d:32:80:e9:36:12:c2:
0f:28:0f:61:aa:0d:c2:ad:e4:86:61:ee:2d:75:e0:60:a7:ba:
73:19:91:43:ba:1a:8d:a1:42:42:4b:35:68:9d:e5:6c:22:bf:
5d:65:65:18:f9:3d:ae:bd:6c:d4:96:82:fe:4d:5d:7e:c1:ab:
ed:f8:03:ab
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYdZYjlRUvmTSkRHLfcOs1+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwNDA3MDE0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE1ZTA5MWVmODM0Y2E2ODQ0NTI1Yzk2ZGIxMWQ4ZTQzNTdiYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHDx3xlOQgZBZ24yMHloKf5+ROKC
utKTPEy6KxKKi8v/npXgSD9WdJHE/cE2ACFXc0Yvxo101umDkJf/i3ed87UmY6kx
As1DKOVOcWZiHrdPnftsK/iv4mcsgAAeexZk+eoR4506SDW5aw7j38C7l/Jp6kr6
HeZ7mMl/ADlvQ4PXJQZdpOFwrQ7gsu+5C20/7QPzRMkalCITy6gmpPR5D1BAqpdC
OVIQd+vVHLOVmuXfsacNgxtipv4gmmhomJjemz2zJGU5BO2U2+YKrEiRdkPbto71
tOckevLNhI53S8lSRHwPJV7U2zfPwZ2Jr5e7BA5/ft+eDgV90yIZALLRDwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCgV4JHvg0ymhEUlyW2xHY5DV7oIMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvS0JYZ2tlLURUS2FFUlNYSmJiRWRqa05YdWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACU/e8D
BAKU/fAwDAMEAJT9+QMEAJT9+gMEAKOrTQMEALkb5DANBgkqhkiG9w0BAQsFAAOC
AQEAjgVKoIt/rcH/w/GCWLYdmDF9cnSBfSlqp9tLqROcIPGgxJmVYjPJStZ2quiD
zWsoulPy3UooZi2JmNcNIbrwPZTsP6P9HMAcnVwjYGo12G+ek344YcIg7xhc8QAq
pULrCEQBiwb0e56ti2aiDCEEXGmxeKCB7DADJHWSODSLLPnugDlryu8CrSmsIFWN
a/RJbIpNgJ3yJp+HqMlUX6/vTm87ezyFjoVSVspAykRNegGN+FHTcJ1IGdQ8JScH
RRwNMoDpNhLCDygPYaoNwq3khmHuLXXgYKe6cxmRQ7oajaFCQks1aJ3lbCK/XWVl
GPk9rr1s1JaC/k1dfsGr7fgDqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org