Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/3a7ecc-4591-4adc-9880-aac89f2f17cd/1/KfeTw1KvqoKTETS-lQ49mzWGTOQ.roa
File: KfeTw1KvqoKTETS-lQ49mzWGTOQ.roa (raw, json)
Hash identifier: g5LRbFbGtNBGiWuZAiWNvfyPoZf3j61xyVqjWVT6d9Y=
Subject key identifier: 29:F7:93:C3:52:AF:AA:82:93:11:34:BE:95:0E:3D:9B:35:86:4C:E4
Certificate issuer: /CN=acb00ed62beef3070a136dd9845fd26e21fd261a
Certificate serial: 01857102C69DE060E06F41C4B7D0C97237CD
Authority key identifier: AC:B0:0E:D6:2B:EE:F3:07:0A:13:6D:D9:84:5F:D2:6E:21:FD:26:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rLAO1ivu8wcKE23ZhF_SbiH9Jho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/3a7ecc-4591-4adc-9880-aac89f2f17cd/1/KfeTw1KvqoKTETS-lQ49mzWGTOQ.roa
Signing time: Mon 02 Jan 2023 05:44:45 +0000
ROA not before: Mon 02 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38927
IP address blocks: 46.226.80.0/21 maxlen: 21
185.146.236.0/22 maxlen: 22
87.237.120.0/21 maxlen: 21
93.191.48.0/21 maxlen: 21
2a02:420::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:c6:9d:e0:60:e0:6f:41:c4:b7:d0:c9:72:37:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acb00ed62beef3070a136dd9845fd26e21fd261a
Validity
Not Before: Jan 2 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29f793c352afaa82931134be950e3d9b35864ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:18:0b:c3:ab:c6:60:73:c9:4b:79:40:14:65:
96:ca:bb:61:ab:82:7f:b5:59:72:30:fd:6d:93:be:
1c:29:03:0a:09:03:af:7d:ea:c8:0b:65:b5:28:ee:
be:82:f9:76:22:b9:3b:43:03:81:0b:87:f9:79:36:
f4:67:6f:c7:de:b8:51:b0:05:90:32:20:d5:9e:9b:
6c:a3:36:aa:73:b3:ca:ad:d8:2c:d2:7c:fb:83:7a:
1b:ee:64:0e:06:e6:49:35:c6:c2:b4:9c:12:6e:d0:
47:b6:9c:e7:01:d6:f8:bc:c4:93:ff:34:ec:f9:b6:
a4:2c:77:79:5a:70:14:99:47:ec:2b:5b:ae:b0:a4:
bc:69:1c:d5:01:1b:b5:21:8b:74:48:b3:fc:c3:29:
a0:88:d8:73:93:cc:15:70:8f:a0:59:68:4a:db:cf:
5a:32:66:30:e5:e9:f8:83:a8:7d:36:03:a7:69:80:
0e:a3:45:b7:a3:55:74:da:3e:04:74:01:62:c8:05:
09:46:08:a5:b7:6f:c7:a1:2b:47:9a:37:71:1e:73:
ee:9a:bc:32:f7:1b:09:0f:50:3c:93:84:e8:0b:dd:
25:13:03:57:15:fe:7f:70:be:0f:7e:66:7a:38:91:
a4:b8:dd:c7:18:28:d0:6f:95:15:fe:28:02:6c:7a:
d8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F7:93:C3:52:AF:AA:82:93:11:34:BE:95:0E:3D:9B:35:86:4C:E4
X509v3 Authority Key Identifier:
keyid:AC:B0:0E:D6:2B:EE:F3:07:0A:13:6D:D9:84:5F:D2:6E:21:FD:26:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLAO1ivu8wcKE23ZhF_SbiH9Jho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/3a7ecc-4591-4adc-9880-aac89f2f17cd/1/KfeTw1KvqoKTETS-lQ49mzWGTOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/3a7ecc-4591-4adc-9880-aac89f2f17cd/1/rLAO1ivu8wcKE23ZhF_SbiH9Jho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.80.0/21
87.237.120.0/21
93.191.48.0/21
185.146.236.0/22
IPv6:
2a02:420::/29
Signature Algorithm: sha256WithRSAEncryption
0f:a0:dc:9c:9e:c7:d5:bc:b3:60:da:99:92:ec:d3:aa:be:ff:
3d:5c:56:17:5f:6e:90:a4:74:a5:59:63:a9:a0:6b:e4:a4:23:
4c:92:c4:ee:ee:c1:eb:4c:a7:ee:51:d3:6d:5b:2f:1b:a0:f6:
7d:0e:76:6f:1b:a3:d4:56:86:27:3f:86:3e:5a:e4:62:af:0f:
39:79:2b:eb:76:e4:c7:b3:b5:f2:61:32:1e:09:9f:8a:c1:5c:
8b:04:7b:b4:f5:09:51:56:d7:6a:f9:ae:b6:cd:76:74:c4:9e:
00:e8:21:28:67:fb:c0:c5:6f:a0:be:ed:f4:44:93:6e:d2:ff:
c4:66:0a:f3:f1:1d:70:ee:d3:9f:f0:4e:2c:13:cf:b0:c4:b8:
ee:32:dd:2e:bc:dc:50:19:0e:22:5d:71:ab:a5:d0:9f:24:5e:
d9:bb:6d:62:f7:80:2a:71:f2:9b:2c:d7:eb:db:c6:bb:e3:26:
62:f1:81:b4:9c:28:e5:6b:6b:d3:34:55:55:d2:d4:0f:ad:8d:
ce:fb:6b:33:7c:69:12:42:d0:a4:e9:12:88:11:44:4e:ae:f4:
00:14:67:b7:a6:01:70:dd:67:00:dc:88:f5:54:58:96:94:de:
68:ff:2a:34:ad:5c:95:a7:68:36:d1:6c:05:af:e2:f3:99:59:
b7:33:97:99
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxAsad4GDgb0HEt9DJcjfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYjAwZWQ2MmJlZWYzMDcwYTEzNmRkOTg0NWZkMjZlMjFm
ZDI2MWEwHhcNMjMwMTAyMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY3OTNjMzUyYWZhYTgyOTMxMTM0YmU5NTBlM2Q5YjM1ODY0Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBgLw6vGYHPJS3lAFGWWyrthq4J/
tVlyMP1tk74cKQMKCQOvferIC2W1KO6+gvl2Irk7QwOBC4f5eTb0Z2/H3rhRsAWQ
MiDVnptsozaqc7PKrdgs0nz7g3ob7mQOBuZJNcbCtJwSbtBHtpznAdb4vMST/zTs
+bakLHd5WnAUmUfsK1uusKS8aRzVARu1IYt0SLP8wymgiNhzk8wVcI+gWWhK289a
MmYw5en4g6h9NgOnaYAOo0W3o1V02j4EdAFiyAUJRgilt2/HoStHmjdxHnPumrwy
9xsJD1A8k4ToC90lEwNXFf5/cL4PfmZ6OJGkuN3HGCjQb5UV/igCbHrYdQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCn3k8NSr6qCkxE0vpUOPZs1hkzkMB8GA1UdIwQY
MBaAFKywDtYr7vMHChNt2YRf0m4h/SYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckxBTzFpdnU4d2NLRTIzWmhGX1NiaUg5SmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8zYTdlY2MtNDU5MS00YWRjLTk4ODAt
YWFjODlmMmYxN2NkLzEvS2ZlVHcxS3Zxb0tURVRTLWxRNDlteldHVE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8zYTdlY2MtNDU5MS00YWRjLTk4ODAtYWFjODlmMmYxN2Nk
LzEvckxBTzFpdnU4d2NLRTIzWmhGX1NiaUg5SmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLuJQAwQD
V+14AwQDXb8wAwQCuZLsMA0EAgACMAcDBQMqAgQgMA0GCSqGSIb3DQEBCwUAA4IB
AQAPoNycnsfVvLNg2pmS7NOqvv89XFYXX26QpHSlWWOpoGvkpCNMksTu7sHrTKfu
UdNtWy8boPZ9DnZvG6PUVoYnP4Y+WuRirw85eSvrduTHs7XyYTIeCZ+KwVyLBHu0
9QlRVtdq+a62zXZ0xJ4A6CEoZ/vAxW+gvu30RJNu0v/EZgrz8R1w7tOf8E4sE8+w
xLjuMt0uvNxQGQ4iXXGrpdCfJF7Zu21i94AqcfKbLNfr28a74yZi8YG0nCjla2vT
NFVV0tQPrY3O+2szfGkSQtCk6RKIEUROrvQAFGe3pgFw3WcA3Ij1VFiWlN5o/yo0
rVyVp2g20WwFr+LzmVm3M5eZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:51 2024 by rpki-client on console-fra.rpki-client.org