Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KeciR1_Tpc7rP4lBcHhiyZ1z0Rs.roa
File: KeciR1_Tpc7rP4lBcHhiyZ1z0Rs.roa (raw, json)
Hash identifier: icmOySSkiKdOE5sscdidzvr+mcR8yfowDcIswkFpvag=
Subject key identifier: 29:E7:22:47:5F:D3:A5:CE:EB:3F:89:41:70:78:62:C9:9D:73:D1:1B
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0185719E85A83397A1DB1C0F946D656474C0
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KeciR1_Tpc7rP4lBcHhiyZ1z0Rs.roa
Signing time: Mon 02 Jan 2023 08:34:52 +0000
ROA not before: Mon 02 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51764
IP address blocks: 195.208.202.0/24 maxlen: 24
195.208.203.0/24 maxlen: 24
195.208.200.0/24 maxlen: 24
195.208.201.0/24 maxlen: 24
195.209.100.0/24 maxlen: 24
195.209.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:85:a8:33:97:a1:db:1c:0f:94:6d:65:64:74:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29e722475fd3a5ceeb3f8941707862c99d73d11b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:17:f5:93:db:0f:b9:12:76:a9:1a:de:21:12:
d9:82:39:3a:08:7d:49:74:85:c9:d6:6b:80:ae:38:
c8:77:60:0d:72:9b:60:ae:60:ef:84:37:b2:49:86:
6c:68:9c:a7:cb:c9:0c:46:6e:b1:0e:43:74:fe:cd:
fd:56:84:aa:7d:a4:16:df:a3:42:80:45:a0:e0:fd:
74:d3:63:8f:d1:50:c0:3a:66:b2:bd:78:06:1d:8e:
3d:f2:d0:5c:bf:bd:26:d0:67:13:6d:50:04:14:8b:
0b:70:b8:80:be:0a:97:54:e0:e9:24:00:41:a7:c7:
ca:99:73:67:1e:c1:11:22:ab:52:e3:df:93:30:ca:
eb:ee:41:2b:ed:18:30:db:e2:2a:4f:5d:f5:1e:ea:
20:18:9e:c7:09:85:09:b9:e6:42:c8:50:a2:66:46:
89:63:26:7b:a9:be:10:8a:ec:b5:80:de:1b:63:91:
f6:0a:e7:e5:c1:bb:4a:27:6a:08:5d:fa:9f:0c:a9:
46:b7:0b:a4:ed:97:c0:4c:ad:e7:c3:73:48:bb:64:
2e:ac:0b:dc:40:18:af:87:e8:c5:f4:06:71:96:45:
5f:fa:85:1a:98:80:ff:1f:4d:63:3b:51:f7:aa:c9:
b1:96:0b:c1:f2:8c:4e:40:97:9b:5f:51:a9:4c:fd:
2d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E7:22:47:5F:D3:A5:CE:EB:3F:89:41:70:78:62:C9:9D:73:D1:1B
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KeciR1_Tpc7rP4lBcHhiyZ1z0Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.200.0/22
195.209.100.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:c6:34:9d:4e:90:42:a2:50:b2:39:98:e4:7e:3b:a5:7b:c9:
d8:6e:7a:82:64:fc:43:07:a8:c5:90:36:14:e5:f6:19:5f:a9:
ba:04:35:34:7a:22:29:d6:90:c7:a2:ea:0a:09:99:82:4d:21:
de:e6:9d:29:dd:66:04:09:2d:09:7f:63:7e:3a:f7:f6:47:37:
56:37:07:6b:4f:0e:f0:5a:7e:6c:8d:ba:79:e6:12:39:9d:fe:
28:ad:80:63:59:f1:74:ce:39:17:1e:8c:2b:45:57:3a:18:60:
7c:7a:1f:92:2a:ae:43:e3:71:66:a7:be:a4:ae:a8:9d:4d:15:
ab:11:37:71:04:d6:41:2b:72:a4:96:33:1b:2d:14:5c:ac:73:
21:c3:17:f3:b0:04:35:f9:fc:6e:23:04:21:c0:83:19:ed:a7:
85:5d:2d:fb:3b:9b:1e:16:85:81:7d:42:7f:64:bf:37:3c:87:
6c:05:ce:ff:b2:4b:ae:27:0a:b4:80:24:c3:db:df:b5:47:7f:
b6:f4:d1:b1:a6:72:f3:c1:a2:a7:3d:15:f8:c3:85:7c:6c:d6:
9c:70:f6:6e:ba:c6:67:63:25:26:4b:f6:f7:0a:f4:b9:67:2b:
88:c7:8e:01:c5:aa:a8:08:71:a8:3f:d4:7b:44:17:ad:34:99:
4f:0d:55:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxnoWoM5eh2xwPlG1lZHTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwMTAyMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWU3MjI0NzVmZDNhNWNlZWIzZjg5NDE3MDc4NjJjOTlkNzNkMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBf1k9sPuRJ2qRreIRLZgjk6CH1J
dIXJ1muArjjId2ANcptgrmDvhDeySYZsaJyny8kMRm6xDkN0/s39VoSqfaQW36NC
gEWg4P1002OP0VDAOmayvXgGHY498tBcv70m0GcTbVAEFIsLcLiAvgqXVODpJABB
p8fKmXNnHsERIqtS49+TMMrr7kEr7Rgw2+IqT131HuogGJ7HCYUJueZCyFCiZkaJ
YyZ7qb4Qiuy1gN4bY5H2CuflwbtKJ2oIXfqfDKlGtwuk7ZfATK3nw3NIu2QurAvc
QBivh+jF9AZxlkVf+oUamID/H01jO1H3qsmxlgvB8oxOQJebX1GpTP0t/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnnIkdf06XO6z+JQXB4Ysmdc9EbMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvS2VjaVIxX1RwYzdyUDRsQmNIaGl5WjF6MFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw9DIAwQB
w9FkMA0GCSqGSIb3DQEBCwUAA4IBAQC1xjSdTpBColCyOZjkfjule8nYbnqCZPxD
B6jFkDYU5fYZX6m6BDU0eiIp1pDHouoKCZmCTSHe5p0p3WYECS0Jf2N+Ovf2RzdW
NwdrTw7wWn5sjbp55hI5nf4orYBjWfF0zjkXHowrRVc6GGB8eh+SKq5D43Fmp76k
rqidTRWrETdxBNZBK3KkljMbLRRcrHMhwxfzsAQ1+fxuIwQhwIMZ7aeFXS37O5se
FoWBfUJ/ZL83PIdsBc7/skuuJwq0gCTD29+1R3+29NGxpnLzwaKnPRX4w4V8bNac
cPZuusZnYyUmS/b3CvS5ZyuIx44BxaqoCHGoP9R7RBetNJlPDVXv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org