Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/kwp088idR_P1HZ2QUz7AaxYiycg.roa
File: kwp088idR_P1HZ2QUz7AaxYiycg.roa (raw, json)
Hash identifier: yxmnGZ+9vmnWk2wo1jIz/EcCyekvD6WpmJI/9DEejeo=
Subject key identifier: 93:0A:74:F3:C8:9D:47:F3:F5:1D:9D:90:53:3E:C0:6B:16:22:C9:C8
Certificate issuer: /CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Certificate serial: 018E0E0437D69F4B93A5251CDE90D0F527D0
Authority key identifier: 57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/kwp088idR_P1HZ2QUz7AaxYiycg.roa
Signing time: Tue 05 Mar 2024 09:49:01 +0000
ROA not before: Tue 05 Mar 2024 09:49:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202214
IP address blocks: 185.50.64.0/22 maxlen: 22
185.50.64.0/23 maxlen: 24
185.50.65.0/24 maxlen: 24
185.50.66.0/23 maxlen: 24
185.50.67.0/24 maxlen: 24
2a01:a6a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Mar 2024 09:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:04:37:d6:9f:4b:93:a5:25:1c:de:90:d0:f5:27:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Validity
Not Before: Mar 5 09:49:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=930a74f3c89d47f3f51d9d90533ec06b1622c9c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:13:9b:97:7e:05:30:1c:f3:b1:e6:55:50:
80:e8:d5:87:82:80:1b:6d:82:28:e2:5b:46:7e:ff:
ee:bd:50:67:e5:5a:56:48:de:22:7e:2b:d6:47:88:
30:e3:19:eb:5e:9e:c8:9d:3e:1c:34:b8:67:91:6d:
94:e2:ee:6b:36:d2:b1:d5:4d:58:22:de:78:2d:7d:
1f:32:3f:ba:dc:45:59:d4:0f:fc:c3:3c:a3:79:18:
d7:89:63:72:ff:7c:95:f1:23:16:5b:c0:0b:e9:76:
28:9b:46:94:76:b5:f6:37:de:db:0e:e4:7d:ae:3e:
28:14:61:70:8f:0e:ca:95:3a:54:36:ba:4c:43:f0:
75:58:23:c9:af:2f:e5:8f:3f:26:cc:13:8a:e4:9a:
e8:e1:22:5b:c4:b9:03:31:c3:09:74:92:48:89:7e:
68:39:f3:3d:6d:21:3d:82:33:43:bc:f6:ec:2f:5b:
73:78:2c:59:2a:98:1d:3a:14:26:32:5c:ce:a1:05:
a7:e6:e7:bd:2f:89:86:5e:4c:99:aa:7c:90:5a:a0:
bc:11:03:26:c7:60:37:1b:d7:02:80:4c:8c:fa:76:
41:fd:0d:4c:5c:11:6e:0c:5a:53:32:8c:61:69:12:
3f:20:03:3e:89:22:b6:37:02:1d:e1:da:55:df:38:
60:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0A:74:F3:C8:9D:47:F3:F5:1D:9D:90:53:3E:C0:6B:16:22:C9:C8
X509v3 Authority Key Identifier:
keyid:57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/kwp088idR_P1HZ2QUz7AaxYiycg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/V04loW5dOqEQrF6DNfiPY-VLQvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.64.0/22
IPv6:
2a01:a6a0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:5c:79:d7:cb:5d:a2:cc:ba:f8:03:3d:75:0c:58:62:46:a0:
47:1e:a8:6b:1a:35:29:0a:a9:b3:fe:66:6d:b1:7b:49:31:73:
04:ae:c3:50:12:c4:3f:ec:44:47:48:96:60:5e:7d:8f:11:78:
24:14:93:8e:64:21:ae:0e:ae:e0:d4:46:33:e9:ab:81:91:a6:
9d:df:9a:a9:f0:b7:83:3e:ce:af:ca:e0:1a:25:48:14:39:d6:
b6:5d:6f:f5:7f:b1:bb:48:b2:7e:d4:9d:76:4d:ee:6a:70:ac:
5f:79:56:63:c3:ff:e6:be:b2:25:51:22:22:7d:75:53:29:90:
c8:35:59:1e:1a:dd:bb:0b:6f:40:14:a0:6f:08:dd:0c:3c:7a:
5a:0a:3a:c2:6f:02:ec:68:e2:c4:f2:96:4d:f4:37:0a:02:26:
bf:a0:c4:54:ed:5d:d7:c9:f0:c8:38:69:6f:e5:12:74:db:44:
e9:54:65:6e:bc:2a:e6:ea:c8:07:76:c3:ec:5f:0a:60:5a:02:
ce:76:9c:3f:36:4c:1d:f0:f6:ad:ec:cc:40:d2:51:87:c4:c2:
6c:cf:18:88:26:15:7c:ac:52:d0:71:13:7d:aa:52:ce:7a:03:
84:ba:92:75:86:db:39:3d:8c:8a:b1:f3:03:93:c8:63:68:db:
97:a9:65:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4OBDfWn0uTpSUc3pDQ9SfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGUyNWExNmU1ZDNhYTExMGFjNWU4MzM1Zjg4ZjYzZTU0
YjQyZjEwHhcNMjQwMzA1MDk0OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzBhNzRmM2M4OWQ0N2YzZjUxZDlkOTA1MzNlYzA2YjE2MjJjOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDsTm5d+BTAc87HmVVCA6NWHgoAb
bYIo4ltGfv/uvVBn5VpWSN4ifivWR4gw4xnrXp7InT4cNLhnkW2U4u5rNtKx1U1Y
It54LX0fMj+63EVZ1A/8wzyjeRjXiWNy/3yV8SMWW8AL6XYom0aUdrX2N97bDuR9
rj4oFGFwjw7KlTpUNrpMQ/B1WCPJry/ljz8mzBOK5Jro4SJbxLkDMcMJdJJIiX5o
OfM9bSE9gjNDvPbsL1tzeCxZKpgdOhQmMlzOoQWn5ue9L4mGXkyZqnyQWqC8EQMm
x2A3G9cCgEyM+nZB/Q1MXBFuDFpTMoxhaRI/IAM+iSK2NwId4dpV3zhgpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJMKdPPInUfz9R2dkFM+wGsWIsnIMB8GA1UdIwQY
MBaAFFdOJaFuXTqhEKxegzX4j2PlS0LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEt
NTcxYWYwNjZjZjFlLzEva3dwMDg4aWRSX1AxSFoyUVV6N0FheFlpeWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEtNTcxYWYwNjZjZjFl
LzEvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTJAMA0E
AgACMAcDBQAqAaagMA0GCSqGSIb3DQEBCwUAA4IBAQA/XHnXy12izLr4Az11DFhi
RqBHHqhrGjUpCqmz/mZtsXtJMXMErsNQEsQ/7ERHSJZgXn2PEXgkFJOOZCGuDq7g
1EYz6auBkaad35qp8LeDPs6vyuAaJUgUOda2XW/1f7G7SLJ+1J12Te5qcKxfeVZj
w//mvrIlUSIifXVTKZDINVkeGt27C29AFKBvCN0MPHpaCjrCbwLsaOLE8pZN9DcK
Aia/oMRU7V3XyfDIOGlv5RJ020TpVGVuvCrm6sgHdsPsXwpgWgLOdpw/Nkwd8Pat
7MxA0lGHxMJszxiIJhV8rFLQcRN9qlLOegOEupJ1hts5PYyKsfMDk8hjaNuXqWXC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:16 2024 by rpki-client on console-fra.rpki-client.org