Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/KM8XKwdKBacB6LXmuG5cUNtRzQA.roa
File: KM8XKwdKBacB6LXmuG5cUNtRzQA.roa (raw, json)
Hash identifier: tTq67wcTWYTk3vm12rKRAMJDIRYlPqgdPbV0LDTR7mY=
Subject key identifier: 28:CF:17:2B:07:4A:05:A7:01:E8:B5:E6:B8:6E:5C:50:DB:51:CD:00
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0185714C0D2548592FD64362662AB9E9C565
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/KM8XKwdKBacB6LXmuG5cUNtRzQA.roa
Signing time: Mon 02 Jan 2023 07:04:47 +0000
ROA not before: Mon 02 Jan 2023 07:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34494
IP address blocks: 91.211.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:0d:25:48:59:2f:d6:43:62:66:2a:b9:e9:c5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 2 07:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28cf172b074a05a701e8b5e6b86e5c50db51cd00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:31:84:73:67:c6:a1:88:ed:37:ff:17:dc:c8:
33:b3:02:d4:35:73:70:9f:bd:a3:a7:9f:4d:60:13:
f8:e1:91:15:56:2a:69:9a:d8:0b:ec:ad:28:f9:b6:
e8:06:f1:5c:d9:05:99:e3:c3:c3:21:38:1c:76:7e:
4b:71:c6:69:eb:d3:20:dc:79:d0:d1:a3:9f:03:c0:
68:15:20:ad:c9:ca:fd:95:b5:f3:6b:31:3d:96:41:
49:11:ab:ce:15:af:88:c2:8c:18:a6:9d:24:ea:eb:
3a:98:ef:61:e6:02:e7:0e:a1:60:aa:16:a3:00:7f:
d2:54:92:9f:26:89:c5:08:15:16:28:45:de:17:fe:
d5:91:a0:2f:c3:28:77:78:98:49:9f:58:c6:64:d0:
36:68:56:e6:e9:4a:94:2d:24:e6:40:86:b6:af:9b:
a7:42:2b:ae:14:6f:9e:e0:8e:66:a1:78:11:d5:35:
b5:c4:1a:30:fa:64:38:9f:0f:05:c4:ef:b8:28:37:
ee:14:54:08:53:dd:67:7b:ac:cf:cc:39:c3:36:39:
8c:d7:f3:40:c3:2f:ad:08:bd:49:8d:2b:45:99:e7:
01:a6:3e:ac:f0:be:2d:1a:a3:5e:1c:83:a7:f7:49:
16:c0:61:e1:b1:29:df:7a:94:b8:f4:f9:f0:bf:56:
3e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CF:17:2B:07:4A:05:A7:01:E8:B5:E6:B8:6E:5C:50:DB:51:CD:00
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/KM8XKwdKBacB6LXmuG5cUNtRzQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.100.0/22
Signature Algorithm: sha256WithRSAEncryption
03:fc:e1:6f:82:35:82:ef:a1:c3:4f:05:32:04:4a:88:f6:79:
d8:b3:e8:c6:df:3c:01:08:b5:f3:14:82:99:fe:37:8e:01:03:
db:c9:c5:36:d8:d4:33:d0:ee:54:3a:f9:3f:47:af:23:bb:64:
58:96:87:b5:cf:7e:33:81:de:30:01:df:00:76:da:f7:c2:d0:
c8:86:1c:cf:0d:e1:77:44:c2:ca:51:7a:f4:4d:69:4e:0d:51:
56:11:b7:cc:3e:09:dc:3b:21:87:3d:4d:b9:63:3a:dc:a5:76:
69:7b:de:89:d9:89:09:ba:a5:b8:d2:22:ec:f6:e6:aa:59:54:
88:18:1a:ce:81:3e:ae:f1:e1:4e:04:33:a9:b1:26:b7:3c:d0:
42:74:93:d5:a2:4f:82:5e:e1:cf:2e:ef:cf:db:7b:16:a5:db:
0f:87:90:95:48:1d:c9:b1:27:0c:d7:16:e2:e8:49:ff:e0:87:
9b:b1:72:86:92:09:28:0d:f3:1c:cc:e4:68:c4:1b:b6:92:55:
cd:36:83:99:92:e1:e1:b6:cc:ee:c0:e4:b1:c0:39:ae:f7:2b:
51:e3:95:58:15:41:4b:92:6f:0d:56:06:56:9e:02:bb:29:58:
a9:d1:42:f9:8e:6e:38:37:a3:c3:00:ab:94:d7:c8:ed:43:7b:
99:52:46:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTA0lSFkv1kNiZiq56cVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwMTAyMDcwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNmMTcyYjA3NGEwNWE3MDFlOGI1ZTZiODZlNWM1MGRiNTFjZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8jGEc2fGoYjtN/8X3MgzswLUNXNw
n72jp59NYBP44ZEVVippmtgL7K0o+bboBvFc2QWZ48PDITgcdn5LccZp69Mg3HnQ
0aOfA8BoFSCtycr9lbXzazE9lkFJEavOFa+IwowYpp0k6us6mO9h5gLnDqFgqhaj
AH/SVJKfJonFCBUWKEXeF/7VkaAvwyh3eJhJn1jGZNA2aFbm6UqULSTmQIa2r5un
QiuuFG+e4I5moXgR1TW1xBow+mQ4nw8FxO+4KDfuFFQIU91ne6zPzDnDNjmM1/NA
wy+tCL1JjStFmecBpj6s8L4tGqNeHIOn90kWwGHhsSnfepS49Pnwv1Y+qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjPFysHSgWnAei15rhuXFDbUc0AMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvS004WEt3ZEtCYWNCNkxYbXVHNWNVTnRSelFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9NkMA0G
CSqGSIb3DQEBCwUAA4IBAQAD/OFvgjWC76HDTwUyBEqI9nnYs+jG3zwBCLXzFIKZ
/jeOAQPbycU22NQz0O5UOvk/R68ju2RYloe1z34zgd4wAd8Adtr3wtDIhhzPDeF3
RMLKUXr0TWlODVFWEbfMPgncOyGHPU25YzrcpXZpe96J2YkJuqW40iLs9uaqWVSI
GBrOgT6u8eFOBDOpsSa3PNBCdJPVok+CXuHPLu/P23sWpdsPh5CVSB3JsScM1xbi
6En/4IebsXKGkgkoDfMczORoxBu2klXNNoOZkuHhtszuwOSxwDmu9ytR45VYFUFL
km8NVgZWngK7KVip0UL5jm44N6PDAKuU18jtQ3uZUkZ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org