Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/KwEpcTKIDrKZ_W_IuuQEmNVZY0E.roa
File: KwEpcTKIDrKZ_W_IuuQEmNVZY0E.roa (raw, json)
Hash identifier: BziwC1jTrUkaNS1AdTesuC1y0U1y9Z9Ch6mT2UiybOY=
Subject key identifier: 2B:01:29:71:32:88:0E:B2:99:FD:6F:C8:BA:E4:04:98:D5:59:63:41
Certificate issuer: /CN=ec6d47b47e05b13d058b1cb42529a7c1866dcdf2
Certificate serial: 01856D6639A4D26EC8A92F8B35CF114D76DD
Authority key identifier: EC:6D:47:B4:7E:05:B1:3D:05:8B:1C:B4:25:29:A7:C1:86:6D:CD:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7G1HtH4FsT0Fixy0JSmnwYZtzfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/KwEpcTKIDrKZ_W_IuuQEmNVZY0E.roa
Signing time: Sun 01 Jan 2023 12:54:54 +0000
ROA not before: Sun 01 Jan 2023 12:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60532
IP address blocks: 88.218.228.0/22 maxlen: 22
185.23.190.0/23 maxlen: 23
185.23.189.0/24 maxlen: 24
2a04:26c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:39:a4:d2:6e:c8:a9:2f:8b:35:cf:11:4d:76:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6d47b47e05b13d058b1cb42529a7c1866dcdf2
Validity
Not Before: Jan 1 12:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b01297132880eb299fd6fc8bae40498d5596341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f7:47:7e:4c:6c:86:80:47:fc:04:eb:03:70:
46:2f:ec:52:f5:25:bf:ea:d7:76:b0:bf:af:bb:dc:
20:5d:d4:3d:03:8c:6a:d3:69:1a:e7:97:aa:18:ca:
2f:3d:97:62:6d:e0:70:bd:7e:50:46:8c:d9:24:99:
a4:d3:3b:23:61:8d:57:15:de:14:10:b7:ee:28:a3:
8a:b3:6c:37:a3:57:b1:b8:05:07:c7:3c:91:c6:ad:
8f:5c:ab:42:9e:f4:02:9d:a7:26:2d:6a:5f:19:5b:
df:9a:f5:db:5d:6b:96:4d:ec:d7:3d:95:de:5e:42:
7f:64:a4:16:b2:ad:7c:41:8a:2c:69:fb:ae:9b:9f:
1e:a1:1e:17:07:89:94:08:a1:45:59:42:96:2c:99:
ae:7e:07:8f:eb:0f:ce:ec:8b:38:24:d0:f5:25:f8:
87:a1:2b:39:0d:93:30:fc:19:97:41:85:b6:a9:2d:
54:3b:98:d1:5b:c3:3b:bf:fb:18:b9:d0:b0:6b:eb:
98:06:33:8c:a2:d2:d6:73:9c:6f:d7:da:12:f0:65:
2f:f4:7b:28:63:a7:65:ee:25:ba:b8:09:49:68:3a:
40:ae:4f:91:39:97:f9:b7:a5:48:bb:d3:d1:3d:66:
f2:e4:8a:7b:9c:3e:69:ca:87:6e:0d:6a:e4:4f:19:
29:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:01:29:71:32:88:0E:B2:99:FD:6F:C8:BA:E4:04:98:D5:59:63:41
X509v3 Authority Key Identifier:
keyid:EC:6D:47:B4:7E:05:B1:3D:05:8B:1C:B4:25:29:A7:C1:86:6D:CD:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7G1HtH4FsT0Fixy0JSmnwYZtzfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/KwEpcTKIDrKZ_W_IuuQEmNVZY0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/7G1HtH4FsT0Fixy0JSmnwYZtzfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.228.0/22
185.23.189.0-185.23.191.255
IPv6:
2a04:26c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:55:53:6a:7e:6a:13:81:1f:98:45:e8:9b:9c:c7:c2:84:26:
d4:0a:a9:17:8c:bd:aa:df:fd:eb:09:f6:8c:65:7f:d1:b1:09:
2d:2f:e8:f4:df:96:d2:0b:92:59:a4:68:41:a2:b1:96:9a:8b:
f3:fd:2c:89:53:db:d3:b2:e4:f3:0c:11:7a:37:40:f6:26:2b:
d5:32:a0:ea:7e:46:ed:55:04:1b:48:ce:ee:f9:e1:74:73:a2:
8e:f3:78:c6:9e:0f:41:29:2b:ab:5f:e9:9e:66:c7:49:ab:87:
a1:ee:c1:87:0e:59:e8:45:dc:1b:74:9d:54:3a:55:d1:74:52:
75:25:9a:50:0a:58:61:ca:73:17:d3:c0:7f:3e:04:df:d1:07:
c5:86:85:75:6e:62:0c:53:72:45:a5:71:fd:89:4a:f0:52:ec:
a5:8d:6f:3b:28:99:f9:f3:5b:ff:76:1b:75:06:9c:51:30:de:
3f:11:a5:17:a7:b3:6c:6a:9b:d8:85:02:d1:cd:e9:f5:34:5e:
f8:30:f2:48:0d:28:3a:8f:c3:19:f9:46:51:54:8e:c6:c2:97:
70:67:8e:fc:7b:c9:60:1c:58:80:e3:3f:d6:3c:fd:87:ec:77:
73:2a:1d:d1:4e:86:3f:a4:8c:e9:44:8d:15:fc:2a:6b:63:f8:
f0:91:5c:bf
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtZjmk0m7IqS+LNc8RTXbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmQ0N2I0N2UwNWIxM2QwNThiMWNiNDI1MjlhN2MxODY2
ZGNkZjIwHhcNMjMwMTAxMTI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjAxMjk3MTMyODgwZWIyOTlmZDZmYzhiYWU0MDQ5OGQ1NTk2MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvdHfkxshoBH/ATrA3BGL+xS9SW/
6td2sL+vu9wgXdQ9A4xq02ka55eqGMovPZdibeBwvX5QRozZJJmk0zsjYY1XFd4U
ELfuKKOKs2w3o1exuAUHxzyRxq2PXKtCnvQCnacmLWpfGVvfmvXbXWuWTezXPZXe
XkJ/ZKQWsq18QYosafuum58eoR4XB4mUCKFFWUKWLJmufgeP6w/O7Is4JND1JfiH
oSs5DZMw/BmXQYW2qS1UO5jRW8M7v/sYudCwa+uYBjOMotLWc5xv19oS8GUv9Hso
Y6dl7iW6uAlJaDpArk+ROZf5t6VIu9PRPWby5Ip7nD5pyoduDWrkTxkpSwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCsBKXEyiA6ymf1vyLrkBJjVWWNBMB8GA1UdIwQY
MBaAFOxtR7R+BbE9BYsctCUpp8GGbc3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0cxSHRINEZzVDBGaXh5MEpTbW53WVp0emZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yYTU5MWMtM2M0YS00Mjg4LWJlOTEt
YzM5YWRiOThmNDI5LzEvS3dFcGNUS0lEcktaX1dfSXV1UUVtTlZaWTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yYTU5MWMtM2M0YS00Mjg4LWJlOTEtYzM5YWRiOThmNDI5
LzEvN0cxSHRINEZzVDBGaXh5MEpTbW53WVp0emZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCWNrkMAwD
BAC5F70DBAa5F4AwDQQCAAIwBwMFAyoEJsAwDQYJKoZIhvcNAQELBQADggEBAExV
U2p+ahOBH5hF6Jucx8KEJtQKqReMvarf/esJ9oxlf9GxCS0v6PTfltILklmkaEGi
sZaai/P9LIlT29Oy5PMMEXo3QPYmK9UyoOp+Ru1VBBtIzu754XRzoo7zeMaeD0Ep
K6tf6Z5mx0mrh6HuwYcOWehF3Bt0nVQ6VdF0UnUlmlAKWGHKcxfTwH8+BN/RB8WG
hXVuYgxTckWlcf2JSvBS7KWNbzsomfnzW/92G3UGnFEw3j8RpRens2xqm9iFAtHN
6fU0Xvgw8kgNKDqPwxn5RlFUjsbCl3Bnjvx7yWAcWIDjP9Y8/Yfsd3MqHdFOhj+k
jOlEjRX8Kmtj+PCRXL8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:04 2024 by rpki-client on console-ams.rpki-client.org