Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/193e1f-f70e-4df7-a04c-746faed2f561/1/f_KSBx2zKqTNgLVpcDpcqQh4PKg.roa
File: f_KSBx2zKqTNgLVpcDpcqQh4PKg.roa (raw, json)
Hash identifier: vfiIHiKAWlAyTbnHGfU8tGZcauiW9JyMPtmAjnMZg6A=
Subject key identifier: 7F:F2:92:07:1D:B3:2A:A4:CD:80:B5:69:70:3A:5C:A9:08:78:3C:A8
Certificate issuer: /CN=432eab6fd0778faa8fe7cf2f806d964c4aa93813
Certificate serial: 018570D526A436163F1ADF90E6C36E4CBA9A
Authority key identifier: 43:2E:AB:6F:D0:77:8F:AA:8F:E7:CF:2F:80:6D:96:4C:4A:A9:38:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy6rb9B3j6qP588vgG2WTEqpOBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/193e1f-f70e-4df7-a04c-746faed2f561/1/f_KSBx2zKqTNgLVpcDpcqQh4PKg.roa
Signing time: Mon 02 Jan 2023 04:54:55 +0000
ROA not before: Mon 02 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59437
IP address blocks: 185.251.18.0/24 maxlen: 24
2a0b:d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:26:a4:36:16:3f:1a:df:90:e6:c3:6e:4c:ba:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432eab6fd0778faa8fe7cf2f806d964c4aa93813
Validity
Not Before: Jan 2 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ff292071db32aa4cd80b569703a5ca908783ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cc:16:00:44:f5:69:12:74:0d:43:4f:53:32:
9a:da:ee:6b:04:2b:58:61:9e:3f:53:9a:c1:9f:15:
32:9c:97:3e:53:3d:54:aa:a0:35:8a:03:d5:ac:9f:
13:ca:ae:04:1c:b9:ed:49:b5:f1:97:fd:c4:01:2a:
ea:de:d5:ef:c7:bd:60:c0:7b:7b:b2:24:87:31:f9:
fb:a7:3d:eb:c8:9b:09:29:78:c2:38:c9:35:a5:a8:
53:a5:db:ec:65:8c:d4:f5:1a:76:77:ec:4d:1d:d8:
07:ef:3d:11:a0:a8:52:3d:a5:69:e5:74:39:20:d9:
3a:ef:6f:f6:5a:ec:ce:b7:20:cb:17:47:54:a8:ae:
06:18:29:23:30:99:67:24:69:ee:07:8e:44:0d:e1:
77:84:94:fa:75:b4:11:41:f0:9f:3c:02:45:4b:5e:
01:6e:49:4c:eb:eb:f3:8d:2d:47:13:32:1d:70:45:
4b:66:fb:f9:d8:97:d2:ae:93:7f:14:b6:b0:de:ec:
e7:3f:88:f6:5e:04:13:65:51:a9:fd:6b:ef:df:77:
d0:94:95:d2:45:44:34:ca:ac:12:47:26:0e:5e:15:
3c:ac:ed:70:50:78:50:fb:8d:9e:68:53:ce:fa:7f:
c4:a2:71:ef:5a:8c:1d:24:9d:0c:0e:27:eb:95:02:
7f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F2:92:07:1D:B3:2A:A4:CD:80:B5:69:70:3A:5C:A9:08:78:3C:A8
X509v3 Authority Key Identifier:
keyid:43:2E:AB:6F:D0:77:8F:AA:8F:E7:CF:2F:80:6D:96:4C:4A:A9:38:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy6rb9B3j6qP588vgG2WTEqpOBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/193e1f-f70e-4df7-a04c-746faed2f561/1/f_KSBx2zKqTNgLVpcDpcqQh4PKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/193e1f-f70e-4df7-a04c-746faed2f561/1/Qy6rb9B3j6qP588vgG2WTEqpOBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.18.0/24
IPv6:
2a0b:d40::/29
Signature Algorithm: sha256WithRSAEncryption
82:e9:97:3f:6e:6b:3f:df:50:a1:e4:fc:0e:93:f6:eb:c5:05:
99:2f:7d:3c:a5:01:12:98:bb:f8:5e:88:81:8c:fb:5e:a0:b9:
3a:80:63:ca:d3:38:c9:17:4f:cb:93:f2:89:d9:2f:4b:f2:cf:
88:2e:8d:0f:d1:75:38:cc:bf:fb:ce:e9:4e:ab:09:c0:15:9f:
95:75:dd:28:80:c7:e1:e2:15:27:8c:d8:1a:26:d1:cb:89:31:
b2:ac:79:12:fe:d6:8a:5b:da:e1:d2:b0:2a:b6:ce:71:c1:60:
5c:6d:a1:fd:31:c2:f5:7d:a8:57:62:06:cf:9f:b0:12:7d:90:
34:3b:d4:57:f2:03:dc:ca:db:b0:42:56:8d:0a:ad:8c:c0:e1:
a5:e0:67:d7:6d:03:05:a9:28:4b:09:ab:ac:a0:a4:fa:1c:43:
54:2a:ce:41:af:fb:85:08:04:55:19:7e:c7:93:fd:b2:3c:0f:
92:78:5f:b2:b9:bb:8f:6e:c9:e3:06:f7:27:ef:11:9c:80:bc:
c1:56:1d:46:35:26:64:81:c4:75:80:f9:bf:d6:0d:ec:76:dd:
d0:f2:98:35:a2:85:03:66:02:42:bb:43:cf:10:ff:03:e1:2c:
2d:4d:1e:0d:dd:0b:f7:2c:52:dc:12:11:c2:d5:e2:f3:8f:83:
4d:8f:25:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw1SakNhY/Gt+Q5sNuTLqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmVhYjZmZDA3NzhmYWE4ZmU3Y2YyZjgwNmQ5NjRjNGFh
OTM4MTMwHhcNMjMwMTAyMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmYyOTIwNzFkYjMyYWE0Y2Q4MGI1Njk3MDNhNWNhOTA4NzgzY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMwWAET1aRJ0DUNPUzKa2u5rBCtY
YZ4/U5rBnxUynJc+Uz1UqqA1igPVrJ8Tyq4EHLntSbXxl/3EASrq3tXvx71gwHt7
siSHMfn7pz3ryJsJKXjCOMk1pahTpdvsZYzU9Rp2d+xNHdgH7z0RoKhSPaVp5XQ5
INk672/2WuzOtyDLF0dUqK4GGCkjMJlnJGnuB45EDeF3hJT6dbQRQfCfPAJFS14B
bklM6+vzjS1HEzIdcEVLZvv52JfSrpN/FLaw3uznP4j2XgQTZVGp/Wvv33fQlJXS
RUQ0yqwSRyYOXhU8rO1wUHhQ+42eaFPO+n/EonHvWowdJJ0MDifrlQJ/xwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH/ykgcdsyqkzYC1aXA6XKkIeDyoMB8GA1UdIwQY
MBaAFEMuq2/Qd4+qj+fPL4BtlkxKqTgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXk2cmI5QjNqNnFQNTg4dmdHMldURXFwT0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xOTNlMWYtZjcwZS00ZGY3LWEwNGMt
NzQ2ZmFlZDJmNTYxLzEvZl9LU0J4MnpLcVROZ0xWcGNEcGNxUWg0UEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xOTNlMWYtZjcwZS00ZGY3LWEwNGMtNzQ2ZmFlZDJmNTYx
LzEvUXk2cmI5QjNqNnFQNTg4dmdHMldURXFwT0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufsSMA0E
AgACMAcDBQMqCw1AMA0GCSqGSIb3DQEBCwUAA4IBAQCC6Zc/bms/31Ch5PwOk/br
xQWZL308pQESmLv4XoiBjPteoLk6gGPK0zjJF0/Lk/KJ2S9L8s+ILo0P0XU4zL/7
zulOqwnAFZ+Vdd0ogMfh4hUnjNgaJtHLiTGyrHkS/taKW9rh0rAqts5xwWBcbaH9
McL1fahXYgbPn7ASfZA0O9RX8gPcytuwQlaNCq2MwOGl4GfXbQMFqShLCausoKT6
HENUKs5Br/uFCARVGX7Hk/2yPA+SeF+yubuPbsnjBvcn7xGcgLzBVh1GNSZkgcR1
gPm/1g3sdt3Q8pg1ooUDZgJCu0PPEP8D4SwtTR4N3Qv3LFLcEhHC1eLzj4NNjyW/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:29 2024 by rpki-client on console-fra.rpki-client.org