Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/kCv-LybA-HZA37gxSlB3mgfBSwQ.roa
File: kCv-LybA-HZA37gxSlB3mgfBSwQ.roa (raw, json)
Hash identifier: DzYELrhcY3YpjjkzmokHhxxOQk5NRimFyHjW1do/uRE=
Subject key identifier: 90:2B:FE:2F:26:C0:F8:76:40:DF:B8:31:4A:50:77:9A:07:C1:4B:04
Certificate issuer: /CN=3b308e9be3a85b0f4901f35e7cf1fb759b49fee7
Certificate serial: 018A21A4F8194A33C89BCFE0A345A97403F4
Authority key identifier: 3B:30:8E:9B:E3:A8:5B:0F:49:01:F3:5E:7C:F1:FB:75:9B:49:FE:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzCOm-OoWw9JAfNefPH7dZtJ_uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/kCv-LybA-HZA37gxSlB3mgfBSwQ.roa
Signing time: Wed 23 Aug 2023 09:06:14 +0000
ROA not before: Wed 23 Aug 2023 09:06:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197071
IP address blocks: 185.53.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 14:57:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:a4:f8:19:4a:33:c8:9b:cf:e0:a3:45:a9:74:03:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b308e9be3a85b0f4901f35e7cf1fb759b49fee7
Validity
Not Before: Aug 23 09:06:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=902bfe2f26c0f87640dfb8314a50779a07c14b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3b:c9:02:29:89:89:bd:3a:1d:bf:6a:14:4c:
82:15:72:28:92:fd:2f:20:41:d6:31:5e:b3:c0:ad:
d8:1b:62:9a:75:81:1d:0b:da:73:d5:fc:00:5b:a4:
e4:c3:88:47:d2:7c:3b:e5:d9:07:23:73:ff:d9:ad:
17:c1:57:e1:3c:94:13:42:1e:49:6d:a9:d3:dc:e1:
4f:4f:e6:eb:b7:25:3c:48:a4:b1:c4:73:be:2a:5e:
98:13:66:b4:59:08:61:26:26:ca:d4:5b:36:a8:e9:
22:86:0d:ac:29:bd:61:69:6a:98:a1:4c:4e:41:39:
57:c1:36:a1:be:87:ff:f8:25:b2:66:d6:e8:17:50:
c7:b4:67:70:67:10:a6:5e:f0:bf:14:74:33:e0:13:
f9:f3:52:91:27:0e:cc:d9:7d:ff:fc:63:5e:bd:eb:
51:d5:b6:6b:b6:70:cb:c7:44:aa:5e:5e:8c:e4:b6:
c4:85:0b:24:fe:7e:2f:90:5f:2b:d3:e0:f1:f0:f0:
a4:fa:21:db:a0:0f:8c:db:15:60:52:82:df:59:9b:
f6:84:ab:42:a7:56:c8:25:19:12:b2:f0:8f:ff:1a:
d8:ac:d4:9e:75:b7:a7:b6:ee:2a:e7:46:43:54:e4:
8b:aa:fe:90:bb:19:bd:fd:f5:80:d4:67:8e:f8:15:
8f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2B:FE:2F:26:C0:F8:76:40:DF:B8:31:4A:50:77:9A:07:C1:4B:04
X509v3 Authority Key Identifier:
keyid:3B:30:8E:9B:E3:A8:5B:0F:49:01:F3:5E:7C:F1:FB:75:9B:49:FE:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzCOm-OoWw9JAfNefPH7dZtJ_uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/kCv-LybA-HZA37gxSlB3mgfBSwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/OzCOm-OoWw9JAfNefPH7dZtJ_uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.249.0/24
Signature Algorithm: sha256WithRSAEncryption
63:f5:d5:1d:ab:f5:03:ea:dc:c6:66:27:34:bf:02:75:2f:aa:
36:79:4a:82:4e:62:20:9d:86:23:c0:3e:28:ba:45:2d:45:5d:
e2:0b:db:18:ce:0e:58:42:7c:df:ba:1b:a9:af:2a:16:99:f0:
9c:2f:9c:b6:3e:a6:f4:17:7d:38:9a:69:3c:6e:f4:dd:1a:07:
0d:98:5c:14:bc:51:1c:4c:c2:3e:32:10:7a:eb:dc:72:4b:e7:
be:dd:86:bb:04:37:fd:df:51:7c:01:fa:46:94:91:fe:aa:a3:
d8:f9:1f:42:b3:05:2e:39:cf:3c:8c:36:11:7c:35:2f:8e:9e:
ef:fa:a8:ce:75:e7:88:94:1d:58:bb:19:b9:1b:0f:62:78:ab:
a5:1b:b2:9c:13:fa:f6:7e:38:fc:87:ed:b5:a8:e9:9a:15:79:
39:36:a5:21:a0:5e:2d:dc:3d:f7:3a:25:05:7e:82:c0:cf:eb:
b1:50:95:b5:b7:5a:8a:d9:f8:60:ac:95:df:7a:c7:d9:cb:af:
df:36:9c:5c:d3:f4:01:c3:07:a9:2b:6c:1e:ea:0d:19:77:82:
e1:d3:1c:4a:1b:ea:51:4f:8b:54:28:03:ca:22:e0:52:0e:42:
c4:3e:f4:94:1c:2a:fd:e1:7c:ee:ad:07:ad:1c:6f:12:ea:7d:
0d:72:02:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYohpPgZSjPIm8/go0WpdAP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzA4ZTliZTNhODViMGY0OTAxZjM1ZTdjZjFmYjc1OWI0
OWZlZTcwHhcNMjMwODIzMDkwNjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDJiZmUyZjI2YzBmODc2NDBkZmI4MzE0YTUwNzc5YTA3YzE0YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjvJAimJib06Hb9qFEyCFXIokv0v
IEHWMV6zwK3YG2KadYEdC9pz1fwAW6Tkw4hH0nw75dkHI3P/2a0XwVfhPJQTQh5J
banT3OFPT+brtyU8SKSxxHO+Kl6YE2a0WQhhJibK1Fs2qOkihg2sKb1haWqYoUxO
QTlXwTahvof/+CWyZtboF1DHtGdwZxCmXvC/FHQz4BP581KRJw7M2X3//GNevetR
1bZrtnDLx0SqXl6M5LbEhQsk/n4vkF8r0+Dx8PCk+iHboA+M2xVgUoLfWZv2hKtC
p1bIJRkSsvCP/xrYrNSedbentu4q50ZDVOSLqv6Quxm9/fWA1GeO+BWP+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAr/i8mwPh2QN+4MUpQd5oHwUsEMB8GA1UdIwQY
MBaAFDswjpvjqFsPSQHzXnzx+3WbSf7nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pDT20tT29XdzlKQWZOZWZQSDdkWnRKX3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xNGE0NmQtMmQ5Mi00ZTc1LTg4ZGEt
MWY5ZDhlMjM2ZTI1LzEva0N2LUx5YkEtSFpBMzdneFNsQjNtZ2ZCU3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xNGE0NmQtMmQ5Mi00ZTc1LTg4ZGEtMWY5ZDhlMjM2ZTI1
LzEvT3pDT20tT29XdzlKQWZOZWZQSDdkWnRKX3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTX5MA0G
CSqGSIb3DQEBCwUAA4IBAQBj9dUdq/UD6tzGZic0vwJ1L6o2eUqCTmIgnYYjwD4o
ukUtRV3iC9sYzg5YQnzfuhupryoWmfCcL5y2Pqb0F304mmk8bvTdGgcNmFwUvFEc
TMI+MhB669xyS+e+3Ya7BDf931F8AfpGlJH+qqPY+R9CswUuOc88jDYRfDUvjp7v
+qjOdeeIlB1Yuxm5Gw9ieKulG7KcE/r2fjj8h+21qOmaFXk5NqUhoF4t3D33OiUF
foLAz+uxUJW1t1qK2fhgrJXfesfZy6/fNpxc0/QBwwepK2we6g0Zd4Lh0xxKG+pR
T4tUKAPKIuBSDkLEPvSUHCr94XzurQetHG8S6n0NcgLq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org