Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/kjCafEmiTKPbYRR3VzgN2T7tw78.roa
File: kjCafEmiTKPbYRR3VzgN2T7tw78.roa (raw, json)
Hash identifier: bCY0YqbiCNad/LHFdFxGP2m+mt//Sso7Zeo/RcfJYBk=
Subject key identifier: 92:30:9A:7C:49:A2:4C:A3:DB:61:14:77:57:38:0D:D9:3E:ED:C3:BF
Certificate issuer: /CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Certificate serial: 018AAD735099AD82F1F624846E7D8D2C450F
Authority key identifier: 88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/kjCafEmiTKPbYRR3VzgN2T7tw78.roa
Signing time: Tue 19 Sep 2023 12:38:50 +0000
ROA not before: Tue 19 Sep 2023 12:38:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20738
IP address blocks: 185.99.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 16:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:73:50:99:ad:82:f1:f6:24:84:6e:7d:8d:2c:45:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Validity
Not Before: Sep 19 12:38:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92309a7c49a24ca3db61147757380dd93eedc3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a1:b7:2b:8e:17:07:48:a3:73:01:84:d0:bc:
8f:ac:86:14:cc:3e:9b:b4:ab:04:bc:f0:ce:1a:45:
01:39:38:20:81:7b:e0:72:d2:02:c8:86:f3:6c:52:
19:55:18:29:2d:03:f7:d6:14:0b:9f:1b:8e:dd:d8:
2e:7e:36:00:62:40:f1:68:28:10:e2:1c:9a:30:c2:
89:0c:d4:b3:bb:02:04:a1:86:b4:4c:ca:e4:54:a3:
0e:14:98:d0:5f:89:bc:6c:58:4a:4e:a8:64:f3:6f:
2b:5b:be:d3:62:c5:97:4c:e2:e7:c5:b4:14:50:31:
f1:bd:5e:1e:dc:9b:c2:71:ba:62:4c:34:b1:35:73:
e2:d6:50:ac:d9:81:aa:5e:9a:a2:17:4d:11:7d:f5:
19:61:c8:26:c8:c1:e1:04:fe:a0:e7:22:21:45:1b:
05:02:ba:0a:69:1a:fb:0c:09:e0:63:18:06:58:1f:
c0:01:d5:00:e7:da:b5:6f:b1:dd:9e:13:4d:26:a3:
5b:82:69:53:5d:e3:28:9c:a5:c8:f5:06:e8:f1:4f:
70:2a:d1:f5:3a:cb:db:0d:eb:3a:12:19:46:bf:ef:
32:8d:9e:de:57:2d:b3:ec:fc:a7:c5:39:a9:34:ef:
f1:db:05:e6:22:bb:7c:08:3b:0c:98:39:9e:25:7d:
c4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:30:9A:7C:49:A2:4C:A3:DB:61:14:77:57:38:0D:D9:3E:ED:C3:BF
X509v3 Authority Key Identifier:
keyid:88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/kjCafEmiTKPbYRR3VzgN2T7tw78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.236.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:f6:d5:96:fb:88:07:f8:6a:15:ba:50:db:8c:7a:a1:eb:1c:
83:cb:51:64:b0:61:b8:1d:de:07:49:53:68:01:ed:94:5a:2e:
4b:29:2d:3b:2e:43:a2:66:9d:36:aa:61:2b:14:25:e4:50:8f:
16:c4:8e:a1:6d:47:be:69:b2:9e:63:9a:35:3e:9a:23:46:ca:
76:e1:e5:f9:87:a1:5e:92:df:ec:1c:43:60:ff:7b:41:2a:d8:
c9:5e:20:3f:b5:ab:65:1e:cf:5d:fc:21:85:8a:cc:a9:fa:2e:
0b:cf:ed:94:92:f2:cb:c5:c9:0b:b4:4b:3a:52:bd:73:e4:f1:
1f:06:9a:1b:89:c3:96:b2:ff:ea:15:2b:c9:02:a9:02:c2:b9:
9b:f3:29:7e:39:d2:a6:0d:42:8a:c3:f3:65:ac:fb:dd:7d:68:
3e:87:78:4d:43:e5:0a:bc:fd:59:05:e4:3c:15:ca:a9:a3:52:
2a:88:30:d3:90:9a:03:f8:31:41:8d:5c:c7:dd:e9:c5:b5:ec:
6c:47:72:49:83:1e:eb:f3:eb:ee:c6:13:3e:47:99:64:78:4d:
6e:f4:2d:d4:16:5b:99:fd:43:3d:83:f5:33:81:71:8b:e4:b2:
17:db:ee:c8:b9:04:2f:99:6f:2e:44:a5:6d:74:99:12:42:ff:
62:0f:b8:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqtc1CZrYLx9iSEbn2NLEUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmUxOTA1Y2Q3YWYzNmU2M2FkYTYzNjZjMTQ3YjYxZDg1
YzlmMmIwHhcNMjMwOTE5MTIzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjMwOWE3YzQ5YTI0Y2EzZGI2MTE0Nzc1NzM4MGRkOTNlZWRjM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaG3K44XB0ijcwGE0LyPrIYUzD6b
tKsEvPDOGkUBOTgggXvgctICyIbzbFIZVRgpLQP31hQLnxuO3dgufjYAYkDxaCgQ
4hyaMMKJDNSzuwIEoYa0TMrkVKMOFJjQX4m8bFhKTqhk828rW77TYsWXTOLnxbQU
UDHxvV4e3JvCcbpiTDSxNXPi1lCs2YGqXpqiF00RffUZYcgmyMHhBP6g5yIhRRsF
AroKaRr7DAngYxgGWB/AAdUA59q1b7HdnhNNJqNbgmlTXeMonKXI9Qbo8U9wKtH1
OsvbDes6EhlGv+8yjZ7eVy2z7PynxTmpNO/x2wXmIrt8CDsMmDmeJX3EgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIwmnxJokyj22EUd1c4Ddk+7cO/MB8GA1UdIwQY
MBaAFIj+GQXNevNuY62mNmwUe2HYXJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUt
ZDYzM2FhNzBkZDY2LzEva2pDYWZFbWlUS1BiWVJSM1Z6Z04yVDd0dzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUtZDYzM2FhNzBkZDY2
LzEvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWPsMA0G
CSqGSIb3DQEBCwUAA4IBAQBd9tWW+4gH+GoVulDbjHqh6xyDy1FksGG4Hd4HSVNo
Ae2UWi5LKS07LkOiZp02qmErFCXkUI8WxI6hbUe+abKeY5o1PpojRsp24eX5h6Fe
kt/sHENg/3tBKtjJXiA/tatlHs9d/CGFisyp+i4Lz+2UkvLLxckLtEs6Ur1z5PEf
BpobicOWsv/qFSvJAqkCwrmb8yl+OdKmDUKKw/NlrPvdfWg+h3hNQ+UKvP1ZBeQ8
Fcqpo1IqiDDTkJoD+DFBjVzH3enFtexsR3JJgx7r8+vuxhM+R5lkeE1u9C3UFluZ
/UM9g/UzgXGL5LIX2+7IuQQvmW8uRKVtdJkSQv9iD7ip
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:08 2024 by rpki-client on console-ams.rpki-client.org