Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/KMrx-v87nX8d6SMxLzWPYHtchK8.roa
File: KMrx-v87nX8d6SMxLzWPYHtchK8.roa (raw, json)
Hash identifier: h95HphOxyqxW7kmeFXrGnBfakN50q3jSGPzYjPAFqXA=
Subject key identifier: 28:CA:F1:FA:FF:3B:9D:7F:1D:E9:23:31:2F:35:8F:60:7B:5C:84:AF
Certificate issuer: /CN=ab06c8f2247d22041c82e555667881e50f9154ab
Certificate serial: 01856EEFF77A9EFCE1C2E1DB486812B76DB2
Authority key identifier: AB:06:C8:F2:24:7D:22:04:1C:82:E5:55:66:78:81:E5:0F:91:54:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwbI8iR9IgQcguVVZniB5Q-RVKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/KMrx-v87nX8d6SMxLzWPYHtchK8.roa
Signing time: Sun 01 Jan 2023 20:04:58 +0000
ROA not before: Sun 01 Jan 2023 20:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48821
IP address blocks: 185.138.52.0/22 maxlen: 24
2a07:a40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:f7:7a:9e:fc:e1:c2:e1:db:48:68:12:b7:6d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab06c8f2247d22041c82e555667881e50f9154ab
Validity
Not Before: Jan 1 20:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28caf1faff3b9d7f1de923312f358f607b5c84af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e9:e5:7d:2b:57:5c:ec:8e:af:61:4a:a8:eb:
d1:7c:85:57:f0:87:f9:c7:b9:5d:f9:b7:b2:18:e9:
3e:d2:f5:da:c3:97:8b:6a:19:4a:da:eb:6f:e3:50:
b2:28:9a:82:8f:7b:c0:23:6a:2d:6b:d7:9f:39:fe:
51:17:9e:1d:1a:c5:0f:3e:41:ce:01:cc:9c:0c:89:
78:4f:ea:c8:64:a8:e5:e9:b6:29:2f:0a:9b:66:4b:
f9:26:eb:b5:cc:c1:fe:e4:7b:e2:18:11:4c:d7:e4:
38:a3:39:b0:69:c9:d6:0b:4a:78:a5:93:8b:b1:bf:
9b:5b:d5:2b:05:6b:f4:99:85:14:57:96:78:37:84:
24:7e:39:24:8f:a9:44:d6:b2:4f:e1:e2:4d:3b:34:
f8:9f:41:de:5c:51:98:ab:5b:cb:56:46:79:c2:5b:
a8:51:c1:70:87:01:3d:2b:2c:3a:b1:6d:da:08:4e:
ab:a7:7c:98:88:d6:2c:23:00:c5:fc:5c:42:6f:97:
1e:f2:51:4d:30:f9:64:68:d0:f4:64:86:14:12:90:
d9:bd:c1:48:de:78:93:f5:48:00:8c:bf:a8:26:a3:
d0:e8:ff:9d:63:85:8d:a9:88:ac:4a:b1:21:67:55:
29:e6:7f:0a:b8:ff:f6:bf:7f:d7:5b:a0:d0:83:a3:
5a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CA:F1:FA:FF:3B:9D:7F:1D:E9:23:31:2F:35:8F:60:7B:5C:84:AF
X509v3 Authority Key Identifier:
keyid:AB:06:C8:F2:24:7D:22:04:1C:82:E5:55:66:78:81:E5:0F:91:54:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwbI8iR9IgQcguVVZniB5Q-RVKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/KMrx-v87nX8d6SMxLzWPYHtchK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/qwbI8iR9IgQcguVVZniB5Q-RVKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.52.0/22
IPv6:
2a07:a40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:18:88:e7:b1:b9:70:8a:c4:62:6e:b5:7e:c4:9c:6e:f9:8d:
bd:ae:ff:5c:d7:c4:70:1b:a0:2d:09:cd:8f:ec:84:fd:03:31:
b2:e4:64:43:d8:0e:12:44:82:7e:9c:eb:05:10:f4:67:d4:b9:
39:e0:46:ab:b0:3c:e9:4e:03:03:51:ac:29:e8:1a:b9:61:68:
2d:fe:19:74:26:96:18:9c:15:a8:49:27:3a:5f:37:42:fe:2b:
e7:cf:8f:d2:d8:67:e5:eb:67:44:80:69:c1:1f:48:0f:0b:e5:
b1:46:41:ab:df:ab:52:26:d4:be:57:10:dc:d6:3d:69:58:e4:
1c:a3:4b:0d:73:1d:ca:71:58:00:81:d6:84:51:6f:fa:c8:b4:
02:3d:c0:68:a8:17:27:6c:97:f2:e2:42:7d:4b:7d:74:c0:8f:
e5:0a:32:3e:fc:85:f2:87:15:53:32:22:4a:d2:85:b0:83:a6:
31:8c:56:60:da:ed:7a:ab:74:0b:5c:b0:36:7c:98:98:a3:46:
be:ed:7a:a1:89:af:26:04:e9:29:7e:c5:dc:98:79:d9:ce:9a:
ad:1e:6f:7a:19:14:c0:1a:df:17:da:e9:2e:e7:08:e9:b0:18:
01:c6:79:d4:a7:45:e3:c7:11:aa:c4:b3:60:12:51:f1:b9:df:
79:f4:33:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu7/d6nvzhwuHbSGgSt22yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDZjOGYyMjQ3ZDIyMDQxYzgyZTU1NTY2Nzg4MWU1MGY5
MTU0YWIwHhcNMjMwMTAxMjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNhZjFmYWZmM2I5ZDdmMWRlOTIzMzEyZjM1OGY2MDdiNWM4NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqenlfStXXOyOr2FKqOvRfIVX8If5
x7ld+beyGOk+0vXaw5eLahlK2utv41CyKJqCj3vAI2ota9efOf5RF54dGsUPPkHO
AcycDIl4T+rIZKjl6bYpLwqbZkv5Juu1zMH+5HviGBFM1+Q4ozmwacnWC0p4pZOL
sb+bW9UrBWv0mYUUV5Z4N4Qkfjkkj6lE1rJP4eJNOzT4n0HeXFGYq1vLVkZ5wluo
UcFwhwE9Kyw6sW3aCE6rp3yYiNYsIwDF/FxCb5ce8lFNMPlkaND0ZIYUEpDZvcFI
3niT9UgAjL+oJqPQ6P+dY4WNqYisSrEhZ1Up5n8KuP/2v3/XW6DQg6NaYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCjK8fr/O51/HekjMS81j2B7XISvMB8GA1UdIwQY
MBaAFKsGyPIkfSIEHILlVWZ4geUPkVSrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdiSThpUjlJZ1FjZ3VWVlpuaUI1US1SVktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hOTRkZWEtMmZmYy00MDhkLWFhOWQt
MWFlMzZhNDQ2OWZkLzEvS01yeC12ODduWDhkNlNNeEx6V1BZSHRjaEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hOTRkZWEtMmZmYy00MDhkLWFhOWQtMWFlMzZhNDQ2OWZk
LzEvcXdiSThpUjlJZ1FjZ3VWVlpuaUI1US1SVktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYo0MA0E
AgACMAcDBQMqBwpAMA0GCSqGSIb3DQEBCwUAA4IBAQBeGIjnsblwisRibrV+xJxu
+Y29rv9c18RwG6AtCc2P7IT9AzGy5GRD2A4SRIJ+nOsFEPRn1Lk54EarsDzpTgMD
Uawp6Bq5YWgt/hl0JpYYnBWoSSc6XzdC/ivnz4/S2Gfl62dEgGnBH0gPC+WxRkGr
36tSJtS+VxDc1j1pWOQco0sNcx3KcVgAgdaEUW/6yLQCPcBoqBcnbJfy4kJ9S310
wI/lCjI+/IXyhxVTMiJK0oWwg6YxjFZg2u16q3QLXLA2fJiYo0a+7Xqhia8mBOkp
fsXcmHnZzpqtHm96GRTAGt8X2uku5wjpsBgBxnnUp0XjxxGqxLNgElHxud959DO8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:52 2024 by rpki-client on console-ams.rpki-client.org