Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KgtjTw0OuWnDHuGQ0k6kOp2lg2E.roa
File: KgtjTw0OuWnDHuGQ0k6kOp2lg2E.roa (raw, json)
Hash identifier: tNRwL4sTWPlqDJ90F+Qfs//rWE8r8yyaAS4nHKcuLQY=
Subject key identifier: 2A:0B:63:4F:0D:0E:B9:69:C3:1E:E1:90:D2:4E:A4:3A:9D:A5:83:61
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018C24943546F67EDB1A0B3BDAA82B01AEB4
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KgtjTw0OuWnDHuGQ0k6kOp2lg2E.roa
Signing time: Fri 01 Dec 2023 08:52:21 +0000
ROA not before: Fri 01 Dec 2023 08:52:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60199
IP address blocks: 84.239.96.0/22 maxlen: 22
141.101.60.0/22 maxlen: 24
2a00:6900:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:94:35:46:f6:7e:db:1a:0b:3b:da:a8:2b:01:ae:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Dec 1 08:52:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a0b634f0d0eb969c31ee190d24ea43a9da58361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a4:35:1e:a4:a2:57:9b:4a:03:d6:89:85:45:
6c:3a:05:96:68:00:fd:e6:96:95:46:49:a0:4d:a6:
32:7c:03:37:fe:44:25:19:92:50:fd:d5:a7:67:1d:
67:f2:fa:9b:99:41:a4:5b:f3:a4:41:0f:f7:31:98:
f3:c5:e9:c9:31:c2:47:81:ad:97:0b:7f:0b:cb:4a:
09:dc:42:a0:e9:6c:9c:a6:fe:92:e7:73:0c:04:9f:
eb:99:5b:e5:22:20:31:39:a2:b7:e5:41:71:cf:82:
15:8e:cd:c5:65:a0:1e:06:4b:38:f8:46:24:b2:e3:
51:c5:13:d7:1a:03:a1:27:c9:18:e1:22:6e:df:0a:
6a:a8:c3:d1:a8:c8:01:ea:c5:d9:61:ef:9b:9f:24:
54:7f:0c:c3:53:aa:fa:8d:7b:66:8c:d5:8b:f5:7d:
e8:5a:65:8b:f0:8d:a0:d1:85:09:95:54:7c:da:24:
8a:b3:4e:e2:ff:75:7e:b0:9c:0a:c9:c8:22:11:8f:
f9:bf:22:44:d0:7f:53:82:2e:e1:dc:bc:d1:58:7b:
56:0c:f1:fe:d4:57:3b:c2:ff:c2:19:95:c3:14:a2:
84:42:3a:30:ac:19:56:39:41:60:07:f9:a2:05:b7:
70:44:d4:0d:45:60:11:b9:a1:89:3a:f1:8d:4f:70:
81:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0B:63:4F:0D:0E:B9:69:C3:1E:E1:90:D2:4E:A4:3A:9D:A5:83:61
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KgtjTw0OuWnDHuGQ0k6kOp2lg2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.96.0/22
141.101.60.0/22
IPv6:
2a00:6900:10::/48
Signature Algorithm: sha256WithRSAEncryption
3a:da:82:b1:42:d0:20:39:32:90:e2:dc:34:1e:46:48:d4:04:
fa:22:74:10:e4:1d:ce:7b:b1:0d:75:2e:48:74:6f:3d:f7:79:
b6:30:26:23:e1:b2:51:04:24:69:65:2b:13:31:c1:53:ff:a6:
94:21:d3:8c:6b:cd:b3:ab:7b:7b:e4:3f:d8:b9:d4:ca:5c:61:
07:06:22:99:ed:54:8f:3b:b6:91:40:cf:29:01:70:f2:dd:e7:
43:f1:75:49:fe:37:80:74:65:9d:9b:0e:d4:73:57:14:f4:8b:
32:18:16:0b:6f:77:93:d5:5a:b4:5b:b5:d7:58:59:04:7b:78:
1d:e0:f1:9d:fe:39:12:ee:3d:d9:2e:51:3e:5b:74:21:5d:41:
1a:02:42:b2:5f:62:43:e6:65:ce:72:8e:0d:35:61:e4:d1:18:
66:46:69:da:11:6c:36:fd:97:73:4e:fc:1a:4f:8b:f0:ea:78:
45:04:de:db:4a:2a:07:48:94:f2:17:e0:19:fa:23:c2:cd:0a:
26:ee:62:ea:fd:6b:93:51:e5:37:bb:46:f5:0c:8a:f6:2d:d0:
48:a1:d9:cc:8b:25:36:d3:0f:25:db:7e:c2:36:9f:d1:78:48:
ad:5e:64:a4:27:68:0f:64:c6:06:c0:9e:93:2c:69:33:5e:b1:
0f:04:46:b5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYwklDVG9n7bGgs72qgrAa60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMxMjAxMDg1MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBiNjM0ZjBkMGViOTY5YzMxZWUxOTBkMjRlYTQzYTlkYTU4MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6Q1HqSiV5tKA9aJhUVsOgWWaAD9
5paVRkmgTaYyfAM3/kQlGZJQ/dWnZx1n8vqbmUGkW/OkQQ/3MZjzxenJMcJHga2X
C38Ly0oJ3EKg6Wycpv6S53MMBJ/rmVvlIiAxOaK35UFxz4IVjs3FZaAeBks4+EYk
suNRxRPXGgOhJ8kY4SJu3wpqqMPRqMgB6sXZYe+bnyRUfwzDU6r6jXtmjNWL9X3o
WmWL8I2g0YUJlVR82iSKs07i/3V+sJwKycgiEY/5vyJE0H9Tgi7h3LzRWHtWDPH+
1Fc7wv/CGZXDFKKEQjowrBlWOUFgB/miBbdwRNQNRWARuaGJOvGNT3CBMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCoLY08NDrlpwx7hkNJOpDqdpYNhMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvS2d0alR3ME91V25ESHVHUTBrNmtPcDJsZzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVO9gAwQC
jWU8MA8EAgACMAkDBwAqAGkAABAwDQYJKoZIhvcNAQELBQADggEBADragrFC0CA5
MpDi3DQeRkjUBPoidBDkHc57sQ11Lkh0bz33ebYwJiPhslEEJGllKxMxwVP/ppQh
04xrzbOre3vkP9i51MpcYQcGIpntVI87tpFAzykBcPLd50PxdUn+N4B0ZZ2bDtRz
VxT0izIYFgtvd5PVWrRbtddYWQR7eB3g8Z3+ORLuPdkuUT5bdCFdQRoCQrJfYkPm
Zc5yjg01YeTRGGZGadoRbDb9l3NO/BpPi/DqeEUE3ttKKgdIlPIX4Bn6I8LNCibu
Yur9a5NR5Te7RvUMivYt0Eih2cyLJTbTDyXbfsI2n9F4SK1eZKQnaA9kxgbAnpMs
aTNesQ8ERrU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:03 2024 by rpki-client on console-ams.rpki-client.org