Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KFKe9iIUhi5scYLBh5AhjHeb4KQ.roa
File: KFKe9iIUhi5scYLBh5AhjHeb4KQ.roa (raw, json)
Hash identifier: hWesqC0Y5JvqQ7K2uy6WQWghxhJcUYgvEap9Vr/KF9I=
Subject key identifier: 28:52:9E:F6:22:14:86:2E:6C:71:82:C1:87:90:21:8C:77:9B:E0:A4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C1A3D6AFA5FB326C6BC5E4665EF0449AC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KFKe9iIUhi5scYLBh5AhjHeb4KQ.roa
Signing time: Wed 29 Nov 2023 08:41:21 +0000
ROA not before: Wed 29 Nov 2023 08:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211138
IP address blocks: 195.58.39.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:3d:6a:fa:5f:b3:26:c6:bc:5e:46:65:ef:04:49:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 29 08:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28529ef62214862e6c7182c18790218c779be0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:07:79:17:60:bf:79:df:5f:62:a4:a8:66:88:
78:11:a7:2a:7e:69:23:f1:94:70:d1:59:c7:32:68:
e8:90:2f:dc:b7:44:80:c4:ab:50:59:01:86:7b:d3:
ac:bf:e0:34:f1:71:62:83:d6:15:53:7c:fd:1b:bb:
ae:24:03:09:58:fb:1b:a2:6d:c3:f8:55:f2:76:62:
ae:97:35:1b:02:98:22:27:59:f8:90:29:82:04:87:
06:fb:f5:c6:a0:3a:a0:0c:7c:aa:22:3b:56:01:13:
d1:24:a6:c3:3b:41:95:49:04:f7:a7:a3:70:64:e3:
71:44:fd:c0:fc:fa:09:b5:3e:f7:ec:e9:d7:43:80:
6e:c2:d8:a9:27:50:05:31:53:ac:68:8a:8d:a1:2d:
4a:c7:cb:a0:c1:83:99:8e:da:1e:13:1c:0c:c9:d1:
c4:1d:87:36:c7:b5:eb:0f:7d:6f:b6:0f:d5:20:f0:
82:3c:36:e6:30:35:63:7c:06:5b:da:6f:45:07:79:
7c:3b:ef:d0:d3:4e:39:d2:58:2e:87:e8:a5:2a:d3:
e6:9f:9a:17:54:5d:72:90:df:c2:3f:15:61:b0:cd:
de:6a:43:a4:08:d9:fa:25:2b:23:00:b8:f5:1a:11:
91:05:e0:84:ab:6f:b6:ba:ee:3a:80:b5:d6:2c:26:
18:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:52:9E:F6:22:14:86:2E:6C:71:82:C1:87:90:21:8C:77:9B:E0:A4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KFKe9iIUhi5scYLBh5AhjHeb4KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
195.58.39.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:7c:fa:70:7c:a6:b6:d0:19:ed:73:46:99:9c:c2:95:06:1a:
85:c3:cd:74:3d:ea:9b:24:44:4e:de:3c:d0:45:93:4f:03:d2:
60:3d:bf:86:32:4f:ab:ec:b8:ad:73:11:19:ef:4a:76:ca:7a:
29:46:fa:fc:69:5c:6e:27:3e:f9:62:79:9f:57:75:f8:3c:9c:
73:0c:28:96:6d:fc:a4:37:20:b4:51:39:5f:76:ed:38:ed:ac:
1d:3e:d5:09:e0:9c:84:05:7f:9a:1e:3a:18:9f:bb:77:ff:f6:
98:69:7d:19:af:fd:01:a4:0a:fe:d7:d1:63:e6:ad:53:9f:c2:
ea:7f:71:28:37:79:6d:a3:23:0b:2d:fb:4e:bd:2e:95:23:22:
78:d6:fb:6b:d6:3f:1c:01:e3:da:90:22:48:cb:bb:6e:fb:fb:
15:a9:94:8e:e9:71:7a:45:5c:78:95:69:20:3f:1c:e4:b6:3f:
d4:87:3b:bc:0c:f4:ab:1c:be:95:02:dd:17:9a:4f:b7:26:32:
04:e0:e9:ef:f0:c3:88:8b:a1:29:b6:0c:e5:a9:72:5f:f9:5a:
ed:1a:b9:f6:55:74:34:8b:70:3f:5b:8e:5e:d1:72:32:ba:c5:
2b:9e:d9:9f:5d:40:e0:6a:7f:f4:4f:f8:93:0d:65:8e:02:f1:
39:cf:27:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwaPWr6X7MmxrxeRmXvBEmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI5MDg0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODUyOWVmNjIyMTQ4NjJlNmM3MTgyYzE4NzkwMjE4Yzc3OWJlMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwd5F2C/ed9fYqSoZoh4Eacqfmkj
8ZRw0VnHMmjokC/ct0SAxKtQWQGGe9Osv+A08XFig9YVU3z9G7uuJAMJWPsbom3D
+FXydmKulzUbApgiJ1n4kCmCBIcG+/XGoDqgDHyqIjtWARPRJKbDO0GVSQT3p6Nw
ZONxRP3A/PoJtT737OnXQ4BuwtipJ1AFMVOsaIqNoS1Kx8ugwYOZjtoeExwMydHE
HYc2x7XrD31vtg/VIPCCPDbmMDVjfAZb2m9FB3l8O+/Q00450lguh+ilKtPmn5oX
VF1ykN/CPxVhsM3eakOkCNn6JSsjALj1GhGRBeCEq2+2uu46gLXWLCYYfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFChSnvYiFIYubHGCwYeQIYx3m+CkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS0ZLZTlpSVVoaTVzY1lMQmg1QWhqSGViNEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXzLAwQA
wzonMA0GCSqGSIb3DQEBCwUAA4IBAQBOfPpwfKa20Bntc0aZnMKVBhqFw810Peqb
JERO3jzQRZNPA9JgPb+GMk+r7LitcxEZ70p2ynopRvr8aVxuJz75YnmfV3X4PJxz
DCiWbfykNyC0UTlfdu047awdPtUJ4JyEBX+aHjoYn7t3//aYaX0Zr/0BpAr+19Fj
5q1Tn8Lqf3EoN3ltoyMLLftOvS6VIyJ41vtr1j8cAePakCJIy7tu+/sVqZSO6XF6
RVx4lWkgPxzktj/Uhzu8DPSrHL6VAt0Xmk+3JjIE4Onv8MOIi6EptgzlqXJf+Vrt
Grn2VXQ0i3A/W45e0XIyusUrntmfXUDgan/0T/iTDWWOAvE5zydQ
-----END CERTIFICATE-----
Generated at Wed Dec 6 11:53:41 2023 by rpki-client on console-ams.rpki-client.org