Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KWb2g4MkqL187sQKQXlRgQHP1x8.roa
File: KWb2g4MkqL187sQKQXlRgQHP1x8.roa (raw, json)
Hash identifier: r6dCuU4NAV4xy732661bKzTxbsS7J04J7HwWqyri1W0=
Subject key identifier: 29:66:F6:83:83:24:A8:BD:7C:EE:C4:0A:41:79:51:81:01:CF:D7:1F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66F608EE123000F0C4CF20598D9B38
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KWb2g4MkqL187sQKQXlRgQHP1x8.roa
Signing time: Sun 01 Jan 2023 22:14:56 +0000
ROA not before: Sun 01 Jan 2023 22:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49127
IP address blocks: 194.58.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f6:08:ee:12:30:00:f0:c4:cf:20:59:8d:9b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2966f6838324a8bd7ceec40a4179518101cfd71f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bf:1a:43:a8:c0:df:c3:b0:52:47:cb:2e:c7:
02:1b:d2:d4:57:cb:f3:3b:50:46:c9:03:44:ad:4f:
2c:86:ba:af:d1:8c:d8:40:cb:75:6d:54:46:63:94:
83:ac:d9:e2:7d:a9:46:fa:63:5e:10:a3:2b:58:a6:
ff:2a:96:85:02:0c:71:c2:91:08:74:77:fc:1f:f2:
bb:7c:a7:fe:11:72:0b:3b:3e:a4:10:41:2f:63:4a:
da:c8:90:d3:08:3a:c4:05:44:50:82:1e:15:56:af:
e9:f4:e6:87:e6:3f:d3:f7:1d:a4:72:d0:3d:c5:ea:
bf:a5:24:4b:54:b7:78:08:2c:af:27:8c:66:8c:c5:
96:41:71:55:b6:f5:59:90:91:b4:48:e0:33:0b:44:
3f:d6:53:05:69:a1:8c:8f:41:0b:0c:68:dd:41:a3:
e5:ca:e0:83:28:b0:37:17:21:35:79:db:4d:80:35:
0c:6a:57:45:62:2f:26:0e:a1:63:c9:b9:32:53:f4:
38:a4:dc:23:ef:2b:c0:55:ca:7d:9b:1b:42:00:c5:
e5:02:fc:e8:73:14:d8:58:f8:b2:0f:b5:a8:95:83:
fc:4e:99:e2:be:0b:9e:00:c1:d9:27:09:46:ee:d7:
f5:c4:db:02:08:6c:8f:73:1b:59:6a:08:f1:17:b3:
47:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:66:F6:83:83:24:A8:BD:7C:EE:C4:0A:41:79:51:81:01:CF:D7:1F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KWb2g4MkqL187sQKQXlRgQHP1x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.45.0/24
Signature Algorithm: sha256WithRSAEncryption
51:1d:8a:52:9f:04:42:2a:2c:1c:8c:c5:fe:bd:27:3a:2e:8e:
9e:40:8e:cb:ee:b4:ce:22:ea:e1:85:07:ad:18:77:39:f6:47:
76:d3:4d:3d:b1:34:b8:5c:94:9d:7b:7a:e5:58:8b:69:e2:83:
1a:a4:e1:93:52:66:9c:47:3a:42:b7:e2:9f:2e:4b:89:23:7d:
0e:0e:4e:cc:2c:03:c1:57:dd:25:cc:13:86:1c:99:48:09:be:
a1:aa:71:39:2d:4b:41:91:65:65:4f:d2:10:7d:74:74:be:56:
a0:11:6d:3e:5e:ec:33:18:b6:a5:c3:c9:be:0d:2b:58:36:74:
6c:3e:89:bc:4b:2b:d2:af:1a:3a:0b:3f:57:7e:3d:82:ae:ae:
4c:38:ea:36:58:9b:cc:6b:7c:9f:49:23:61:9b:fb:91:cd:82:
bb:21:95:ce:87:94:fe:ab:85:69:0b:34:2c:13:e2:5a:77:fa:
8c:4c:4e:49:f6:a6:02:36:59:8a:af:9f:01:b7:25:df:5e:c1:
a5:27:cb:fa:c6:b0:f3:db:cb:f5:4b:e8:c9:23:ec:91:84:80:
d3:e4:2d:e5:6b:2b:15:52:f9:c2:b0:5b:5e:db:8b:f8:99:05:
5d:4b:86:db:07:e5:dc:f8:49:b1:8a:a6:03:38:54:da:bf:23:
0c:23:d0:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZvYI7hIwAPDEzyBZjZs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY2ZjY4MzgzMjRhOGJkN2NlZWM0MGE0MTc5NTE4MTAxY2ZkNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1L8aQ6jA38OwUkfLLscCG9LUV8vz
O1BGyQNErU8shrqv0YzYQMt1bVRGY5SDrNnifalG+mNeEKMrWKb/KpaFAgxxwpEI
dHf8H/K7fKf+EXILOz6kEEEvY0rayJDTCDrEBURQgh4VVq/p9OaH5j/T9x2kctA9
xeq/pSRLVLd4CCyvJ4xmjMWWQXFVtvVZkJG0SOAzC0Q/1lMFaaGMj0ELDGjdQaPl
yuCDKLA3FyE1edtNgDUMaldFYi8mDqFjybkyU/Q4pNwj7yvAVcp9mxtCAMXlAvzo
cxTYWPiyD7WolYP8TpnivgueAMHZJwlG7tf1xNsCCGyPcxtZagjxF7NHrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClm9oODJKi9fO7ECkF5UYEBz9cfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS1diMmc0TWtxTDE4N3NRS1FYbFJnUUhQMXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjotMA0G
CSqGSIb3DQEBCwUAA4IBAQBRHYpSnwRCKiwcjMX+vSc6Lo6eQI7L7rTOIurhhQet
GHc59kd20009sTS4XJSde3rlWItp4oMapOGTUmacRzpCt+KfLkuJI30ODk7MLAPB
V90lzBOGHJlICb6hqnE5LUtBkWVlT9IQfXR0vlagEW0+XuwzGLalw8m+DStYNnRs
Pom8SyvSrxo6Cz9Xfj2Crq5MOOo2WJvMa3yfSSNhm/uRzYK7IZXOh5T+q4VpCzQs
E+Jad/qMTE5J9qYCNlmKr58BtyXfXsGlJ8v6xrDz28v1S+jJI+yRhIDT5C3laysV
UvnCsFte24v4mQVdS4bbB+Xc+EmxiqYDOFTavyMMI9DJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:20 2024 by rpki-client on console-fra.rpki-client.org