Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KpPvhB_WvRCgsD6JKt1QkE3XOLs.roa
File: KpPvhB_WvRCgsD6JKt1QkE3XOLs.roa (raw, json)
Hash identifier: A4RreTIL36GcimYybKvEaTO+16f62/vmVp31NXC8VKE=
Subject key identifier: 2A:93:EF:84:1F:D6:BD:10:A0:B0:3E:89:2A:DD:50:90:4D:D7:38:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A5D6F09630778A414044FCF9EAB0FBD2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KpPvhB_WvRCgsD6JKt1QkE3XOLs.roa
Signing time: Thu 12 Jan 2023 11:56:45 +0000
ROA not before: Thu 12 Jan 2023 11:56:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jan 2023 10:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:d6:f0:96:30:77:8a:41:40:44:fc:f9:ea:b0:fb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 11:56:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a93ef841fd6bd10a0b03e892add50904dd738bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:18:54:89:31:53:e5:a8:45:e2:3f:32:b7:1e:
bc:84:7c:b7:e5:12:cc:da:15:68:98:be:48:fd:45:
08:02:e7:33:d1:55:bf:b0:02:8b:6c:f9:9b:9c:94:
67:28:bc:fe:0d:4a:60:72:03:70:20:f1:c8:de:62:
19:7b:af:6f:f8:0b:c4:15:97:ec:89:3e:35:82:d4:
ec:45:e8:d6:6c:25:59:34:60:f7:a4:e9:10:22:1c:
c3:5e:66:53:b1:0b:22:68:bf:84:61:29:df:d1:3c:
1d:e2:ee:4d:55:01:57:ea:f4:11:ca:49:8e:a5:38:
5e:89:a0:61:dd:c6:94:80:e6:6c:47:9e:ff:51:f0:
97:57:80:b3:49:81:13:37:e0:86:6a:dd:b5:b2:5d:
84:c0:86:8f:9f:5a:35:30:be:99:14:86:db:ce:ae:
4a:71:0b:34:a9:2c:a8:6f:9c:35:c2:45:42:71:09:
f1:ca:c9:66:c6:4e:a9:0e:f3:d7:25:87:00:99:3b:
13:1e:85:8e:70:bd:ef:3c:07:2b:86:aa:58:e5:ac:
f1:7d:10:94:22:d2:04:bc:d9:d9:b7:33:25:f4:09:
71:7b:d0:0b:4e:47:22:41:d4:10:34:ff:c5:bf:1e:
23:a4:b2:ec:37:c5:34:5b:c4:a2:75:11:0d:14:d1:
6a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:93:EF:84:1F:D6:BD:10:A0:B0:3E:89:2A:DD:50:90:4D:D7:38:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KpPvhB_WvRCgsD6JKt1QkE3XOLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.47.0/24
193.124.125.0/24
194.87.162.0/24
194.87.200.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b3:df:74:c2:cd:15:b4:e3:07:33:c7:13:6b:be:d5:56:a9:
e5:86:bf:dd:ef:8e:d1:92:bf:75:bf:17:e5:2b:44:c4:b8:18:
28:83:4a:6e:d0:d2:60:12:01:cc:39:46:69:f8:3b:01:22:db:
a3:df:19:7e:44:d6:f2:d6:8b:eb:9f:30:83:9e:f9:ce:84:0c:
81:53:67:ac:11:f3:7a:2c:c5:a8:83:66:5b:47:b8:79:32:b1:
d4:74:b1:85:0b:62:9f:f9:a5:63:79:d6:70:bc:01:54:53:d2:
d8:6e:61:74:88:79:e0:8b:15:56:89:e1:8c:b1:51:23:74:1d:
e9:45:95:9c:7c:61:84:bd:4f:49:15:1c:87:72:63:c1:50:5e:
3b:53:bd:72:8c:2e:35:29:60:73:8b:37:7b:bc:66:5d:55:56:
14:bc:b9:78:2a:ee:34:f3:f2:0f:e6:29:1e:35:6d:89:8d:29:
4c:14:d8:18:3d:1e:ab:32:e0:12:25:4d:93:19:a5:13:ed:c3:
f7:d4:a2:fe:00:6d:e1:a7:86:63:24:12:25:57:0c:d8:81:67:
26:90:06:4f:97:9b:0c:4d:b0:39:55:e6:e3:6f:cc:f3:c7:b6:
b2:46:51:71:89:28:49:a8:f6:5f:0d:53:39:13:da:89:c2:b9:
39:9f:d3:43
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWl1vCWMHeKQUBE/PnqsPvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTEyMTE1NjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTkzZWY4NDFmZDZiZDEwYTBiMDNlODkyYWRkNTA5MDRkZDczOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxhUiTFT5ahF4j8ytx68hHy35RLM
2hVomL5I/UUIAucz0VW/sAKLbPmbnJRnKLz+DUpgcgNwIPHI3mIZe69v+AvEFZfs
iT41gtTsRejWbCVZNGD3pOkQIhzDXmZTsQsiaL+EYSnf0Twd4u5NVQFX6vQRykmO
pTheiaBh3caUgOZsR57/UfCXV4CzSYETN+CGat21sl2EwIaPn1o1ML6ZFIbbzq5K
cQs0qSyob5w1wkVCcQnxyslmxk6pDvPXJYcAmTsTHoWOcL3vPAcrhqpY5azxfRCU
ItIEvNnZtzMl9Alxe9ALTkciQdQQNP/Fvx4jpLLsN8U0W8SidRENFNFqpQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCqT74Qf1r0QoLA+iSrdUJBN1zi7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS3BQdmhCX1d2UkNnc0Q2Skt0MVFrRTNYT0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwEAwQA
wXwvAwQAwXx9AwQAwleiAwQAwlfIAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUA
A4IBAQBds990ws0VtOMHM8cTa77VVqnlhr/d747Rkr91vxflK0TEuBgog0pu0NJg
EgHMOUZp+DsBItuj3xl+RNby1ovrnzCDnvnOhAyBU2esEfN6LMWog2ZbR7h5MrHU
dLGFC2Kf+aVjedZwvAFUU9LYbmF0iHngixVWieGMsVEjdB3pRZWcfGGEvU9JFRyH
cmPBUF47U71yjC41KWBzizd7vGZdVVYUvLl4Ku408/IP5ikeNW2JjSlMFNgYPR6r
MuASJU2TGaUT7cP31KL+AG3hp4ZjJBIlVwzYgWcmkAZPl5sMTbA5Vebjb8zzx7ay
RlFxiShJqPZfDVM5E9qJwrk5n9ND
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org