Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KvCkOKlLWK05TusyPLCKUmeAXTg.roa
File: KvCkOKlLWK05TusyPLCKUmeAXTg.roa (raw, json)
Hash identifier: DbtjQ6jyecYPvanf/ETZwxDif62y7I9p770AYnNCbEg=
Subject key identifier: 2A:F0:A4:38:A9:4B:58:AD:39:4E:EB:32:3C:B0:8A:52:67:80:5D:38
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F6706E8E619E51B7B3222D4A41CDC5C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KvCkOKlLWK05TusyPLCKUmeAXTg.roa
Signing time: Sun 01 Jan 2023 22:15:00 +0000
ROA not before: Sun 01 Jan 2023 22:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204721
IP address blocks: 212.192.220.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:06:e8:e6:19:e5:1b:7b:32:22:d4:a4:1c:dc:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2af0a438a94b58ad394eeb323cb08a5267805d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:80:dc:64:9a:9f:89:5b:98:74:92:67:cb:
e2:a4:d6:40:88:ad:ea:41:35:13:af:b8:79:74:46:
80:ea:dc:ac:a6:05:a1:7b:2e:d9:6c:5f:6e:79:a0:
61:d2:84:aa:ea:57:79:5b:af:1b:00:58:00:51:02:
0a:f6:fd:16:8e:d3:45:f1:bc:b6:7d:fa:5b:4a:9b:
73:11:f9:d5:67:21:2a:28:ae:ea:af:6f:1d:1b:68:
49:d0:f2:f0:c9:b8:2e:94:6c:2d:96:e5:03:8a:d2:
50:27:7f:25:39:4b:5b:80:e3:fb:64:3e:99:9e:05:
20:cd:54:82:41:71:d2:f5:cd:98:48:26:e8:cc:14:
87:87:c5:63:7e:05:ef:6b:bc:da:04:95:73:b9:49:
6f:c8:fe:88:51:18:ef:90:94:18:45:71:fe:75:d3:
f6:61:a8:b7:27:e1:54:49:1d:f2:b2:68:b2:68:f4:
3e:cb:9a:34:6c:b5:fe:b5:5a:f8:2d:b2:47:2e:25:
93:4d:db:15:aa:21:40:19:a1:f3:b1:2f:ac:06:f0:
9c:69:87:22:00:ba:aa:ea:29:b4:89:62:c0:17:87:
a2:9a:a0:00:bd:4e:b1:10:55:62:2b:8d:a1:a0:63:
fa:10:70:f3:ac:cc:61:9a:38:95:a7:52:cf:ce:95:
6c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F0:A4:38:A9:4B:58:AD:39:4E:EB:32:3C:B0:8A:52:67:80:5D:38
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KvCkOKlLWK05TusyPLCKUmeAXTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.75.0/24
212.192.220.0/24
Signature Algorithm: sha256WithRSAEncryption
77:04:bb:d8:29:65:17:b0:e9:49:c4:08:b5:3c:2b:1e:9b:67:
a9:f6:b8:9e:28:d5:a9:27:7e:9c:85:55:89:5b:4f:64:7c:64:
89:48:28:5f:88:17:74:c9:60:36:b1:65:2f:32:6b:a2:af:fe:
ab:18:cb:b3:be:71:bb:61:bd:e9:b0:84:22:33:13:10:c4:6b:
49:e7:97:c9:f0:18:e5:96:10:74:55:e3:81:1e:c2:68:b6:c3:
c2:40:e4:48:4a:20:db:49:3d:9e:b4:6e:e1:93:08:ed:43:2a:
eb:86:c2:d4:9b:00:6d:4b:a6:d6:c2:18:6e:f9:5a:d6:80:a5:
f0:5a:8a:2e:58:b2:bd:5c:3d:fe:5a:8c:d3:a3:f6:30:58:47:
56:f5:bd:80:85:3c:5b:02:c6:a9:cd:18:ef:93:c7:66:42:6a:
39:d7:57:44:54:f1:ad:ab:30:bc:36:ff:35:a0:0f:9a:1c:a2:
b6:bd:50:ce:9c:23:b9:ab:11:84:df:23:e6:a6:75:e0:59:9d:
5b:06:2f:6b:54:ca:f1:74:63:6d:39:96:1c:dc:e1:9f:2a:75:
39:69:7b:c4:d3:d3:c9:87:84:ad:8c:ca:91:a0:86:3d:8b:46:
96:c6:bf:0f:f2:16:4c:3c:7f:1a:92:af:78:fc:d6:fe:6a:3c:
1d:db:c8:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZwbo5hnlG3syItSkHNxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWYwYTQzOGE5NGI1OGFkMzk0ZWViMzIzY2IwOGE1MjY3ODA1ZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4qA3GSan4lbmHSSZ8vipNZAiK3q
QTUTr7h5dEaA6tyspgWhey7ZbF9ueaBh0oSq6ld5W68bAFgAUQIK9v0WjtNF8by2
ffpbSptzEfnVZyEqKK7qr28dG2hJ0PLwybgulGwtluUDitJQJ38lOUtbgOP7ZD6Z
ngUgzVSCQXHS9c2YSCbozBSHh8VjfgXva7zaBJVzuUlvyP6IURjvkJQYRXH+ddP2
Yai3J+FUSR3ysmiyaPQ+y5o0bLX+tVr4LbJHLiWTTdsVqiFAGaHzsS+sBvCcaYci
ALqq6im0iWLAF4eimqAAvU6xEFViK42hoGP6EHDzrMxhmjiVp1LPzpVsuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCrwpDipS1itOU7rMjywilJngF04MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS3ZDa09LbExXSzA1VHVzeVBMQ0tVbWVBWFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldLAwQA
1MDcMA0GCSqGSIb3DQEBCwUAA4IBAQB3BLvYKWUXsOlJxAi1PCsem2ep9rieKNWp
J36chVWJW09kfGSJSChfiBd0yWA2sWUvMmuir/6rGMuzvnG7Yb3psIQiMxMQxGtJ
55fJ8BjllhB0VeOBHsJotsPCQORISiDbST2etG7hkwjtQyrrhsLUmwBtS6bWwhhu
+VrWgKXwWoouWLK9XD3+WozTo/YwWEdW9b2AhTxbAsapzRjvk8dmQmo511dEVPGt
qzC8Nv81oA+aHKK2vVDOnCO5qxGE3yPmpnXgWZ1bBi9rVMrxdGNtOZYc3OGfKnU5
aXvE09PJh4StjMqRoIY9i0aWxr8P8hZMPH8akq94/Nb+ajwd28gR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org