Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kz6KTz7LFBD2ftMHUUaLQZthReE.roa
File: Kz6KTz7LFBD2ftMHUUaLQZthReE.roa (raw, json)
Hash identifier: 7NL5szNuDRjWld7UPA8Twdbdv+flPdjv+7ImVNdFQSU=
Subject key identifier: 2B:3E:8A:4F:3E:CB:14:10:F6:7E:D3:07:51:46:8B:41:9B:61:45:E1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DAC4900F58638DAAC083BA3F31B8719B1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kz6KTz7LFBD2ftMHUUaLQZthReE.roa
Signing time: Thu 15 Feb 2024 10:21:21 +0000
ROA not before: Thu 15 Feb 2024 10:21:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.90.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 15:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:49:00:f5:86:38:da:ac:08:3b:a3:f3:1b:87:19:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 15 10:21:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3e8a4f3ecb1410f67ed30751468b419b6145e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:56:4a:5a:62:d9:3e:60:64:fe:6c:90:54:
49:e2:78:e8:41:f7:72:65:16:0e:48:72:dd:05:37:
8d:fe:bf:0c:86:ac:1b:90:1f:fd:bb:65:06:0e:bd:
ab:56:35:73:28:3a:7e:c2:75:92:5f:83:fb:77:00:
34:bc:b2:1b:8a:20:50:5f:53:29:31:8d:16:3a:7c:
2b:b9:e3:26:80:d1:40:35:8f:4d:2a:50:b2:a4:12:
7f:4b:46:25:8a:05:42:02:18:5f:0a:72:10:63:54:
5f:9d:a6:a4:d2:64:bf:7c:97:7c:01:46:38:be:2b:
be:ad:5c:5a:9d:ca:63:99:95:ee:b2:18:eb:d5:35:
4e:14:24:45:5c:56:64:45:e1:7f:00:ce:af:43:02:
41:78:e6:96:b7:d6:64:c9:fb:78:19:0d:f4:9d:4c:
3a:cb:58:d7:82:84:d2:80:56:27:30:3b:68:12:87:
e1:62:4d:94:27:5a:a9:a7:44:7d:db:a6:9b:56:31:
35:28:9a:b0:89:0c:d1:72:60:24:25:a5:4b:d3:52:
28:9f:66:62:b1:1d:60:5e:f9:8a:1b:8a:84:fb:da:
ae:65:10:10:bc:eb:8e:f6:d6:37:13:d6:ed:99:ba:
28:e7:e8:1a:bf:55:25:94:6d:dc:31:29:15:fc:43:
e6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3E:8A:4F:3E:CB:14:10:F6:7E:D3:07:51:46:8B:41:9B:61:45:E1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kz6KTz7LFBD2ftMHUUaLQZthReE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.90.0/24
195.133.2.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:68:9b:2a:32:dc:0c:e5:51:1a:eb:df:ed:f2:0f:b0:7d:27:
1a:42:20:ef:f1:2e:1a:38:7a:b0:39:bc:2d:01:13:00:7e:2f:
c8:92:5e:2e:6b:76:fb:84:51:8d:bf:12:e0:f8:91:8d:33:10:
cd:cc:5a:a7:7b:ff:44:ca:ea:77:41:b4:cd:c4:f7:ad:43:95:
59:0d:ca:c3:4c:bd:92:74:df:52:1c:fc:b3:a2:dd:5a:75:f0:
73:a4:2e:d8:8d:71:59:4b:11:cd:86:63:ff:41:91:53:0d:cc:
bb:13:ec:1e:77:2b:9e:de:72:4f:25:da:7d:76:be:e8:ab:1d:
14:01:30:ef:f6:da:de:ac:ea:77:d0:2c:ce:2c:8b:2e:a8:66:
ef:ed:b6:5c:c4:d0:fd:8a:19:0a:e8:26:0a:48:3a:39:21:65:
4a:a5:e1:87:bf:94:7a:6b:79:ba:75:bc:82:89:74:fb:8f:cc:
49:d6:7e:dc:2a:ba:a3:29:ba:55:47:ea:d5:57:34:43:4a:76:
02:a6:14:a2:3e:05:9c:41:8a:ee:0e:22:68:ac:3a:0f:e2:1a:
42:ec:9b:21:8f:ac:59:1d:f9:9a:74:97:a4:7e:e4:a8:4d:9f:
20:1b:90:59:1f:06:5f:b2:c9:0d:08:8b:6b:2b:6f:51:86:c0:
77:15:58:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2sSQD1hjjarAg7o/MbhxmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE1MTAyMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNlOGE0ZjNlY2IxNDEwZjY3ZWQzMDc1MTQ2OGI0MTliNjE0NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkURWSlpi2T5gZP5skFRJ4njoQfdy
ZRYOSHLdBTeN/r8MhqwbkB/9u2UGDr2rVjVzKDp+wnWSX4P7dwA0vLIbiiBQX1Mp
MY0WOnwrueMmgNFANY9NKlCypBJ/S0YligVCAhhfCnIQY1Rfnaak0mS/fJd8AUY4
viu+rVxancpjmZXushjr1TVOFCRFXFZkReF/AM6vQwJBeOaWt9Zkyft4GQ30nUw6
y1jXgoTSgFYnMDtoEofhYk2UJ1qpp0R926abVjE1KJqwiQzRcmAkJaVL01Ion2Zi
sR1gXvmKG4qE+9quZRAQvOuO9tY3E9btmboo5+gav1UllG3cMSkV/EPmTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCs+ik8+yxQQ9n7TB1FGi0GbYUXhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS3o2S1R6N0xGQkQyZnRNSFVVYUxRWnRoUmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXxaAwQA
w4UCMA0GCSqGSIb3DQEBCwUAA4IBAQAtaJsqMtwM5VEa69/t8g+wfScaQiDv8S4a
OHqwObwtARMAfi/Ikl4ua3b7hFGNvxLg+JGNMxDNzFqne/9Eyup3QbTNxPetQ5VZ
DcrDTL2SdN9SHPyzot1adfBzpC7YjXFZSxHNhmP/QZFTDcy7E+wedyue3nJPJdp9
dr7oqx0UATDv9trerOp30CzOLIsuqGbv7bZcxND9ihkK6CYKSDo5IWVKpeGHv5R6
a3m6dbyCiXT7j8xJ1n7cKrqjKbpVR+rVVzRDSnYCphSiPgWcQYruDiJorDoP4hpC
7Jshj6xZHfmadJekfuSoTZ8gG5BZHwZfsskNCItrK29RhsB3FViU
-----END CERTIFICATE-----
Generated at Fri Mar 1 18:45:17 2024 by rpki-client on console-ams.rpki-client.org