Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/KNrAXTWVPzwPdbkw-d849pIUxhU.roa
File: KNrAXTWVPzwPdbkw-d849pIUxhU.roa (raw, json)
Hash identifier: mcYjOI3ONmAHeI2xO6uINIn1g47hO3mHVR2pV+BVTY0=
Subject key identifier: 28:DA:C0:5D:35:95:3F:3C:0F:75:B9:30:F9:DF:38:F6:92:14:C6:15
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 01896FFD6D737FA61BE10E51D5039F2F1214
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/KNrAXTWVPzwPdbkw-d849pIUxhU.roa
Signing time: Wed 19 Jul 2023 21:10:26 +0000
ROA not before: Wed 19 Jul 2023 21:10:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 5.252.20.0/24 maxlen: 24
5.252.23.0/24 maxlen: 24
5.252.22.0/24 maxlen: 24
5.252.21.0/24 maxlen: 24
45.83.180.0/22 maxlen: 24
2.58.124.0/22 maxlen: 24
2a0b:ec82::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 19 Jul 2023 21:12:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6f:fd:6d:73:7f:a6:1b:e1:0e:51:d5:03:9f:2f:12:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jul 19 21:10:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28dac05d35953f3c0f75b930f9df38f69214c615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:76:99:96:36:ba:eb:a4:56:e7:ec:2f:75:
51:c4:42:b7:7b:9b:66:bf:c5:39:36:74:cb:c2:cb:
ba:5d:1b:d9:c0:0f:2e:70:52:3e:bc:42:d7:ff:e3:
9d:0c:35:a2:0f:5b:89:9b:21:0f:92:c2:09:d7:fa:
a1:cb:88:8b:9a:28:61:51:f2:38:4a:7b:97:4f:cf:
34:51:3d:e6:2a:31:26:32:2d:47:d7:f6:14:2b:c5:
a1:d7:f4:66:81:e2:1d:c4:30:4c:3d:2a:7d:dc:cb:
be:fc:4c:f9:d8:db:21:ce:e3:c3:29:14:e5:a5:fc:
52:60:32:74:7c:f1:40:1d:c6:06:c4:b8:de:75:54:
20:b2:47:7c:f7:ba:cf:04:f1:6e:95:3e:3a:e1:de:
58:4a:6b:31:a4:e1:a2:f4:84:12:ff:63:24:37:4a:
e3:c7:96:dd:9f:dd:8d:b2:de:79:2d:94:9a:f0:2f:
aa:fb:f1:0b:aa:73:d2:92:8d:40:24:59:d6:8f:59:
25:e1:e4:55:c1:e9:82:06:8d:fc:8c:73:fe:ea:9f:
fb:83:2d:09:6d:5c:94:2b:ea:20:b6:65:e3:fd:9e:
e7:10:09:f3:35:4b:50:1f:6a:7d:e2:5b:35:63:41:
74:51:2b:ae:6d:5b:8a:c3:7f:19:2b:77:58:7b:37:
91:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DA:C0:5D:35:95:3F:3C:0F:75:B9:30:F9:DF:38:F6:92:14:C6:15
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/KNrAXTWVPzwPdbkw-d849pIUxhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
5.252.20.0/22
45.83.180.0/22
IPv6:
2a0b:ec82::/32
Signature Algorithm: sha256WithRSAEncryption
34:9b:29:0c:04:74:99:78:aa:62:9a:a0:61:62:e9:2d:f2:4d:
75:fc:a8:1b:9a:ea:30:b3:29:34:4a:f9:a5:4f:b7:d6:42:2c:
9e:68:fd:29:c9:82:11:8b:7d:11:74:90:8d:3a:03:78:26:9e:
9a:79:36:60:31:c3:38:99:80:33:e4:15:f2:bd:85:86:c7:8b:
25:36:a4:b8:05:68:de:13:d6:62:fd:84:97:e4:27:7b:f3:12:
bb:d8:40:6b:21:e2:e5:0d:ac:e5:c1:2f:85:81:40:53:47:48:
9d:f2:09:e1:0c:81:fc:6a:ad:e3:bb:4d:73:c1:4f:cd:42:1d:
85:dd:13:d9:e9:97:2f:cf:02:65:fd:3d:8a:0f:f6:d8:49:1f:
be:b4:9a:31:d1:ef:d9:69:41:6d:ed:08:ea:3d:94:50:a5:4b:
e2:14:2d:72:b6:ed:c4:8f:90:4c:14:64:f8:a9:26:87:3a:bb:
c8:cb:d4:ed:38:b2:5f:a4:fe:d0:99:16:89:ed:bc:c3:0e:1f:
43:2b:5d:5d:be:02:90:00:72:1c:f9:2e:01:2a:5a:09:0e:b1:
5d:e9:10:4c:5d:3d:8f:d5:05:39:76:80:65:a2:c4:78:ab:5d:
7f:85:31:a1:96:a9:3f:d5:10:d8:5d:16:28:51:ed:1e:ce:eb:
52:31:b5:aa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYlv/W1zf6Yb4Q5R1QOfLxIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwNzE5MjExMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRhYzA1ZDM1OTUzZjNjMGY3NWI5MzBmOWRmMzhmNjkyMTRjNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRZ2mZY2uuukVufsL3VRxEK3e5tm
v8U5NnTLwsu6XRvZwA8ucFI+vELX/+OdDDWiD1uJmyEPksIJ1/qhy4iLmihhUfI4
SnuXT880UT3mKjEmMi1H1/YUK8Wh1/RmgeIdxDBMPSp93Mu+/Ez52NshzuPDKRTl
pfxSYDJ0fPFAHcYGxLjedVQgskd897rPBPFulT464d5YSmsxpOGi9IQS/2MkN0rj
x5bdn92Nst55LZSa8C+q+/ELqnPSko1AJFnWj1kl4eRVwemCBo38jHP+6p/7gy0J
bVyUK+ogtmXj/Z7nEAnzNUtQH2p94ls1Y0F0USuubVuKw38ZK3dYezeRmQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCjawF01lT88D3W5MPnfOPaSFMYVMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvS05yQVhUV1ZQendQZGJrdy1kODQ5cElVeGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCAjp8AwQC
BfwUAwQCLVO0MA0EAgACMAcDBQAqC+yCMA0GCSqGSIb3DQEBCwUAA4IBAQA0mykM
BHSZeKpimqBhYukt8k11/Kgbmuowsyk0SvmlT7fWQiyeaP0pyYIRi30RdJCNOgN4
Jp6aeTZgMcM4mYAz5BXyvYWGx4slNqS4BWjeE9Zi/YSX5Cd78xK72EBrIeLlDazl
wS+FgUBTR0id8gnhDIH8aq3ju01zwU/NQh2F3RPZ6ZcvzwJl/T2KD/bYSR++tJox
0e/ZaUFt7QjqPZRQpUviFC1ytu3Ej5BMFGT4qSaHOrvIy9TtOLJfpP7QmRaJ7bzD
Dh9DK11dvgKQAHIc+S4BKloJDrFd6RBMXT2P1QU5doBlosR4q11/hTGhlqk/1RDY
XRYoUe0ezutSMbWq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org