Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KAdx6oLqS2ZL9sOxKepBI1GOfJI.roa
File: KAdx6oLqS2ZL9sOxKepBI1GOfJI.roa (raw, json)
Hash identifier: n8fFDYpTYFZXfABxmMNlW34wVrOgnltko/9Rz9C6KAg=
Subject key identifier: 28:07:71:EA:82:EA:4B:66:4B:F6:C3:B1:29:EA:41:23:51:8E:7C:92
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C7CE5D5C5061C77B9D7CB809C7552122B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KAdx6oLqS2ZL9sOxKepBI1GOfJI.roa
Signing time: Mon 18 Dec 2023 12:28:06 +0000
ROA not before: Mon 18 Dec 2023 12:28:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207083
IP address blocks: 2.59.254.0/24 maxlen: 24
192.145.28.0/24 maxlen: 24
192.145.31.0/24 maxlen: 24
192.145.28.0/22 maxlen: 22
192.145.30.0/24 maxlen: 24
192.145.29.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 12:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:e5:d5:c5:06:1c:77:b9:d7:cb:80:9c:75:52:12:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 18 12:28:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=280771ea82ea4b664bf6c3b129ea4123518e7c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:20:17:c6:28:b2:76:13:71:27:8e:87:32:
1c:f5:ea:be:4b:80:01:ea:c2:c6:e9:ab:a5:73:88:
1c:7e:f1:7b:cc:99:11:f8:41:b9:1d:11:f9:cb:fd:
b7:cd:2d:c3:da:24:9b:99:07:4f:c4:f8:08:4b:92:
4e:91:72:60:6b:5a:e3:f4:d9:88:7a:83:72:0c:2b:
0b:e3:90:cf:9d:c2:1b:fa:64:1a:60:eb:b5:57:a1:
4c:03:00:b3:b8:40:23:7b:9c:ba:81:3f:2d:67:8f:
44:3b:d8:88:92:d7:27:a5:fa:05:77:68:f7:03:42:
d6:29:88:86:3f:c8:b6:76:09:e9:1c:ae:6c:ae:e0:
8d:ad:ed:49:0c:0b:23:5e:6d:c4:a2:95:87:df:71:
70:6d:a5:61:b6:40:54:38:5f:46:b7:9e:e0:88:f6:
56:7f:0d:ad:1d:d0:fa:d9:92:55:7b:3c:43:e0:a4:
c8:4c:23:24:b1:6d:21:25:76:18:a1:fa:dd:e5:02:
14:41:a9:a9:d9:b3:3d:0c:a0:f5:81:12:f9:5c:17:
e0:49:13:39:41:e2:bf:b6:7c:7f:75:e2:05:ad:f7:
e9:ac:90:34:bc:2c:0c:84:55:82:93:14:3c:84:54:
0f:2e:12:14:14:75:66:e4:cb:5e:0d:1a:19:c1:51:
53:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:07:71:EA:82:EA:4B:66:4B:F6:C3:B1:29:EA:41:23:51:8E:7C:92
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KAdx6oLqS2ZL9sOxKepBI1GOfJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.254.0/24
85.31.45.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:47:59:e8:17:8d:86:d2:12:08:b3:de:0f:d3:d0:b5:9d:b2:
0d:25:52:ff:a3:c7:1f:35:06:5e:f5:49:18:8e:fc:f6:7d:6c:
4f:72:2f:4d:43:a3:f8:de:8c:16:68:5a:df:01:41:bb:2a:7e:
e9:0d:1f:ed:3d:67:47:cc:27:f7:5f:5f:af:33:1a:2f:7a:82:
5a:2b:cd:b2:50:b3:0b:59:57:9d:86:e8:4e:da:23:64:c6:c6:
3c:3a:e6:5f:7f:22:a8:c7:53:9f:9b:1b:3f:8c:5b:56:ac:49:
e3:32:19:80:d8:46:ab:4f:b3:62:a5:24:cf:2b:cc:11:43:31:
5b:2f:2f:28:a1:12:59:cd:fd:56:2d:5d:45:64:bc:d7:07:1d:
d8:be:58:3f:7d:fd:ae:e4:0e:2f:4d:55:62:3c:3a:8f:d5:e4:
72:05:0d:0f:e7:db:ca:69:22:ad:dd:dd:3f:1d:02:9f:7b:29:
79:cf:0e:b0:21:9a:6d:d9:f4:9b:6e:05:93:38:11:c5:94:ee:
bb:c9:cb:38:9d:34:1a:a0:d4:98:18:de:44:bb:b7:87:f5:9e:
19:82:c9:9f:68:cd:ad:5e:62:4e:49:a5:f7:53:09:3b:b1:e3:
1f:2a:0f:04:b0:16:49:62:8e:93:87:5a:d5:ce:0d:ee:83:9c:
25:0c:5e:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx85dXFBhx3udfLgJx1UhIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjE4MTIyODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA3NzFlYTgyZWE0YjY2NGJmNmMzYjEyOWVhNDEyMzUxOGU3YzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOsgF8YosnYTcSeOhzIc9eq+S4AB
6sLG6aulc4gcfvF7zJkR+EG5HRH5y/23zS3D2iSbmQdPxPgIS5JOkXJga1rj9NmI
eoNyDCsL45DPncIb+mQaYOu1V6FMAwCzuEAje5y6gT8tZ49EO9iIktcnpfoFd2j3
A0LWKYiGP8i2dgnpHK5sruCNre1JDAsjXm3EopWH33FwbaVhtkBUOF9Gt57giPZW
fw2tHdD62ZJVezxD4KTITCMksW0hJXYYofrd5QIUQamp2bM9DKD1gRL5XBfgSRM5
QeK/tnx/deIFrffprJA0vCwMhFWCkxQ8hFQPLhIUFHVm5MteDRoZwVFTgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCgHceqC6ktmS/bDsSnqQSNRjnySMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS0FkeDZvTHFTMlpMOXNPeEtlcEJJMUdPZkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjv+AwQA
VR8tAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQA+R1noF42G0hIIs94P09C1nbIN
JVL/o8cfNQZe9UkYjvz2fWxPci9NQ6P43owWaFrfAUG7Kn7pDR/tPWdHzCf3X1+v
MxoveoJaK82yULMLWVedhuhO2iNkxsY8OuZffyKox1Ofmxs/jFtWrEnjMhmA2Ear
T7NipSTPK8wRQzFbLy8ooRJZzf1WLV1FZLzXBx3Yvlg/ff2u5A4vTVViPDqP1eRy
BQ0P59vKaSKt3d0/HQKfeyl5zw6wIZpt2fSbbgWTOBHFlO67ycs4nTQaoNSYGN5E
u7eH9Z4ZgsmfaM2tXmJOSaX3Uwk7seMfKg8EsBZJYo6Th1rVzg3ug5wlDF5q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org