Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ksng3dO4vQeIjBnI8QIc0e9NQzc.roa
File: Ksng3dO4vQeIjBnI8QIc0e9NQzc.roa (raw, json)
Hash identifier: HLVbbqTwTeGWOa1hRlWZYhR/uEMPFJhV67LEjoUBqHk=
Subject key identifier: 2A:C9:E0:DD:D3:B8:BD:07:88:8C:19:C8:F1:02:1C:D1:EF:4D:43:37
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ACB1C81A4A5FF1505F5A4C105C67A2BC7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ksng3dO4vQeIjBnI8QIc0e9NQzc.roa
Signing time: Mon 25 Sep 2023 06:52:37 +0000
ROA not before: Mon 25 Sep 2023 06:52:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 394711
IP address blocks: 91.92.240.0/20 maxlen: 24
94.156.64.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Oct 2023 15:46:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:1c:81:a4:a5:ff:15:05:f5:a4:c1:05:c6:7a:2b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 25 06:52:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ac9e0ddd3b8bd07888c19c8f1021cd1ef4d4337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:07:2f:1b:50:bc:c0:e7:9a:fe:53:e5:70:f4:
c5:e3:27:a2:93:0e:37:fc:a9:09:b0:fb:6f:27:cf:
1f:8a:cc:5e:df:85:dc:63:cc:16:0a:c3:34:cf:50:
7a:d4:2a:07:8f:8d:69:90:70:4d:2a:c1:e3:81:f4:
2f:79:ac:de:17:ce:27:44:ca:03:a1:4a:88:ee:66:
9e:8f:43:33:b3:54:bf:c1:f8:06:1d:a2:5b:44:5c:
2c:42:95:ed:dd:bd:92:5f:b4:45:ba:cc:07:c9:60:
71:5f:a2:34:1a:dd:4d:3d:23:3e:6a:7e:dd:3b:6d:
43:60:48:28:07:0b:13:d4:1d:d3:97:b2:f4:b9:f4:
40:08:a9:4a:b3:a6:ae:15:0f:e4:fd:ba:12:4b:37:
c9:0f:da:e0:3c:f2:a7:65:bb:3a:38:aa:8b:66:97:
44:8d:47:14:b3:db:b4:66:cb:43:61:c7:82:9d:cd:
14:51:7a:6d:8d:17:22:6a:bd:13:86:04:7b:bf:2d:
46:53:5f:60:d5:08:f8:fd:0a:4e:f1:15:78:c4:70:
c2:5e:6b:ad:5b:12:be:97:37:d3:da:40:36:da:e8:
1c:60:d3:49:b1:f9:1e:82:4e:c3:c5:9e:f1:fe:ba:
1a:be:4f:c4:1c:8a:d1:fe:bf:4c:f2:21:bb:b6:4b:
81:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C9:E0:DD:D3:B8:BD:07:88:8C:19:C8:F1:02:1C:D1:EF:4D:43:37
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ksng3dO4vQeIjBnI8QIc0e9NQzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.240.0/20
94.156.64.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:76:68:a0:b7:8b:f0:8f:50:c7:71:77:c0:98:31:e5:ce:4e:
69:c5:6d:73:0c:9e:ae:07:ea:a5:a2:82:eb:f7:3f:7e:8c:d2:
76:63:d5:85:ad:4f:94:9e:02:b5:29:9c:91:89:4c:38:68:f5:
d1:c6:61:80:79:81:1d:3e:fe:73:a3:ef:c3:45:c6:a1:95:40:
88:14:63:14:30:2c:9d:bf:eb:c5:74:8b:84:48:0b:54:d0:37:
09:19:b6:aa:27:0b:28:8c:e4:9c:8a:32:0b:0d:62:d7:c1:a3:
06:94:73:60:88:1b:21:eb:48:be:fa:77:7f:6c:56:2d:e6:e5:
1f:2d:81:41:c6:d3:71:4c:7c:92:d9:94:3b:77:78:97:d9:49:
1c:d6:c3:9a:7c:6d:34:6f:86:db:ec:03:c5:18:d9:05:3d:99:
44:fd:2a:f5:eb:c2:40:49:2b:2c:1d:2c:f3:cd:62:a3:f2:04:
c4:ac:8c:0b:1c:aa:ab:2c:e9:99:24:1a:98:c8:c2:33:e4:b4:
72:4d:6a:5d:d5:8e:db:a3:ca:ee:2e:db:fb:75:f0:9d:85:94:
5d:84:65:65:5f:0f:a7:a9:0d:ce:51:f6:20:8e:00:a3:91:50:
3f:0e:e1:ae:2d:66:ef:d1:51:c3:b3:41:35:cd:17:4e:49:c0:
4a:65:a3:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrLHIGkpf8VBfWkwQXGeivHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI1MDY1MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM5ZTBkZGQzYjhiZDA3ODg4YzE5YzhmMTAyMWNkMWVmNGQ0MzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQcvG1C8wOea/lPlcPTF4yeikw43
/KkJsPtvJ88fisxe34XcY8wWCsM0z1B61CoHj41pkHBNKsHjgfQveazeF84nRMoD
oUqI7maej0Mzs1S/wfgGHaJbRFwsQpXt3b2SX7RFuswHyWBxX6I0Gt1NPSM+an7d
O21DYEgoBwsT1B3Tl7L0ufRACKlKs6auFQ/k/boSSzfJD9rgPPKnZbs6OKqLZpdE
jUcUs9u0ZstDYceCnc0UUXptjRciar0ThgR7vy1GU19g1Qj4/QpO8RV4xHDCXmut
WxK+lzfT2kA22ugcYNNJsfkegk7DxZ7x/roavk/EHIrR/r9M8iG7tkuBCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCrJ4N3TuL0HiIwZyPECHNHvTUM3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS3NuZzNkTzR2UWVJakJuSThRSWMwZTlOUXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEW1zwAwQD
XpxAMA0GCSqGSIb3DQEBCwUAA4IBAQANdmigt4vwj1DHcXfAmDHlzk5pxW1zDJ6u
B+qlooLr9z9+jNJ2Y9WFrU+UngK1KZyRiUw4aPXRxmGAeYEdPv5zo+/DRcahlUCI
FGMUMCydv+vFdIuESAtU0DcJGbaqJwsojOScijILDWLXwaMGlHNgiBsh60i++nd/
bFYt5uUfLYFBxtNxTHyS2ZQ7d3iX2Ukc1sOafG00b4bb7APFGNkFPZlE/Sr168JA
SSssHSzzzWKj8gTErIwLHKqrLOmZJBqYyMIz5LRyTWpd1Y7bo8ruLtv7dfCdhZRd
hGVlXw+nqQ3OUfYgjgCjkVA/DuGuLWbv0VHDs0E1zRdOScBKZaO2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org