Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kKUGU-NTsYL9rrxFrxoLr6QUC7M.roa
File: kKUGU-NTsYL9rrxFrxoLr6QUC7M.roa (raw, json)
Hash identifier: ofZrD5rgUtSTaws2H+pN7PF4g0QwUUEv1mUJywvvCtE=
Subject key identifier: 90:A5:06:53:E3:53:B1:82:FD:AE:BC:45:AF:1A:0B:AF:A4:14:0B:B3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191B304D0EF9B72B1BCC409358AB08BA549
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kKUGU-NTsYL9rrxFrxoLr6QUC7M.roa
Signing time: Mon 02 Sep 2024 13:55:22 +0000
ROA not before: Mon 02 Sep 2024 13:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215133
IP address blocks: 85.209.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 11:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:04:d0:ef:9b:72:b1:bc:c4:09:35:8a:b0:8b:a5:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 2 13:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a50653e353b182fdaebc45af1a0bafa4140bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:a8:71:a4:e2:10:b7:ab:f3:20:3e:49:93:
4b:9d:58:96:10:72:ff:57:32:a1:06:e2:95:e4:0e:
27:49:7e:4a:05:f8:50:a4:d4:c7:85:89:94:b5:a7:
df:f2:8a:9b:67:4b:71:43:79:38:96:03:ef:f5:be:
9e:c8:c1:1c:da:46:a5:c3:8a:2d:09:dc:01:39:32:
14:62:b7:e5:fa:2d:3b:aa:48:03:9d:05:5c:9b:f0:
8e:fd:77:3a:ac:e2:4b:ed:a2:4a:89:02:cf:2c:9b:
40:a0:02:a1:5a:cf:15:dd:a5:9d:32:f9:f2:ec:14:
1b:9a:e7:7e:48:02:52:e7:0f:ba:a6:63:76:b0:65:
fa:81:6d:d2:61:a6:be:8b:88:e0:6a:7b:c4:9c:20:
f9:ad:1c:48:2a:6f:eb:2d:d0:cb:1e:ac:f3:db:70:
03:e4:fe:3c:2d:a8:52:53:9f:24:46:00:e0:f4:e5:
1a:1a:5d:a3:54:a6:9d:e7:a2:27:2e:d0:b1:67:47:
79:97:60:96:e2:5b:10:ed:54:82:af:92:d5:6d:44:
26:73:21:83:f6:1e:07:49:81:c0:fb:e6:d5:ba:68:
5f:7f:65:54:64:c0:97:b5:bf:83:71:94:83:4d:d6:
32:dc:a8:4b:2c:cd:24:b9:43:28:c6:f5:ac:ac:0a:
94:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A5:06:53:E3:53:B1:82:FD:AE:BC:45:AF:1A:0B:AF:A4:14:0B:B3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kKUGU-NTsYL9rrxFrxoLr6QUC7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.132.0/24
Signature Algorithm: sha256WithRSAEncryption
98:55:06:44:c8:66:2f:a0:f8:51:6a:f4:fe:f7:36:65:85:c9:
13:3d:34:4a:50:c7:ba:df:31:31:4b:0d:87:2c:fd:af:15:a0:
49:2c:13:5c:f5:90:a0:62:af:6a:23:17:7f:ba:f9:84:f0:30:
ba:f6:fb:76:96:8a:8b:87:e3:77:7d:a2:6a:d8:cd:29:e5:c8:
80:6c:9c:58:b5:98:72:da:e8:61:bf:de:2d:55:bb:e1:3d:94:
62:83:b9:8d:c2:70:92:e1:4c:ce:b8:06:73:26:50:93:30:9f:
82:96:d7:93:3e:66:33:9c:f6:ea:f9:70:26:50:c9:95:15:ca:
f1:20:49:53:f1:75:51:0c:ff:3d:fb:3e:7d:02:e7:72:50:af:
9e:dd:f0:85:62:9b:a1:f8:ed:34:83:f6:94:d1:bd:2e:7e:b3:
3c:81:1e:3c:d6:bb:f7:f8:c8:68:c4:e9:6b:1e:b7:bf:6c:3e:
c4:9a:4f:48:84:81:3b:16:3d:be:06:77:a5:47:1f:c6:f5:64:
33:14:42:0e:fb:42:72:93:e3:72:7f:08:66:44:9f:3a:bc:bd:
08:04:85:55:2a:aa:0a:44:4b:35:d7:6f:95:fc:84:0b:e2:02:
60:f9:67:24:c3:0f:b5:8d:fd:47:12:70:0b:84:bd:d3:a8:62:
23:6f:02:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGzBNDvm3KxvMQJNYqwi6VJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTAyMTM1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE1MDY1M2UzNTNiMTgyZmRhZWJjNDVhZjFhMGJhZmE0MTQwYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnSocaTiELer8yA+SZNLnViWEHL/
VzKhBuKV5A4nSX5KBfhQpNTHhYmUtaff8oqbZ0txQ3k4lgPv9b6eyMEc2kalw4ot
CdwBOTIUYrfl+i07qkgDnQVcm/CO/Xc6rOJL7aJKiQLPLJtAoAKhWs8V3aWdMvny
7BQbmud+SAJS5w+6pmN2sGX6gW3SYaa+i4jganvEnCD5rRxIKm/rLdDLHqzz23AD
5P48LahSU58kRgDg9OUaGl2jVKad56InLtCxZ0d5l2CW4lsQ7VSCr5LVbUQmcyGD
9h4HSYHA++bVumhff2VUZMCXtb+DcZSDTdYy3KhLLM0kuUMoxvWsrAqUNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJClBlPjU7GC/a68Ra8aC6+kFAuzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva0tVR1UtTlRzWUw5cnJ4RnJ4b0xyNlFVQzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGEMA0G
CSqGSIb3DQEBCwUAA4IBAQCYVQZEyGYvoPhRavT+9zZlhckTPTRKUMe63zExSw2H
LP2vFaBJLBNc9ZCgYq9qIxd/uvmE8DC69vt2loqLh+N3faJq2M0p5ciAbJxYtZhy
2uhhv94tVbvhPZRig7mNwnCS4UzOuAZzJlCTMJ+ClteTPmYznPbq+XAmUMmVFcrx
IElT8XVRDP89+z59AudyUK+e3fCFYpuh+O00g/aU0b0ufrM8gR481rv3+MhoxOlr
Hre/bD7Emk9IhIE7Fj2+BnelRx/G9WQzFEIO+0Jyk+NyfwhmRJ86vL0IBIVVKqoK
REs112+V/IQL4gJg+Wckww+1jf1HEnALhL3TqGIjbwKm
-----END CERTIFICATE-----
Generated at Tue Nov 19 15:05:53 2024 by rpki-client on console-fra.rpki-client.org