Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/KP_Vpk4cBDego7X8_F8GQakdC9c.roa
File: KP_Vpk4cBDego7X8_F8GQakdC9c.roa (raw, json)
Hash identifier: ydT9lViFC+btI6Q1H35y0o/VfXiDctETZNWcKjwnDKc=
Subject key identifier: 28:FF:D5:A6:4E:1C:04:37:A0:A3:B5:FC:FC:5F:06:41:A9:1D:0B:D7
Certificate issuer: /CN=9f1bd9732e6cdd6e7494d79187fca855b5199909
Certificate serial: 01857315F0CD7D9884A77DD4653B6377358F
Authority key identifier: 9F:1B:D9:73:2E:6C:DD:6E:74:94:D7:91:87:FC:A8:55:B5:19:99:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nxvZcy5s3W50lNeRh_yoVbUZmQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/KP_Vpk4cBDego7X8_F8GQakdC9c.roa
Signing time: Mon 02 Jan 2023 15:24:55 +0000
ROA not before: Mon 02 Jan 2023 15:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49945
IP address blocks: 193.33.130.0/24 maxlen: 24
193.33.131.0/24 maxlen: 24
193.33.130.0/23 maxlen: 23
193.33.137.0/24 maxlen: 24
193.33.136.0/23 maxlen: 23
193.33.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f0:cd:7d:98:84:a7:7d:d4:65:3b:63:77:35:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f1bd9732e6cdd6e7494d79187fca855b5199909
Validity
Not Before: Jan 2 15:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28ffd5a64e1c0437a0a3b5fcfc5f0641a91d0bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:29:8b:a3:36:c6:7e:cb:2b:00:11:59:0a:5f:
93:d6:3d:c0:48:5c:21:ce:db:49:b3:9f:6e:16:2f:
b6:fe:f4:d7:50:06:68:6a:05:66:81:a1:fa:20:7e:
1f:26:f0:99:69:31:f2:2c:dd:b9:15:10:39:11:1a:
77:19:f5:01:a7:f1:e1:7e:9e:e7:29:d6:d9:d7:ab:
90:60:9a:b5:b1:f7:e5:c1:4f:c0:d6:2d:2c:6e:be:
26:85:df:a4:d7:c1:a5:2f:f0:3f:3d:dc:00:0b:ff:
97:2f:58:81:8c:c2:91:8c:73:fe:b5:db:3a:7c:bf:
40:a6:2b:b5:e9:b1:15:6e:3b:12:20:20:80:9d:ca:
2a:9a:c2:b8:f8:c9:7d:7f:fa:37:a1:38:05:31:a7:
c9:0d:22:55:f6:d7:33:1b:28:33:74:3d:b5:46:01:
3f:4b:f5:74:ee:37:55:58:c9:c4:3a:1a:f4:e4:24:
7e:06:6d:82:e0:3c:42:6b:cf:4c:f4:06:8f:49:c6:
aa:ca:9e:4a:7a:00:20:fc:a1:02:f6:a5:89:12:f7:
1c:c1:6e:1c:89:ca:b4:c7:48:e7:15:52:a7:18:85:
91:d5:1c:84:33:10:99:19:10:f8:0d:30:96:55:cf:
8a:d8:06:f6:f3:bf:31:00:f2:5f:65:01:2c:ad:d6:
f5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FF:D5:A6:4E:1C:04:37:A0:A3:B5:FC:FC:5F:06:41:A9:1D:0B:D7
X509v3 Authority Key Identifier:
keyid:9F:1B:D9:73:2E:6C:DD:6E:74:94:D7:91:87:FC:A8:55:B5:19:99:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxvZcy5s3W50lNeRh_yoVbUZmQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/KP_Vpk4cBDego7X8_F8GQakdC9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/nxvZcy5s3W50lNeRh_yoVbUZmQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.130.0/23
193.33.136.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:6f:e1:89:2e:80:a3:ed:e0:0a:e8:6c:e1:1d:cd:16:d8:51:
f5:39:9c:5b:8b:28:ad:a3:9c:e5:e6:62:31:2c:ad:62:d9:bf:
e8:f9:5f:ef:03:96:dd:2e:f7:a6:43:b4:f6:d2:cc:c3:e6:00:
c0:0e:f0:83:6a:3e:d8:61:f7:a0:01:db:33:a3:00:9e:30:21:
bd:59:15:e8:9d:dc:b0:aa:7e:32:36:55:4e:bf:d5:d7:c1:5f:
b8:a3:99:f0:d1:42:88:98:28:f6:65:79:55:cd:a4:ed:16:4e:
70:c0:04:a1:ed:db:73:f8:ff:76:36:b3:0d:c4:3f:68:1b:d4:
46:5d:78:67:05:aa:04:9e:ac:f5:1c:14:58:7b:61:a2:0c:76:
ba:07:0a:dc:e9:de:ff:24:bc:2a:db:ee:16:60:a2:f4:6a:94:
e4:73:54:c8:dc:02:0f:00:4b:ed:2f:0d:7e:75:97:33:da:b8:
58:ef:e2:c2:55:d5:be:0c:ab:1c:64:43:0a:dd:26:02:73:f5:
bc:e2:0b:ba:dc:9c:c7:25:26:09:39:8a:ef:42:c6:f4:9d:89:
e1:7a:3c:a9:7d:00:bd:e7:f1:9f:8b:c7:f1:0d:21:50:a7:40:
92:b9:f5:bf:17:48:d7:7f:83:8f:1b:d0:db:72:cd:b4:a8:c5:
84:3f:84:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzFfDNfZiEp33UZTtjdzWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMWJkOTczMmU2Y2RkNmU3NDk0ZDc5MTg3ZmNhODU1YjUx
OTk5MDkwHhcNMjMwMTAyMTUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZmZDVhNjRlMWMwNDM3YTBhM2I1ZmNmYzVmMDY0MWE5MWQwYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSmLozbGfssrABFZCl+T1j3ASFwh
zttJs59uFi+2/vTXUAZoagVmgaH6IH4fJvCZaTHyLN25FRA5ERp3GfUBp/Hhfp7n
KdbZ16uQYJq1sfflwU/A1i0sbr4mhd+k18GlL/A/PdwAC/+XL1iBjMKRjHP+tds6
fL9Apiu16bEVbjsSICCAncoqmsK4+Ml9f/o3oTgFMafJDSJV9tczGygzdD21RgE/
S/V07jdVWMnEOhr05CR+Bm2C4DxCa89M9AaPScaqyp5KegAg/KEC9qWJEvccwW4c
icq0x0jnFVKnGIWR1RyEMxCZGRD4DTCWVc+K2Ab2878xAPJfZQEsrdb1SQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCj/1aZOHAQ3oKO1/PxfBkGpHQvXMB8GA1UdIwQY
MBaAFJ8b2XMubN1udJTXkYf8qFW1GZkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnh2WmN5NXMzVzUwbE5lUmhfeW9WYlVabVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xNGVhZDktY2JiMS00NjM5LTgxYTct
ZDhiODIwMmQ3Nzg2LzEvS1BfVnBrNGNCRGVnbzdYOF9GOEdRYWtkQzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xNGVhZDktY2JiMS00NjM5LTgxYTctZDhiODIwMmQ3Nzg2
LzEvbnh2WmN5NXMzVzUwbE5lUmhfeW9WYlVabVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwSGCAwQB
wSGIMA0GCSqGSIb3DQEBCwUAA4IBAQAKb+GJLoCj7eAK6GzhHc0W2FH1OZxbiyit
o5zl5mIxLK1i2b/o+V/vA5bdLvemQ7T20szD5gDADvCDaj7YYfegAdszowCeMCG9
WRXondywqn4yNlVOv9XXwV+4o5nw0UKImCj2ZXlVzaTtFk5wwASh7dtz+P92NrMN
xD9oG9RGXXhnBaoEnqz1HBRYe2GiDHa6Bwrc6d7/JLwq2+4WYKL0apTkc1TI3AIP
AEvtLw1+dZcz2rhY7+LCVdW+DKscZEMK3SYCc/W84gu63JzHJSYJOYrvQsb0nYnh
ejypfQC95/Gfi8fxDSFQp0CSufW/F0jXf4OPG9Dbcs20qMWEP4Q6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:41 2024 by rpki-client on console-fra.rpki-client.org