Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2bdcfe-172a-423e-8057-c924f8630fe4/1/kfna0EamcI03p64qyqX0xZ4tWrg.roa
File: kfna0EamcI03p64qyqX0xZ4tWrg.roa (raw, json)
Hash identifier: PxyQMFLE8jzGLp/zVdQIORt5N2TOhER4ehFuVX4SuZQ=
Subject key identifier: 91:F9:DA:D0:46:A6:70:8D:37:A7:AE:2A:CA:A5:F4:C5:9E:2D:5A:B8
Certificate issuer: /CN=d3bca2b8b27193069902a7c666436edc04ebfbc7
Certificate serial: 01857CB47F8C41E4088E658769EDDDE4EC82
Authority key identifier: D3:BC:A2:B8:B2:71:93:06:99:02:A7:C6:66:43:6E:DC:04:EB:FB:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07yiuLJxkwaZAqfGZkNu3ATr-8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2bdcfe-172a-423e-8057-c924f8630fe4/1/kfna0EamcI03p64qyqX0xZ4tWrg.roa
Signing time: Wed 04 Jan 2023 12:14:41 +0000
ROA not before: Wed 04 Jan 2023 12:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.33.24.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:b4:7f:8c:41:e4:08:8e:65:87:69:ed:dd:e4:ec:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3bca2b8b27193069902a7c666436edc04ebfbc7
Validity
Not Before: Jan 4 12:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91f9dad046a6708d37a7ae2acaa5f4c59e2d5ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9a:f8:6c:7c:ff:34:e6:55:9f:f9:55:0e:87:
f4:3e:d3:a9:8b:79:e9:d1:ba:d2:bc:ad:29:dc:eb:
09:47:71:0e:af:a0:75:ea:9f:58:27:f1:e0:4f:08:
11:2a:7a:f0:8d:d1:dc:86:ad:1b:44:10:91:f6:f3:
cc:6f:e6:a8:b9:bf:0e:4b:75:db:89:b8:50:e9:54:
21:4b:65:04:8f:40:6b:aa:06:3c:22:99:f8:0e:94:
ff:f5:1f:d9:9f:fd:b5:05:68:4e:f9:f0:fd:c6:78:
0d:76:33:fb:af:85:30:03:e5:b3:bb:48:44:0c:21:
ce:fd:3a:73:9b:89:02:a5:f2:33:1d:32:23:2e:88:
96:7b:fe:de:77:81:e3:e1:e9:e7:ab:05:de:09:4b:
32:70:79:92:42:ff:ad:c7:f7:c0:46:75:3f:2c:fa:
0e:98:d1:67:fc:41:a5:8f:79:19:c1:d6:11:33:6e:
1f:88:39:3c:99:f1:25:72:ad:e2:e3:ce:6e:60:71:
62:4a:0c:92:8c:d6:54:28:6f:69:ad:e2:0f:d6:c5:
17:35:a0:06:5a:99:9f:e7:71:7a:28:20:16:df:6d:
4e:3f:6f:17:0d:9c:53:c7:a3:82:80:de:a6:e6:06:
43:e2:ac:ac:6d:ee:ba:fd:dc:e5:8d:fe:81:ea:a7:
ec:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F9:DA:D0:46:A6:70:8D:37:A7:AE:2A:CA:A5:F4:C5:9E:2D:5A:B8
X509v3 Authority Key Identifier:
keyid:D3:BC:A2:B8:B2:71:93:06:99:02:A7:C6:66:43:6E:DC:04:EB:FB:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07yiuLJxkwaZAqfGZkNu3ATr-8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2bdcfe-172a-423e-8057-c924f8630fe4/1/kfna0EamcI03p64qyqX0xZ4tWrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2bdcfe-172a-423e-8057-c924f8630fe4/1/07yiuLJxkwaZAqfGZkNu3ATr-8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.24.0/24
Signature Algorithm: sha256WithRSAEncryption
46:51:d4:26:10:1a:f5:dc:2a:94:87:35:c3:79:2f:80:92:ec:
71:7d:b3:b6:3a:2e:69:ad:c2:47:66:11:91:42:73:a5:e5:4f:
18:a8:5f:f5:06:22:b8:fa:f7:ed:7c:53:c2:4e:f2:45:38:9d:
cd:b3:f6:76:a3:1d:bb:a3:ff:d2:04:06:28:ab:75:fc:6a:74:
a1:e2:0d:63:bf:f8:19:69:26:7f:a2:d5:22:21:72:e0:2d:c5:
91:6b:24:ac:fa:b3:0d:6f:dc:e2:bc:68:35:06:6e:ed:68:31:
fe:47:b3:aa:97:0e:1f:f9:6b:d3:38:ef:00:31:d9:d6:65:b9:
b6:fa:bf:0d:20:48:20:6b:f3:d0:62:98:43:64:a4:69:85:12:
46:da:0e:55:d9:15:14:b2:a8:4a:e6:8a:35:2d:fb:d1:d4:d4:
bf:48:63:63:33:db:3f:40:dd:ff:e1:8d:3d:99:12:d5:6b:6e:
04:0d:f3:1e:3d:c5:46:61:73:09:0b:c9:da:a2:90:e3:4d:5e:
ff:d2:35:09:ac:e4:72:28:f5:90:7f:8b:a2:20:70:33:3e:a5:
77:02:39:80:89:b3:a2:f5:39:a1:f1:0f:e1:fc:a3:a6:57:3f:
dc:74:59:99:0d:8f:a3:c4:59:c7:97:cc:fe:99:47:ea:b8:15:
b7:44:fc:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV8tH+MQeQIjmWHae3d5OyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYmNhMmI4YjI3MTkzMDY5OTAyYTdjNjY2NDM2ZWRjMDRl
YmZiYzcwHhcNMjMwMTA0MTIxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWY5ZGFkMDQ2YTY3MDhkMzdhN2FlMmFjYWE1ZjRjNTllMmQ1YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZr4bHz/NOZVn/lVDof0PtOpi3np
0brSvK0p3OsJR3EOr6B16p9YJ/HgTwgRKnrwjdHchq0bRBCR9vPMb+aoub8OS3Xb
ibhQ6VQhS2UEj0BrqgY8Ipn4DpT/9R/Zn/21BWhO+fD9xngNdjP7r4UwA+Wzu0hE
DCHO/Tpzm4kCpfIzHTIjLoiWe/7ed4Hj4ennqwXeCUsycHmSQv+tx/fARnU/LPoO
mNFn/EGlj3kZwdYRM24fiDk8mfElcq3i485uYHFiSgySjNZUKG9preIP1sUXNaAG
Wpmf53F6KCAW321OP28XDZxTx6OCgN6m5gZD4qysbe66/dzljf6B6qfsuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJH52tBGpnCNN6euKsql9MWeLVq4MB8GA1UdIwQY
MBaAFNO8oriycZMGmQKnxmZDbtwE6/vHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDd5aXVMSnhrd2FaQXFmR1prTnUzQVRyLThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yYmRjZmUtMTcyYS00MjNlLTgwNTct
YzkyNGY4NjMwZmU0LzEva2ZuYTBFYW1jSTAzcDY0cXlxWDB4WjR0V3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yYmRjZmUtMTcyYS00MjNlLTgwNTctYzkyNGY4NjMwZmU0
LzEvMDd5aXVMSnhrd2FaQXFmR1prTnUzQVRyLThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSEYMA0G
CSqGSIb3DQEBCwUAA4IBAQBGUdQmEBr13CqUhzXDeS+AkuxxfbO2Oi5prcJHZhGR
QnOl5U8YqF/1BiK4+vftfFPCTvJFOJ3Ns/Z2ox27o//SBAYoq3X8anSh4g1jv/gZ
aSZ/otUiIXLgLcWRaySs+rMNb9zivGg1Bm7taDH+R7Oqlw4f+WvTOO8AMdnWZbm2
+r8NIEgga/PQYphDZKRphRJG2g5V2RUUsqhK5oo1LfvR1NS/SGNjM9s/QN3/4Y09
mRLVa24EDfMePcVGYXMJC8naopDjTV7/0jUJrORyKPWQf4uiIHAzPqV3AjmAibOi
9Tmh8Q/h/KOmVz/cdFmZDY+jxFnHl8z+mUfquBW3RPwW
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:50 2024 by rpki-client on console-fra.rpki-client.org