Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/KcsiBGJ9Uun-QS5ZWYvNobXwTS4.roa
File: KcsiBGJ9Uun-QS5ZWYvNobXwTS4.roa (raw, json)
Hash identifier: 93ekYSGsRqvtb0ArWPc967FnBDc/9r1YIBsq73l+wj0=
Subject key identifier: 29:CB:22:04:62:7D:52:E9:FE:41:2E:59:59:8B:CD:A1:B5:F0:4D:2E
Certificate issuer: /CN=588cabf6f523f26e267db03b524347841aaaa465
Certificate serial: 01856FA6F7ED5E066E6C454DE2E3AA85E515
Authority key identifier: 58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/KcsiBGJ9Uun-QS5ZWYvNobXwTS4.roa
Signing time: Sun 01 Jan 2023 23:24:51 +0000
ROA not before: Sun 01 Jan 2023 23:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48635
IP address blocks: 94.126.32.0/22 maxlen: 24
62.221.192.0/19 maxlen: 24
185.87.248.0/22 maxlen: 24
86.109.16.0/22 maxlen: 24
185.21.242.0/24 maxlen: 24
2001:1460::/32 maxlen: 48
2a05:c4c0::/29 maxlen: 48
2a04:1cc0::/29 maxlen: 48
2a0d:7980::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f7:ed:5e:06:6e:6c:45:4d:e2:e3:aa:85:e5:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588cabf6f523f26e267db03b524347841aaaa465
Validity
Not Before: Jan 1 23:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29cb2204627d52e9fe412e59598bcda1b5f04d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4a:4a:63:0f:20:49:8e:94:55:9c:3f:98:b7:
79:18:4e:8c:b7:ea:72:6b:a6:4d:3b:60:6d:e7:57:
b7:07:41:3c:06:f0:eb:a4:b3:6c:4e:d0:3b:49:61:
45:0f:f0:ba:84:78:d0:5e:a3:f7:47:23:ef:e6:aa:
aa:31:c4:49:d0:9b:61:6b:c5:6d:9c:25:01:3d:0b:
88:b1:7d:d4:20:c4:bb:de:a1:80:07:04:8c:b9:4b:
31:83:28:20:5c:bf:b2:08:8f:bc:d3:eb:ae:e0:b3:
4e:37:92:8a:c4:09:6d:fb:ab:e5:93:a3:75:f3:65:
59:64:a7:b6:ab:f7:aa:4f:56:0d:e7:94:ba:54:29:
cf:16:c6:35:ec:e7:51:6a:b2:9c:b1:58:ff:a1:e3:
b9:fb:0a:62:6b:ec:41:d1:6a:bc:90:94:05:c3:29:
12:0d:9b:72:f9:79:ef:30:e0:b3:96:5d:1d:36:30:
ad:11:61:84:4b:66:5d:bf:89:b5:e3:29:a4:48:90:
7f:42:36:3a:62:43:20:48:59:12:df:7e:90:14:fe:
fc:a3:02:13:a9:2b:f3:db:66:85:f8:91:b3:ee:e0:
cb:4c:5d:d4:3b:e8:43:57:40:f3:40:85:cc:41:1b:
de:84:14:5f:ae:e8:ab:eb:33:35:70:95:f6:de:4f:
e5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CB:22:04:62:7D:52:E9:FE:41:2E:59:59:8B:CD:A1:B5:F0:4D:2E
X509v3 Authority Key Identifier:
keyid:58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/KcsiBGJ9Uun-QS5ZWYvNobXwTS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.192.0/19
86.109.16.0/22
94.126.32.0/22
185.21.242.0/24
185.87.248.0/22
IPv6:
2001:1460::/32
2a04:1cc0::/29
2a05:c4c0::/29
2a0d:7980::/32
Signature Algorithm: sha256WithRSAEncryption
77:7b:f3:17:73:08:fd:18:2a:8b:74:24:35:86:75:cc:dc:8c:
43:20:b9:68:d1:50:fe:3a:62:00:f2:25:85:f8:68:72:ed:4c:
b4:ff:bd:58:61:7f:71:a3:3f:22:00:7c:3f:20:34:fb:5a:57:
b5:7a:4b:4a:dd:77:a4:4c:5a:a9:56:b4:14:2c:8a:60:80:74:
cb:f1:be:d0:be:75:be:62:53:49:09:89:48:03:5d:b4:03:3b:
f9:eb:eb:a6:d4:d2:4f:b6:d3:69:24:b9:ac:55:a8:23:af:36:
c7:ec:ba:0b:60:6e:c4:ac:07:f8:94:e1:40:15:a4:94:81:1a:
f1:e7:60:b2:62:49:bd:7b:eb:bf:13:10:50:e1:48:c9:8d:ca:
03:8f:6a:74:8a:9e:eb:16:48:40:a8:49:05:0b:7b:fc:41:fd:
f5:bc:86:3b:d6:0b:f1:0b:fa:75:50:56:44:22:b4:05:e9:d1:
c7:f9:27:ce:cd:13:7c:63:67:5e:b8:bf:0a:11:ac:13:70:8e:
fb:37:f3:71:b8:dc:74:b5:21:f6:d5:89:7c:ca:13:54:2b:5f:
a8:ee:4d:1c:ea:25:00:ca:c9:3b:a1:ac:20:a4:0f:ba:3b:0a:
6d:3e:50:a7:c8:c4:ce:5b:1f:38:b9:76:cd:64:5c:f5:dd:59:
cf:75:a5:fe
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVvpvftXgZubEVN4uOqheUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGNhYmY2ZjUyM2YyNmUyNjdkYjAzYjUyNDM0Nzg0MWFh
YWE0NjUwHhcNMjMwMTAxMjMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWNiMjIwNDYyN2Q1MmU5ZmU0MTJlNTk1OThiY2RhMWI1ZjA0ZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUpKYw8gSY6UVZw/mLd5GE6Mt+py
a6ZNO2Bt51e3B0E8BvDrpLNsTtA7SWFFD/C6hHjQXqP3RyPv5qqqMcRJ0Jtha8Vt
nCUBPQuIsX3UIMS73qGABwSMuUsxgyggXL+yCI+80+uu4LNON5KKxAlt+6vlk6N1
82VZZKe2q/eqT1YN55S6VCnPFsY17OdRarKcsVj/oeO5+wpia+xB0Wq8kJQFwykS
DZty+XnvMOCzll0dNjCtEWGES2Zdv4m14ymkSJB/QjY6YkMgSFkS336QFP78owIT
qSvz22aF+JGz7uDLTF3UO+hDV0DzQIXMQRvehBRfruir6zM1cJX23k/luwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCnLIgRifVLp/kEuWVmLzaG18E0uMB8GA1UdIwQY
MBaAFFiMq/b1I/JuJn2wO1JDR4QaqqRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQt
NmFkMzI1MmExNDI3LzEvS2NzaUJHSjlVdW4tUVM1WldZdk5vYlh3VFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQtNmFkMzI1MmExNDI3
LzEvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQFPt3AAwQC
Vm0QAwQCXn4gAwQAuRXyAwQCuVf4MCIEAgACMBwDBQAgARRgAwUDKgQcwAMFAyoF
xMADBQAqDXmAMA0GCSqGSIb3DQEBCwUAA4IBAQB3e/MXcwj9GCqLdCQ1hnXM3IxD
ILlo0VD+OmIA8iWF+Ghy7Uy0/71YYX9xoz8iAHw/IDT7Wle1ektK3XekTFqpVrQU
LIpggHTL8b7QvnW+YlNJCYlIA120Azv56+um1NJPttNpJLmsVagjrzbH7LoLYG7E
rAf4lOFAFaSUgRrx52CyYkm9e+u/ExBQ4UjJjcoDj2p0ip7rFkhAqEkFC3v8Qf31
vIY71gvxC/p1UFZEIrQF6dHH+SfOzRN8Y2deuL8KEawTcI77N/NxuNx0tSH21Yl8
yhNUK1+o7k0c6iUAysk7oawgpA+6OwptPlCnyMTOWx84uXbNZFz13VnPdaX+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:47 2024 by rpki-client on console-fra.rpki-client.org