Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/kRiE99fnfBRs7un_HbtrBd7NPxg.roa
File: kRiE99fnfBRs7un_HbtrBd7NPxg.roa (raw, json)
Hash identifier: tDrO1rbHN3IoUqWcParkJMQK1HbVaw7/t3G3k8rrtGA=
Subject key identifier: 91:18:84:F7:D7:E7:7C:14:6C:EE:E9:FF:1D:BB:6B:05:DE:CD:3F:18
Certificate issuer: /CN=27280cc534516d1c1d9ea024eaafbd01fdc68c97
Certificate serial: 01857246D9EF7F902D5DA63D75BCCABA375A
Authority key identifier: 27:28:0C:C5:34:51:6D:1C:1D:9E:A0:24:EA:AF:BD:01:FD:C6:8C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JygMxTRRbRwdnqAk6q-9Af3GjJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/kRiE99fnfBRs7un_HbtrBd7NPxg.roa
Signing time: Mon 02 Jan 2023 11:38:43 +0000
ROA not before: Mon 02 Jan 2023 11:38:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39238
IP address blocks: 185.38.160.0/22 maxlen: 32
194.36.148.0/22 maxlen: 32
79.143.64.0/22 maxlen: 32
79.143.76.0/22 maxlen: 32
217.29.50.0/23 maxlen: 32
217.29.52.0/22 maxlen: 32
217.29.56.0/21 maxlen: 32
2a0c:f540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d9:ef:7f:90:2d:5d:a6:3d:75:bc:ca:ba:37:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27280cc534516d1c1d9ea024eaafbd01fdc68c97
Validity
Not Before: Jan 2 11:38:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=911884f7d7e77c146ceee9ff1dbb6b05decd3f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9c:bd:e9:cc:bd:49:a9:d2:c3:06:20:12:2a:
76:bb:c9:e9:07:9a:e8:12:9f:ae:ce:61:f5:b8:b0:
57:ae:0d:52:e3:b2:5e:87:d3:e4:0c:7c:7c:c3:72:
aa:76:a6:a7:b0:c3:d5:e0:d8:55:b0:b1:8f:b4:05:
d2:f6:cf:66:e6:46:75:e2:66:dc:7b:a4:b7:43:16:
76:b8:7e:41:09:1f:f2:c4:3b:9d:16:88:8f:af:97:
22:a6:d9:6f:cb:6c:7c:f3:6d:d9:62:98:a9:f5:7b:
34:d5:e9:c1:bc:ef:59:ac:a0:d6:1a:9d:9e:23:f2:
63:dc:f9:89:1d:f1:a3:d1:ce:0b:70:47:48:55:52:
e8:3c:82:7f:be:84:ee:ba:29:76:3f:67:11:c3:41:
df:4f:be:49:0e:91:05:d5:0a:7b:06:99:ca:25:f0:
a9:38:6a:42:9e:16:f1:71:55:f6:da:63:34:dc:14:
ed:c6:a6:e1:aa:3b:cb:c3:65:14:fd:06:8b:86:4f:
d9:0c:e9:6e:ed:f9:c6:92:d2:1e:0a:f2:dd:31:0f:
51:8a:5f:d9:3b:d0:55:78:d1:b8:cc:6d:89:16:1a:
aa:70:4d:01:47:f8:f5:e9:bf:e1:5f:07:77:f0:3c:
2d:d0:4f:98:51:5e:7a:31:86:43:6e:ab:37:22:2b:
9a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:18:84:F7:D7:E7:7C:14:6C:EE:E9:FF:1D:BB:6B:05:DE:CD:3F:18
X509v3 Authority Key Identifier:
keyid:27:28:0C:C5:34:51:6D:1C:1D:9E:A0:24:EA:AF:BD:01:FD:C6:8C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JygMxTRRbRwdnqAk6q-9Af3GjJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/kRiE99fnfBRs7un_HbtrBd7NPxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/JygMxTRRbRwdnqAk6q-9Af3GjJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.64.0/22
79.143.76.0/22
185.38.160.0/22
194.36.148.0/22
217.29.50.0-217.29.63.255
IPv6:
2a0c:f540::/29
Signature Algorithm: sha256WithRSAEncryption
10:12:03:59:3c:1f:f8:a0:68:51:a7:86:b1:ce:9a:4c:e8:cc:
36:9d:13:b3:31:be:cf:bd:6a:cc:f6:ab:47:65:01:45:fd:9e:
eb:d5:a3:48:4a:b7:a0:17:59:85:cc:57:2e:71:db:c9:85:cd:
f0:1f:6b:f6:92:84:66:62:81:12:5c:f2:fb:98:be:68:3c:40:
c1:64:a5:1f:cb:2b:a1:cd:c2:0c:93:e4:16:18:59:87:74:7a:
78:9f:4c:6f:dd:2e:b4:00:7b:c6:db:10:6d:6c:de:2c:9c:6c:
f7:eb:af:32:72:74:97:dd:43:21:df:85:d5:33:c3:50:23:0d:
6e:5a:af:8d:ab:9d:01:0f:ad:6d:6d:88:9b:53:e0:2c:91:ce:
c3:63:fa:44:06:3c:89:05:1c:81:bc:cc:43:c9:ba:50:00:19:
f7:fb:45:ec:f2:4c:55:03:9f:d7:8b:2e:44:6b:f7:d5:bf:8a:
69:b4:e1:4c:14:0e:c3:87:01:17:0c:82:d5:36:e0:46:3c:ba:
58:93:79:7c:9f:c6:0d:aa:fe:d6:e6:17:f6:ca:08:c4:92:58:
80:00:bc:9a:d4:0c:c9:d0:ab:c4:49:1c:5d:fc:cb:c1:16:f8:
fe:ed:1b:8f:cb:0c:16:37:85:cc:eb:f2:65:c4:d0:d5:0d:0b:
65:f7:67:6f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVyRtnvf5AtXaY9dbzKujdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MjgwY2M1MzQ1MTZkMWMxZDllYTAyNGVhYWZiZDAxZmRj
NjhjOTcwHhcNMjMwMTAyMTEzODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE4ODRmN2Q3ZTc3YzE0NmNlZWU5ZmYxZGJiNmIwNWRlY2QzZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZy96cy9SanSwwYgEip2u8npB5ro
Ep+uzmH1uLBXrg1S47Jeh9PkDHx8w3KqdqansMPV4NhVsLGPtAXS9s9m5kZ14mbc
e6S3QxZ2uH5BCR/yxDudFoiPr5ciptlvy2x8823ZYpip9Xs01enBvO9ZrKDWGp2e
I/Jj3PmJHfGj0c4LcEdIVVLoPIJ/voTuuil2P2cRw0HfT75JDpEF1Qp7BpnKJfCp
OGpCnhbxcVX22mM03BTtxqbhqjvLw2UU/QaLhk/ZDOlu7fnGktIeCvLdMQ9Ril/Z
O9BVeNG4zG2JFhqqcE0BR/j16b/hXwd38Dwt0E+YUV56MYZDbqs3IiuaWQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJEYhPfX53wUbO7p/x27awXezT8YMB8GA1UdIwQY
MBaAFCcoDMU0UW0cHZ6gJOqvvQH9xoyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnlnTXhUUlJiUndkbnFBazZxLTlBZjNHakpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wY2M2YjUtNTQ3Ny00OTBhLWEyOTUt
MTViNzliMDI5NDNlLzEva1JpRTk5Zm5mQlJzN3VuX0hidHJCZDdOUHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wY2M2YjUtNTQ3Ny00OTBhLWEyOTUtMTViNzliMDI5NDNl
LzEvSnlnTXhUUlJiUndkbnFBazZxLTlBZjNHakpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCT49AAwQC
T49MAwQCuSagAwQCwiSUMAwDBAHZHTIDBAbZHQAwDQQCAAIwBwMFAyoM9UAwDQYJ
KoZIhvcNAQELBQADggEBABASA1k8H/igaFGnhrHOmkzozDadE7Mxvs+9asz2q0dl
AUX9nuvVo0hKt6AXWYXMVy5x28mFzfAfa/aShGZigRJc8vuYvmg8QMFkpR/LK6HN
wgyT5BYYWYd0enifTG/dLrQAe8bbEG1s3iycbPfrrzJydJfdQyHfhdUzw1AjDW5a
r42rnQEPrW1tiJtT4CyRzsNj+kQGPIkFHIG8zEPJulAAGff7RezyTFUDn9eLLkRr
99W/imm04UwUDsOHARcMgtU24EY8uliTeXyfxg2q/tbmF/bKCMSSWIAAvJrUDMnQ
q8RJHF38y8EW+P7tG4/LDBY3hczr8mXE0NUNC2X3Z28=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:10 2024 by rpki-client on console-ams.rpki-client.org