Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Kwd0-VNu1ZRhGtSn7vBOiJaUxuE.roa
File: Kwd0-VNu1ZRhGtSn7vBOiJaUxuE.roa (raw, json)
Hash identifier: USztXSNsVqXniX6iSc+G+IPJy+R0t28aKZaryaWAa0w=
Subject key identifier: 2B:07:74:F9:53:6E:D5:94:61:1A:D4:A7:EE:F0:4E:88:96:94:C6:E1
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0187B6BE0DB7514B4BA1AADDB953F24F50A0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Kwd0-VNu1ZRhGtSn7vBOiJaUxuE.roa
Signing time: Tue 25 Apr 2023 04:48:41 +0000
ROA not before: Tue 25 Apr 2023 04:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44103
IP address blocks: 178.18.152.0/22 maxlen: 32
178.18.152.0/24 maxlen: 32
178.18.155.0/24 maxlen: 32
178.18.154.0/24 maxlen: 32
178.18.153.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b6:be:0d:b7:51:4b:4b:a1:aa:dd:b9:53:f2:4f:50:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 25 04:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b0774f9536ed594611ad4a7eef04e889694c6e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b0:21:2d:8a:4b:eb:2c:35:b9:70:19:2e:9b:
3f:8e:6d:e1:a3:da:88:9a:fe:32:69:92:20:ed:da:
7b:1d:3f:63:c5:9e:15:95:a2:d7:ec:85:71:03:4e:
b0:ea:f7:35:f2:7a:76:97:df:72:f1:32:6e:34:ab:
5b:65:8a:e5:09:ef:26:3f:a7:31:ac:78:f1:44:08:
3f:b1:65:39:dc:95:dd:f3:24:8b:1c:10:6a:48:ac:
e6:c6:af:4c:ca:48:33:21:ed:dc:b0:cc:38:43:f2:
ef:24:b0:50:9d:a0:12:f9:5c:4f:1b:61:a1:34:3a:
4b:e4:09:14:5b:63:32:e5:01:f9:a2:9a:1d:aa:c5:
66:2d:d2:2d:62:3c:f4:81:44:31:1c:f5:5a:99:7c:
2f:62:ab:71:7b:95:5e:1f:b5:a9:5f:6c:16:21:7d:
51:c7:ad:09:70:19:80:0c:22:11:99:76:e0:c4:a3:
40:ec:7f:ef:cf:68:46:72:a8:61:d8:cd:af:a1:17:
fa:fb:d4:c8:76:3a:58:17:44:fe:cb:b9:c7:b8:ac:
d1:03:a9:54:80:92:b9:dc:c9:6b:0a:8a:08:33:aa:
ca:f2:f4:a4:14:99:2b:12:fd:7c:ca:d7:e3:ac:05:
24:46:1c:ab:16:60:2c:39:49:11:f5:ac:95:70:f7:
cc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:07:74:F9:53:6E:D5:94:61:1A:D4:A7:EE:F0:4E:88:96:94:C6:E1
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Kwd0-VNu1ZRhGtSn7vBOiJaUxuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.18.152.0/22
Signature Algorithm: sha256WithRSAEncryption
d7:e9:b7:22:73:b2:e9:7b:8b:73:c6:40:55:32:b1:fd:e5:a8:
f1:90:4a:5d:2a:64:24:a1:2c:fb:42:16:28:fd:07:19:fa:36:
16:29:c0:79:ee:de:37:2c:ec:fe:a7:d0:21:80:9b:ee:de:1b:
75:68:6b:c6:38:3d:62:a1:11:25:f1:2e:6c:e0:b2:6c:0f:06:
bb:53:0e:68:39:f0:18:2d:d7:86:62:71:ce:48:ef:79:92:5d:
3f:2c:76:7e:75:72:69:64:cd:4d:39:f3:50:39:d3:6d:9f:26:
34:cc:e8:e5:4c:11:a2:2a:df:b8:ee:25:fe:48:6c:25:a8:13:
69:2f:bd:8e:90:00:a6:fa:2b:2b:d8:ed:02:e2:0e:34:ad:5b:
15:6b:c4:2a:bf:6e:df:3f:f1:9d:12:5c:52:ed:88:8c:8c:51:
09:ec:25:e7:60:e8:cd:a1:70:e1:88:c5:22:9a:6a:62:a7:51:
3f:f9:39:f2:35:1f:ab:9a:cc:16:6a:28:ed:23:81:64:6e:38:
b8:5a:20:40:ef:af:6a:be:7d:91:6b:24:88:1f:27:a2:37:10:
f4:03:13:d1:0c:b2:1c:a4:ac:11:da:8d:a5:9c:a9:9e:7e:ac:
dd:25:3d:d0:49:dc:66:e3:59:9c:d9:e6:21:1c:c0:4e:a2:a1:
51:4a:b8:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe2vg23UUtLoarduVPyT1CgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjMwNDI1MDQ0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjA3NzRmOTUzNmVkNTk0NjExYWQ0YTdlZWYwNGU4ODk2OTRjNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7AhLYpL6yw1uXAZLps/jm3ho9qI
mv4yaZIg7dp7HT9jxZ4VlaLX7IVxA06w6vc18np2l99y8TJuNKtbZYrlCe8mP6cx
rHjxRAg/sWU53JXd8ySLHBBqSKzmxq9MykgzIe3csMw4Q/LvJLBQnaAS+VxPG2Gh
NDpL5AkUW2My5QH5opodqsVmLdItYjz0gUQxHPVamXwvYqtxe5VeH7WpX2wWIX1R
x60JcBmADCIRmXbgxKNA7H/vz2hGcqhh2M2voRf6+9TIdjpYF0T+y7nHuKzRA6lU
gJK53MlrCooIM6rK8vSkFJkrEv18ytfjrAUkRhyrFmAsOUkR9ayVcPfMRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsHdPlTbtWUYRrUp+7wToiWlMbhMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvS3dkMC1WTnUxWlJoR3RTbjd2Qk9pSmFVeHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCshKYMA0G
CSqGSIb3DQEBCwUAA4IBAQDX6bcic7Lpe4tzxkBVMrH95ajxkEpdKmQkoSz7QhYo
/QcZ+jYWKcB57t43LOz+p9AhgJvu3ht1aGvGOD1ioREl8S5s4LJsDwa7Uw5oOfAY
LdeGYnHOSO95kl0/LHZ+dXJpZM1NOfNQOdNtnyY0zOjlTBGiKt+47iX+SGwlqBNp
L72OkACm+isr2O0C4g40rVsVa8Qqv27fP/GdElxS7YiMjFEJ7CXnYOjNoXDhiMUi
mmpip1E/+TnyNR+rmswWaijtI4Fkbji4WiBA769qvn2RaySIHyeiNxD0AxPRDLIc
pKwR2o2lnKmefqzdJT3QSdxm41mc2eYhHMBOoqFRSrhQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:54 2024 by rpki-client on console-ams.rpki-client.org