Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KPH-hw_eRRSlrWKDxqh1xp_QoQ0.roa
File: KPH-hw_eRRSlrWKDxqh1xp_QoQ0.roa (raw, json)
Hash identifier: c2Jyvf8IiwuMicVu1MLNydSPTZly/+bmSyBn29h35Ns=
Subject key identifier: 28:F1:FE:87:0F:DE:45:14:A5:AD:62:83:C6:A8:75:C6:9F:D0:A1:0D
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0188BF5EDA1036D5E7D1D5AEEE956D45DB5A
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KPH-hw_eRRSlrWKDxqh1xp_QoQ0.roa
Signing time: Thu 15 Jun 2023 14:04:04 +0000
ROA not before: Thu 15 Jun 2023 14:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34358
IP address blocks: 85.121.136.0/23 maxlen: 23
217.156.44.0/23 maxlen: 23
85.120.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Jun 2023 19:51:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:5e:da:10:36:d5:e7:d1:d5:ae:ee:95:6d:45:db:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 15 14:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f1fe870fde4514a5ad6283c6a875c69fd0a10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:3a:60:62:5f:36:ec:af:72:48:b0:01:6d:
39:c1:3b:43:11:05:4b:0b:5d:e7:13:bb:85:4e:7b:
b5:c8:2d:86:37:ef:bb:ee:f8:8e:d4:bd:ee:af:f3:
b4:c3:0e:b3:cb:d1:1f:d6:b8:b9:69:b1:b8:7c:fd:
2c:d1:47:d8:b5:c0:ca:36:e6:8b:a5:5b:35:03:c3:
c6:e9:33:37:59:48:43:10:d1:a3:7e:78:fb:1e:59:
1b:12:ef:b3:5b:27:92:cb:d8:da:b6:2c:09:ca:ad:
3b:fc:d4:98:f8:59:60:dd:8f:df:cc:36:cc:7c:3f:
67:bc:7e:cf:ba:72:69:f9:17:46:49:b9:24:56:36:
69:54:14:61:7c:39:fb:8d:5c:e9:62:40:5e:0e:25:
bb:58:d0:5d:41:e2:7e:13:85:2d:8f:6d:f6:e8:14:
39:73:ce:3f:22:df:6d:18:21:4f:08:34:b3:d8:36:
56:59:13:1c:af:20:f6:34:d7:9f:44:91:8f:1f:99:
4d:31:11:d5:e8:5c:32:da:9f:e3:e7:89:2b:fc:b9:
1c:88:af:64:49:01:3a:24:ec:63:da:6a:41:35:d0:
dd:65:36:ac:9e:21:10:60:54:7e:91:b3:9b:47:e5:
63:54:88:8a:f2:2c:7e:2f:cc:7c:ec:9b:0f:67:e5:
0d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F1:FE:87:0F:DE:45:14:A5:AD:62:83:C6:A8:75:C6:9F:D0:A1:0D
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/KPH-hw_eRRSlrWKDxqh1xp_QoQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.35.0/24
85.121.136.0/23
217.156.44.0/23
Signature Algorithm: sha256WithRSAEncryption
af:ab:26:b1:c3:16:57:82:49:88:7a:52:a1:5d:73:3e:bc:29:
76:39:cc:27:8a:13:be:1b:f4:bf:03:4f:66:76:fa:95:5f:4c:
c1:ab:5e:13:f9:2e:53:71:c0:ea:b2:5f:c9:eb:77:09:c7:99:
fd:4d:c3:dc:20:bd:a7:0c:69:29:ef:93:fd:21:a9:85:61:66:
f2:c7:27:76:23:45:6a:d5:4b:5e:b6:0e:2c:1c:58:6b:67:d2:
93:a0:4a:8c:24:16:a7:6a:80:af:2e:6a:66:8e:93:85:98:ae:
ec:75:c2:d7:48:69:62:42:e5:52:67:64:d6:77:78:50:00:ba:
dd:db:12:0d:2a:c0:11:9a:74:e4:4f:72:cb:04:8c:fe:5c:53:
1a:ed:5e:99:d4:da:24:c4:5b:90:f4:e9:02:8c:d0:4d:51:9e:
16:51:62:63:b8:12:f7:58:ee:d5:93:c9:f8:e1:d0:e7:4c:bf:
5a:ce:c8:dc:2c:a7:42:91:33:71:6c:d4:20:c8:d4:1a:b6:9c:
23:a6:6a:53:13:54:95:4f:59:03:1b:fa:a9:26:f6:a9:32:1b:
b9:e9:b6:49:50:94:f3:20:0e:87:3f:55:0c:92:21:cf:c6:72:
cf:2e:ad:3d:c9:4b:e9:10:f6:fa:f4:f4:cf:97:f2:7c:fe:07:
6f:a6:e6:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi/XtoQNtXn0dWu7pVtRdtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwNjE1MTQwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGYxZmU4NzBmZGU0NTE0YTVhZDYyODNjNmE4NzVjNjlmZDBhMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT46YGJfNuyvckiwAW05wTtDEQVL
C13nE7uFTnu1yC2GN++77viO1L3ur/O0ww6zy9Ef1ri5abG4fP0s0UfYtcDKNuaL
pVs1A8PG6TM3WUhDENGjfnj7HlkbEu+zWyeSy9jatiwJyq07/NSY+Flg3Y/fzDbM
fD9nvH7PunJp+RdGSbkkVjZpVBRhfDn7jVzpYkBeDiW7WNBdQeJ+E4Utj2326BQ5
c84/It9tGCFPCDSz2DZWWRMcryD2NNefRJGPH5lNMRHV6Fwy2p/j54kr/LkciK9k
SQE6JOxj2mpBNdDdZTasniEQYFR+kbObR+VjVIiK8ix+L8x87JsPZ+UNCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCjx/ocP3kUUpa1ig8aodcaf0KENMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvS1BILWh3X2VSUlNscldLRHhxaDF4cF9Rb1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXgjAwQB
VXmIAwQB2ZwsMA0GCSqGSIb3DQEBCwUAA4IBAQCvqyaxwxZXgkmIelKhXXM+vCl2
OcwnihO+G/S/A09mdvqVX0zBq14T+S5TccDqsl/J63cJx5n9TcPcIL2nDGkp75P9
IamFYWbyxyd2I0Vq1Utetg4sHFhrZ9KToEqMJBanaoCvLmpmjpOFmK7sdcLXSGli
QuVSZ2TWd3hQALrd2xINKsARmnTkT3LLBIz+XFMa7V6Z1NokxFuQ9OkCjNBNUZ4W
UWJjuBL3WO7Vk8n44dDnTL9azsjcLKdCkTNxbNQgyNQatpwjpmpTE1SVT1kDG/qp
JvapMhu56bZJUJTzIA6HP1UMkiHPxnLPLq09yUvpEPb69PTPl/J8/gdvpubt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org