Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/KlqE3RlzrbpRSQgL6WfNBbbi3Yo.roa
File: KlqE3RlzrbpRSQgL6WfNBbbi3Yo.roa (raw, json)
Hash identifier: V5qPRxgypQ6M1xOcpbNdFB/8+YAVRiLrPrEItrXiUQI=
Subject key identifier: 2A:5A:84:DD:19:73:AD:BA:51:49:08:0B:E9:67:CD:05:B6:E2:DD:8A
Certificate issuer: /CN=57e898bf420924f976b5ae451108b9e6a01fc7dc
Certificate serial: 01856F4B48911AB2719C471641EADD27B0F6
Authority key identifier: 57:E8:98:BF:42:09:24:F9:76:B5:AE:45:11:08:B9:E6:A0:1F:C7:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V-iYv0IJJPl2ta5FEQi55qAfx9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/KlqE3RlzrbpRSQgL6WfNBbbi3Yo.roa
Signing time: Sun 01 Jan 2023 21:44:42 +0000
ROA not before: Sun 01 Jan 2023 21:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202771
IP address blocks: 185.155.28.0/22 maxlen: 24
2a07:90c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:48:91:1a:b2:71:9c:47:16:41:ea:dd:27:b0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57e898bf420924f976b5ae451108b9e6a01fc7dc
Validity
Not Before: Jan 1 21:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a5a84dd1973adba5149080be967cd05b6e2dd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b8:e2:a5:c0:d6:41:ee:86:bc:9c:16:3d:08:
80:73:32:83:df:f5:19:f7:93:0a:df:cf:9a:72:b9:
d0:eb:69:2a:91:3e:a9:54:ca:4e:0e:4c:d2:72:04:
3a:70:a5:ca:b6:d1:eb:b1:00:e8:2e:b9:80:86:99:
07:3c:23:29:db:e0:0e:63:ea:9b:98:3f:6a:5c:ab:
2b:c9:eb:95:15:c9:8d:b5:e0:0a:b3:30:c8:36:e8:
1c:88:b1:68:51:1d:7d:70:30:24:0c:da:4d:06:47:
40:5f:8d:4d:1e:3e:ba:b4:41:e7:18:85:ec:a8:5e:
2b:e5:9f:c3:3b:32:9c:ee:57:d9:53:5a:6e:f6:cd:
c7:a6:1b:16:7a:2f:16:6d:77:b1:2a:a1:84:45:9c:
4e:27:50:a1:a2:c9:84:8b:0d:3f:d6:3b:b2:60:0b:
05:da:dd:3e:19:31:03:4c:79:45:25:07:bb:d9:40:
81:6a:b5:0e:94:a7:09:72:a3:69:c1:8b:76:fb:7f:
12:40:27:46:73:24:cf:64:33:2f:a9:66:c2:ed:22:
83:80:ba:0e:44:5c:1e:d6:52:23:7e:93:b9:0e:ad:
bb:9e:7a:e7:de:80:80:87:49:fa:71:fa:3e:18:ae:
90:43:06:9f:2e:4e:4d:bf:e4:ac:50:1d:fa:2a:b9:
a5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5A:84:DD:19:73:AD:BA:51:49:08:0B:E9:67:CD:05:B6:E2:DD:8A
X509v3 Authority Key Identifier:
keyid:57:E8:98:BF:42:09:24:F9:76:B5:AE:45:11:08:B9:E6:A0:1F:C7:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V-iYv0IJJPl2ta5FEQi55qAfx9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/KlqE3RlzrbpRSQgL6WfNBbbi3Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/V-iYv0IJJPl2ta5FEQi55qAfx9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.28.0/22
IPv6:
2a07:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:4c:b1:b7:dc:d5:ca:18:1c:b0:59:a8:31:4d:11:c4:2c:b6:
11:e9:f3:fa:55:6f:c1:02:1a:6e:63:e5:9f:73:5b:3f:66:b9:
0f:d6:b7:00:46:df:04:54:4d:69:ff:d1:8b:2a:db:4c:f6:52:
22:40:32:ff:9b:66:00:c4:39:69:db:1e:65:42:48:04:c0:0f:
16:90:e2:a7:b2:de:06:53:63:b9:d8:de:1b:f4:c4:00:bb:07:
27:0e:1f:a6:8a:38:02:e2:13:f4:77:6d:0e:4d:b8:e0:4c:b0:
e3:78:02:f1:a0:83:8a:66:68:0d:b0:b6:43:c1:97:70:7b:74:
a8:38:41:22:6d:72:05:db:7b:95:c3:21:94:66:48:7e:fb:04:
4b:66:2a:8d:bf:ed:b1:03:16:05:9a:da:83:68:02:49:61:ef:
1e:64:82:67:e6:ba:d5:83:25:7f:a9:c8:f7:68:5e:bd:fb:d2:
b5:a2:4b:ef:a9:c2:19:1c:39:f3:e1:a6:e8:ac:ff:eb:66:46:
36:d9:5a:37:d5:31:57:c1:d0:64:25:dd:ab:7d:38:37:16:7e:
0e:17:b2:23:42:ea:86:da:01:e7:f0:a3:b3:5c:cd:9d:38:ec:
89:71:67:d0:6c:7a:c6:98:6c:11:ba:3f:cb:99:32:36:1b:fa:
19:12:5d:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvS0iRGrJxnEcWQerdJ7D2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZTg5OGJmNDIwOTI0Zjk3NmI1YWU0NTExMDhiOWU2YTAx
ZmM3ZGMwHhcNMjMwMTAxMjE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTVhODRkZDE5NzNhZGJhNTE0OTA4MGJlOTY3Y2QwNWI2ZTJkZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLjipcDWQe6GvJwWPQiAczKD3/UZ
95MK38+acrnQ62kqkT6pVMpODkzScgQ6cKXKttHrsQDoLrmAhpkHPCMp2+AOY+qb
mD9qXKsryeuVFcmNteAKszDINugciLFoUR19cDAkDNpNBkdAX41NHj66tEHnGIXs
qF4r5Z/DOzKc7lfZU1pu9s3HphsWei8WbXexKqGERZxOJ1ChosmEiw0/1juyYAsF
2t0+GTEDTHlFJQe72UCBarUOlKcJcqNpwYt2+38SQCdGcyTPZDMvqWbC7SKDgLoO
RFwe1lIjfpO5Dq27nnrn3oCAh0n6cfo+GK6QQwafLk5Nv+SsUB36KrmlxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCpahN0Zc626UUkIC+lnzQW24t2KMB8GA1UdIwQY
MBaAFFfomL9CCST5drWuRREIueagH8fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVi1pWXYwSUpKUGwydGE1RkVRaTU1cUFmeDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jNTE0Y2QtNzk1NC00NGNlLWJkN2Yt
NzEzYjQxNjg4NzA2LzEvS2xxRTNSbHpyYnBSU1FnTDZXZk5CYmJpM1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jNTE0Y2QtNzk1NC00NGNlLWJkN2YtNzEzYjQxNjg4NzA2
LzEvVi1pWXYwSUpKUGwydGE1RkVRaTU1cUFmeDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZscMA0E
AgACMAcDBQMqB5DAMA0GCSqGSIb3DQEBCwUAA4IBAQAcTLG33NXKGBywWagxTRHE
LLYR6fP6VW/BAhpuY+Wfc1s/ZrkP1rcARt8EVE1p/9GLKttM9lIiQDL/m2YAxDlp
2x5lQkgEwA8WkOKnst4GU2O52N4b9MQAuwcnDh+mijgC4hP0d20OTbjgTLDjeALx
oIOKZmgNsLZDwZdwe3SoOEEibXIF23uVwyGUZkh++wRLZiqNv+2xAxYFmtqDaAJJ
Ye8eZIJn5rrVgyV/qcj3aF69+9K1okvvqcIZHDnz4aborP/rZkY22Vo31TFXwdBk
Jd2rfTg3Fn4OF7IjQuqG2gHn8KOzXM2dOOyJcWfQbHrGmGwRuj/LmTI2G/oZEl1C
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:09 2024 by rpki-client on console-ams.rpki-client.org