Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/KiLYAhnflS81ROEh6iB-V-6I01Q.roa
File: KiLYAhnflS81ROEh6iB-V-6I01Q.roa (raw, json)
Hash identifier: esUHqSO+G6xGRABz59YZSzCIOYIvvY/SVDLi/0/2cCk=
Subject key identifier: 2A:22:D8:02:19:DF:95:2F:35:44:E1:21:EA:20:7E:57:EE:88:D3:54
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 018BBDF4C5E5846863B4FCBB70759315F2DC
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/KiLYAhnflS81ROEh6iB-V-6I01Q.roa
Signing time: Sat 11 Nov 2023 10:36:57 +0000
ROA not before: Sat 11 Nov 2023 10:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216018
IP address blocks: 185.23.74.0/24 maxlen: 24
185.113.220.0/24 maxlen: 24
185.113.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:f4:c5:e5:84:68:63:b4:fc:bb:70:75:93:15:f2:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: Nov 11 10:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a22d80219df952f3544e121ea207e57ee88d354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:54:e2:4e:d6:18:ef:8f:1d:38:5e:08:d6:6e:
2b:a7:58:1a:37:a9:6b:6f:4a:ca:2d:59:d2:12:16:
f7:3f:3b:50:10:4b:d4:a9:b8:1c:f4:51:e4:f5:dc:
db:23:5f:9f:bd:66:17:f6:65:25:63:60:21:a6:5f:
53:1d:ae:c4:c0:37:63:0b:20:f8:b6:9b:9a:5c:bd:
c0:07:5c:52:08:5b:fb:2f:fc:0d:f3:5b:48:a6:6d:
e6:7a:4e:fd:2b:97:8b:a8:61:90:4e:6c:03:05:f8:
23:85:94:41:f1:5c:e3:5d:fc:18:9d:20:ec:11:86:
93:84:a7:1e:20:8e:d1:3a:c9:f7:76:74:da:d9:ca:
c7:71:de:47:45:f9:a7:c9:1f:5b:44:e2:45:af:94:
bb:07:db:ce:e1:0a:62:be:6b:5e:06:2f:69:1e:89:
fd:7a:f8:33:90:b9:ad:75:5f:00:7c:c3:19:35:77:
98:4f:3e:3e:46:dc:a1:56:d6:68:e2:bc:5c:59:64:
fb:67:ea:b2:3f:fc:b2:cb:ef:54:f2:6e:72:ff:a7:
7a:2f:bf:cb:d3:31:72:00:7a:0f:88:b7:ce:99:d6:
e6:6d:9f:69:53:63:8c:f7:5e:f1:e9:f0:10:3b:14:
c3:81:c6:ee:3c:54:be:da:fe:8d:0b:8b:d4:54:11:
63:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:22:D8:02:19:DF:95:2F:35:44:E1:21:EA:20:7E:57:EE:88:D3:54
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/KiLYAhnflS81ROEh6iB-V-6I01Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.74.0/24
185.113.220.0/23
Signature Algorithm: sha256WithRSAEncryption
02:20:d3:1e:d0:8b:cd:d4:fe:9d:55:1f:d8:0e:29:97:8c:e9:
61:0f:5e:fe:ae:4c:85:85:98:ab:c9:38:57:eb:5c:b1:a4:15:
9b:50:a7:42:6a:51:90:67:16:08:6f:13:8a:d3:e9:a3:31:6e:
b4:fc:ab:b4:e2:70:9c:d5:0c:61:aa:fb:42:09:7f:cd:5c:da:
1a:26:2f:27:7a:81:5b:a0:e8:db:0d:d5:9b:7c:d0:66:86:12:
52:ac:62:34:b3:61:6c:30:be:97:ce:89:14:b3:15:e9:62:6e:
cb:1a:6f:63:34:ef:85:ab:04:52:17:b0:eb:6f:3f:d0:62:a7:
11:df:97:61:44:5f:f1:90:53:95:06:bb:91:e4:90:49:1c:40:
8e:04:41:d2:7b:76:bc:21:6d:b5:60:36:ee:80:f4:e0:36:58:
8f:64:b9:77:60:e0:f6:17:31:af:e3:64:06:ef:54:e5:a9:84:
e2:d8:04:f8:ce:60:22:15:12:07:f0:3c:41:84:d0:b2:8a:4a:
61:d6:77:26:76:36:33:f0:bc:de:9d:fc:b5:6e:53:6a:75:bf:
8a:cd:a9:b4:af:17:90:75:5e:9c:10:ba:b1:46:54:3b:8f:dd:
fa:f9:0b:f9:32:be:11:25:5d:3d:f8:1a:a2:be:46:3c:da:e3:
a7:d3:b2:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu99MXlhGhjtPy7cHWTFfLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjMxMTExMTAzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIyZDgwMjE5ZGY5NTJmMzU0NGUxMjFlYTIwN2U1N2VlODhkMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVTiTtYY748dOF4I1m4rp1gaN6lr
b0rKLVnSEhb3PztQEEvUqbgc9FHk9dzbI1+fvWYX9mUlY2Ahpl9THa7EwDdjCyD4
tpuaXL3AB1xSCFv7L/wN81tIpm3mek79K5eLqGGQTmwDBfgjhZRB8VzjXfwYnSDs
EYaThKceII7ROsn3dnTa2crHcd5HRfmnyR9bROJFr5S7B9vO4QpivmteBi9pHon9
evgzkLmtdV8AfMMZNXeYTz4+RtyhVtZo4rxcWWT7Z+qyP/yyy+9U8m5y/6d6L7/L
0zFyAHoPiLfOmdbmbZ9pU2OM917x6fAQOxTDgcbuPFS+2v6NC4vUVBFjBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCoi2AIZ35UvNUThIeogflfuiNNUMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvS2lMWUFobmZsUzgxUk9FaDZpQi1WLTZJMDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRdKAwQB
uXHcMA0GCSqGSIb3DQEBCwUAA4IBAQACINMe0IvN1P6dVR/YDimXjOlhD17+rkyF
hZiryThX61yxpBWbUKdCalGQZxYIbxOK0+mjMW60/Ku04nCc1QxhqvtCCX/NXNoa
Ji8neoFboOjbDdWbfNBmhhJSrGI0s2FsML6XzokUsxXpYm7LGm9jNO+FqwRSF7Dr
bz/QYqcR35dhRF/xkFOVBruR5JBJHECOBEHSe3a8IW21YDbugPTgNliPZLl3YOD2
FzGv42QG71TlqYTi2AT4zmAiFRIH8DxBhNCyikph1ncmdjYz8Lzenfy1blNqdb+K
zam0rxeQdV6cELqxRlQ7j936+Qv5Mr4RJV09+BqivkY82uOn07IB
-----END CERTIFICATE-----
Generated at Sun Nov 12 17:14:26 2023 by rpki-client on console-fra.rpki-client.org