Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KjVe3ScLdVrTB5C2Dw_JzI1PnU8.roa
File: KjVe3ScLdVrTB5C2Dw_JzI1PnU8.roa (raw, json)
Hash identifier: Y4Dkm74FQRK4Z9DN/UFQnJg6aRJkvJt6xpi4uDRGt7Y=
Subject key identifier: 2A:35:5E:DD:27:0B:75:5A:D3:07:90:B6:0F:0F:C9:CC:8D:4F:9D:4F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185C600CF39F4130EAA9CB2C9706F9234A5
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KjVe3ScLdVrTB5C2Dw_JzI1PnU8.roa
Signing time: Wed 18 Jan 2023 17:50:19 +0000
ROA not before: Wed 18 Jan 2023 17:50:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 2.56.166.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
77.83.243.0/24 maxlen: 24
2a0b:b86::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Mar 2023 10:58:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c6:00:cf:39:f4:13:0e:aa:9c:b2:c9:70:6f:92:34:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 18 17:50:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a355edd270b755ad30790b60f0fc9cc8d4f9d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:b1:71:78:46:dd:b4:96:dc:eb:4e:e0:64:
6b:91:ce:df:71:68:f2:3f:d0:f5:73:52:b5:e2:d8:
02:f4:86:64:ac:3c:c4:82:56:21:fc:87:7e:b2:e1:
2d:85:b6:25:0f:c5:67:1a:d2:00:e5:dc:e3:4a:b1:
c2:78:0c:07:87:c3:6a:68:2e:9f:4d:9c:e3:c1:9b:
b2:99:32:38:e3:e1:9b:8b:f4:6f:91:ea:ef:34:f5:
11:e2:35:70:69:8d:f6:4e:16:f5:cd:da:e2:f1:dc:
4b:7e:2a:9c:24:88:c2:85:be:95:b6:06:10:ce:22:
16:15:ab:e8:04:a8:df:69:ec:bb:6e:25:3c:17:ee:
60:e7:05:27:27:2c:68:51:8a:f0:42:df:35:1e:aa:
73:8a:67:81:c5:29:a4:d5:f2:47:ef:f8:e9:ba:07:
f2:e8:2b:7c:cb:61:4b:ad:e6:68:e6:27:dd:64:27:
d8:d0:ba:b7:2c:cf:7b:62:da:95:2a:98:2d:3a:d4:
5c:d7:53:4f:c5:75:1f:af:a1:ce:34:22:dc:a6:2f:
f6:7a:ce:92:4f:55:bf:d1:37:d3:9d:fc:00:a8:aa:
c9:22:50:f9:f1:f2:03:f5:05:e9:f0:46:19:6d:a7:
bf:e8:b4:95:a0:71:99:3f:4a:d2:20:64:64:b0:92:
7b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:35:5E:DD:27:0B:75:5A:D3:07:90:B6:0F:0F:C9:CC:8D:4F:9D:4F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KjVe3ScLdVrTB5C2Dw_JzI1PnU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
77.83.243.0/24
78.108.217.0/24
IPv6:
2a0b:b86::/40
Signature Algorithm: sha256WithRSAEncryption
82:f7:34:b6:1b:34:7c:9a:28:8e:7c:f6:17:56:09:6d:f3:4e:
a1:48:f4:ae:46:49:d6:68:2c:39:73:bb:fa:c3:41:5c:08:70:
4a:78:1f:30:9e:26:6d:0d:fb:71:b0:25:b7:5f:83:e1:78:1d:
3b:67:fd:4d:e5:ae:02:2b:09:a4:2a:33:32:4b:2f:4a:ee:63:
1f:4f:92:be:37:21:3b:29:7d:90:cd:14:a4:e2:77:a0:9a:1e:
6d:5d:df:32:07:8c:25:26:25:d6:1f:1b:36:9b:f7:e8:3c:2f:
3e:a7:c4:3c:f8:43:ce:0e:95:74:e7:a1:a1:ad:ff:b1:a0:a5:
cc:ec:48:98:01:00:fd:59:0d:de:69:59:45:4b:af:87:96:d5:
3e:3a:81:80:e0:61:14:f5:54:61:e7:2f:73:d8:d1:ab:83:9a:
0c:3e:30:7a:10:f9:62:64:34:5e:ad:fd:97:ce:03:7e:9b:44:
e6:e4:f5:bd:a2:f4:e3:7e:cb:f0:08:f1:cd:dd:c9:25:d2:0f:
44:b5:0e:23:c0:83:d6:1a:55:09:68:fa:bc:e2:20:e1:c8:41:
fd:fa:04:07:07:ac:af:c2:aa:a9:c8:c7:41:ef:b4:7c:7b:d3:
f9:c3:90:0f:cb:11:e1:35:57:3c:94:82:81:0f:9e:fe:11:52:
00:d5:a7:4a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYXGAM859BMOqpyyyXBvkjSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTE4MTc1MDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM1NWVkZDI3MGI3NTVhZDMwNzkwYjYwZjBmYzljYzhkNGY5ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziaxcXhG3bSW3OtO4GRrkc7fcWjy
P9D1c1K14tgC9IZkrDzEglYh/Id+suEthbYlD8VnGtIA5dzjSrHCeAwHh8NqaC6f
TZzjwZuymTI44+Gbi/RvkervNPUR4jVwaY32Thb1zdri8dxLfiqcJIjChb6VtgYQ
ziIWFavoBKjfaey7biU8F+5g5wUnJyxoUYrwQt81HqpzimeBxSmk1fJH7/jpugfy
6Ct8y2FLreZo5ifdZCfY0Lq3LM97YtqVKpgtOtRc11NPxXUfr6HONCLcpi/2es6S
T1W/0TfTnfwAqKrJIlD58fID9QXp8EYZbae/6LSVoHGZP0rSIGRksJJ7zwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCo1Xt0nC3Va0weQtg8PycyNT51PMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvS2pWZTNTY0xkVnJUQjVDMkR3X0p6STFQblU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAAjimAwQA
TVPzAwQATmzZMA4EAgACMAgDBgAqCwuGADANBgkqhkiG9w0BAQsFAAOCAQEAgvc0
ths0fJoojnz2F1YJbfNOoUj0rkZJ1mgsOXO7+sNBXAhwSngfMJ4mbQ37cbAlt1+D
4XgdO2f9TeWuAisJpCozMksvSu5jH0+SvjchOyl9kM0UpOJ3oJoebV3fMgeMJSYl
1h8bNpv36DwvPqfEPPhDzg6VdOehoa3/saClzOxImAEA/VkN3mlZRUuvh5bVPjqB
gOBhFPVUYecvc9jRq4OaDD4wehD5YmQ0Xq39l84DfptE5uT1vaL0437L8Ajxzd3J
JdIPRLUOI8CD1hpVCWj6vOIg4chB/foEBwesr8KqqcjHQe+0fHvT+cOQD8sR4TVX
PJSCgQ+e/hFSANWnSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org