Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KxiiUcoEDuZA3ecSZmkAyTddc8M.roa
File: KxiiUcoEDuZA3ecSZmkAyTddc8M.roa (raw, json)
Hash identifier: gpdNINU7ZGIBbhr7EtMlcEt1gdbXobgOvlrneTwEKrg=
Subject key identifier: 2B:18:A2:51:CA:04:0E:E6:40:DD:E7:12:66:69:00:C9:37:5D:73:C3
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FF6555093C0339A3E9E0BE81C010C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KxiiUcoEDuZA3ecSZmkAyTddc8M.roa
Signing time: Mon 02 Jan 2023 17:38:12 +0000
ROA not before: Mon 02 Jan 2023 17:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.185.40.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
2a0b:7080:20::/44 maxlen: 48
2a0b:b86::/34 maxlen: 34
Validation: Failed, certificate revoked on Wed 12 Apr 2023 20:08:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:f6:55:50:93:c0:33:9a:3e:9e:0b:e8:1c:01:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b18a251ca040ee640dde712666900c9375d73c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d7:dc:c2:8c:3d:9b:3f:5b:70:17:e1:6b:20:
11:d3:00:1f:13:ee:d7:1e:80:b8:6e:f5:cf:41:fb:
c1:53:eb:90:1a:2d:b1:0d:ed:22:e2:80:0e:77:06:
49:0f:41:70:5d:db:b9:9d:46:56:d1:0f:07:ad:2a:
97:70:5d:05:8b:65:95:67:ef:41:fa:ac:40:65:3e:
b2:03:26:e9:76:ee:44:da:16:36:96:43:ae:10:fc:
f8:e1:a6:db:e9:af:2d:27:35:f3:e6:81:96:e6:e3:
75:18:02:ea:70:3b:1b:e8:d0:6e:04:06:ef:2b:b0:
6c:c1:42:59:4a:82:1e:cb:f4:85:71:ea:e7:65:4b:
e0:8e:c9:72:03:5b:80:17:ef:e6:3e:0e:10:67:eb:
fe:61:22:bf:9b:f4:35:42:bd:64:df:7c:d8:1f:44:
11:e6:54:b7:55:8e:50:e5:34:20:d4:64:7f:f6:09:
ed:de:53:82:a5:de:68:6d:72:e9:69:7c:89:7f:83:
18:9f:7a:79:a0:3f:b3:3e:2a:c1:2d:df:f0:04:8e:
06:ba:c2:af:f7:a3:45:b6:d1:ad:25:09:a8:a8:a4:
3c:9f:28:91:cb:41:1b:0d:e5:40:91:fd:03:56:2d:
2b:5c:c9:20:52:99:b6:e6:6a:6f:45:5e:82:67:31:
87:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:18:A2:51:CA:04:0E:E6:40:DD:E7:12:66:69:00:C9:37:5D:73:C3
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KxiiUcoEDuZA3ecSZmkAyTddc8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.40.0/22
193.31.30.0/24
IPv6:
2a0b:b86::/34
2a0b:7080:20::/44
Signature Algorithm: sha256WithRSAEncryption
06:88:83:36:7f:57:89:01:98:48:2b:b3:44:2b:e4:4d:08:9f:
ee:cf:78:88:8b:6e:e9:4d:d1:1a:eb:cc:39:44:16:50:12:69:
6d:6f:ef:de:f6:54:28:69:07:20:62:cb:98:72:1a:72:8f:36:
24:93:f7:49:e3:bd:d5:ed:80:b8:00:4a:5d:ae:76:28:b1:bd:
0e:3f:69:77:13:c2:41:18:43:b8:1c:b8:2e:f2:4e:a3:35:91:
0c:7c:54:d6:c9:7b:51:b9:b4:47:69:08:7c:8d:13:a8:ac:30:
2d:3b:1b:dc:92:8a:d3:da:0e:69:9e:ae:a9:2a:75:83:7a:05:
3a:e4:34:0c:63:87:0f:94:6c:f7:07:6b:95:79:5d:01:a0:37:
cc:06:79:c7:7f:19:91:cc:56:54:e9:c0:bf:ec:06:21:b0:b3:
74:91:3d:22:cb:57:0b:b8:41:1e:6b:31:af:bc:dd:fb:8e:fd:
00:84:73:5b:d9:f5:8f:1f:23:66:ef:9d:13:3b:78:57:7a:09:
46:30:d0:02:d3:58:ac:d6:46:34:50:19:f8:a9:74:63:4f:ed:
5d:89:83:46:92:50:20:b5:eb:3a:b5:a0:a7:1d:da:6e:b1:fe:
09:3c:f2:8a:8e:94:af:e8:32:e3:a2:92:41:44:53:af:38:c7:
54:1d:1d:9b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVzj/ZVUJPAM5o+ngvoHAEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjE4YTI1MWNhMDQwZWU2NDBkZGU3MTI2NjY5MDBjOTM3NWQ3M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9fcwow9mz9bcBfhayAR0wAfE+7X
HoC4bvXPQfvBU+uQGi2xDe0i4oAOdwZJD0FwXdu5nUZW0Q8HrSqXcF0Fi2WVZ+9B
+qxAZT6yAybpdu5E2hY2lkOuEPz44abb6a8tJzXz5oGW5uN1GALqcDsb6NBuBAbv
K7BswUJZSoIey/SFcernZUvgjslyA1uAF+/mPg4QZ+v+YSK/m/Q1Qr1k33zYH0QR
5lS3VY5Q5TQg1GR/9gnt3lOCpd5obXLpaXyJf4MYn3p5oD+zPirBLd/wBI4GusKv
96NFttGtJQmoqKQ8nyiRy0EbDeVAkf0DVi0rXMkgUpm25mpvRV6CZzGHwwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFCsYolHKBA7mQN3nEmZpAMk3XXPDMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvS3hpaVVjb0VEdVpBM2VjU1pta0F5VGRkYzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCubkoAwQA
wR8eMBcEAgACMBEDBgYqCwuGAAMHBCoLcIAAIDANBgkqhkiG9w0BAQsFAAOCAQEA
BoiDNn9XiQGYSCuzRCvkTQif7s94iItu6U3RGuvMOUQWUBJpbW/v3vZUKGkHIGLL
mHIaco82JJP3SeO91e2AuABKXa52KLG9Dj9pdxPCQRhDuBy4LvJOozWRDHxU1sl7
Ubm0R2kIfI0TqKwwLTsb3JKK09oOaZ6uqSp1g3oFOuQ0DGOHD5Rs9wdrlXldAaA3
zAZ5x38ZkcxWVOnAv+wGIbCzdJE9IstXC7hBHmsxr7zd+479AIRzW9n1jx8jZu+d
Ezt4V3oJRjDQAtNYrNZGNFAZ+Kl0Y0/tXYmDRpJQILXrOrWgpx3abrH+CTzyio6U
r+gy46KSQURTrzjHVB0dmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org