Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/KMnO36jksmN-IuV2yhFOqEZ1jjw.roa
File: KMnO36jksmN-IuV2yhFOqEZ1jjw.roa (raw, json)
Hash identifier: paVDDwiuJQQEyreSbKvJfCf+v3BrKR1uveLbQKi7yqs=
Subject key identifier: 28:C9:CE:DF:A8:E4:B2:63:7E:22:E5:76:CA:11:4E:A8:46:75:8E:3C
Certificate issuer: /CN=edeb4424abd86d6ef48db9e7646f539c6d10c886
Certificate serial: 018A4768CA80873B832347D02188095E12AC
Authority key identifier: ED:EB:44:24:AB:D8:6D:6E:F4:8D:B9:E7:64:6F:53:9C:6D:10:C8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7etEJKvYbW70jbnnZG9TnG0QyIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/KMnO36jksmN-IuV2yhFOqEZ1jjw.roa
Signing time: Wed 30 Aug 2023 17:06:04 +0000
ROA not before: Wed 30 Aug 2023 17:06:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15663
IP address blocks: 212.39.0.0/19 maxlen: 24
185.203.76.0/22 maxlen: 22
2a00:aa00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:68:ca:80:87:3b:83:23:47:d0:21:88:09:5e:12:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edeb4424abd86d6ef48db9e7646f539c6d10c886
Validity
Not Before: Aug 30 17:06:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c9cedfa8e4b2637e22e576ca114ea846758e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:72:3d:af:13:cc:52:ef:d2:ee:b5:ac:9a:4c:
5e:70:22:2b:cf:9f:6b:de:c9:57:7a:e4:ac:99:9f:
90:9e:dd:76:9f:d5:82:f1:01:6c:c0:d7:98:8a:6a:
6a:a4:a7:cb:06:c0:e3:3b:a3:94:c4:6a:a5:2a:e8:
a0:9c:83:4b:2f:29:ae:0c:73:a9:6c:16:88:80:9c:
2a:31:26:93:eb:6a:42:88:c4:4b:0b:0e:a0:7f:9b:
20:7d:9b:82:28:8d:59:ce:e4:46:04:47:e9:25:b4:
77:c6:5d:8a:75:22:10:9d:bd:97:ed:bb:57:9f:e8:
35:1f:46:69:ed:31:57:9c:df:5e:ff:6b:7c:f9:a2:
16:4c:59:8a:2e:a3:7e:e5:c1:70:e6:29:08:8c:4f:
cf:4b:e8:0c:c5:38:94:e9:c2:7d:b4:12:bc:8c:cf:
21:ac:89:c8:64:14:55:ba:46:d8:9b:a3:48:f4:3d:
4a:1a:4c:94:e8:c5:cc:a7:fc:0b:ae:e5:2c:dd:d8:
45:78:34:45:53:b6:e5:ef:c8:52:cc:ff:5d:ac:c7:
43:1e:e2:32:6e:24:dc:e2:24:e6:df:fc:1c:f8:e4:
75:df:99:f6:c5:24:ba:b1:33:97:e7:38:83:30:d7:
bf:d6:d0:8c:95:7f:49:7b:32:f1:8a:0c:28:23:66:
c7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C9:CE:DF:A8:E4:B2:63:7E:22:E5:76:CA:11:4E:A8:46:75:8E:3C
X509v3 Authority Key Identifier:
keyid:ED:EB:44:24:AB:D8:6D:6E:F4:8D:B9:E7:64:6F:53:9C:6D:10:C8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7etEJKvYbW70jbnnZG9TnG0QyIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/KMnO36jksmN-IuV2yhFOqEZ1jjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/7etEJKvYbW70jbnnZG9TnG0QyIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.76.0/22
212.39.0.0/19
IPv6:
2a00:aa00::/32
Signature Algorithm: sha256WithRSAEncryption
19:c0:d8:0f:be:cc:3c:23:46:45:16:eb:84:45:52:5a:dc:05:
ee:cb:8a:ae:97:02:7c:2e:17:48:f3:97:97:77:e6:ee:68:54:
08:3d:2d:38:f2:e7:82:70:0e:8c:d3:74:2a:85:e6:66:a6:e6:
6a:e5:05:59:f5:dd:ed:37:f4:18:38:9c:dc:46:b2:26:59:71:
43:b0:75:b4:bb:5a:be:c7:c7:9e:c2:bf:44:ec:a7:7c:51:2e:
04:45:d9:53:53:ff:1f:26:0f:e8:73:9e:fc:06:8b:96:74:5d:
ca:b0:77:59:5e:81:f1:ba:ac:29:21:0c:6e:f7:07:aa:28:2b:
03:df:26:64:7d:c0:46:26:02:55:01:99:10:9d:0d:24:17:83:
d3:15:2e:7b:8d:18:b8:89:58:73:c2:f0:94:8b:79:52:41:5d:
e6:91:14:b8:5d:bc:ec:af:66:e7:78:41:8f:16:b3:bb:6c:2f:
ba:34:46:3f:6e:4a:db:f6:4b:b1:d3:ea:26:3a:87:08:1d:62:
02:0f:4a:e7:9d:72:bc:21:10:2c:7f:68:f7:a2:c2:b3:8d:91:
34:1c:0a:c1:9d:50:b6:9e:95:26:61:04:5f:a4:21:b0:41:95:
82:1a:ec:d5:2f:94:25:ed:1b:17:5d:f2:e3:45:d2:ae:7b:bd:
22:57:3c:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpHaMqAhzuDI0fQIYgJXhKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZWI0NDI0YWJkODZkNmVmNDhkYjllNzY0NmY1MzljNmQx
MGM4ODYwHhcNMjMwODMwMTcwNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM5Y2VkZmE4ZTRiMjYzN2UyMmU1NzZjYTExNGVhODQ2NzU4ZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHI9rxPMUu/S7rWsmkxecCIrz59r
3slXeuSsmZ+Qnt12n9WC8QFswNeYimpqpKfLBsDjO6OUxGqlKuignINLLymuDHOp
bBaIgJwqMSaT62pCiMRLCw6gf5sgfZuCKI1ZzuRGBEfpJbR3xl2KdSIQnb2X7btX
n+g1H0Zp7TFXnN9e/2t8+aIWTFmKLqN+5cFw5ikIjE/PS+gMxTiU6cJ9tBK8jM8h
rInIZBRVukbYm6NI9D1KGkyU6MXMp/wLruUs3dhFeDRFU7bl78hSzP9drMdDHuIy
biTc4iTm3/wc+OR135n2xSS6sTOX5ziDMNe/1tCMlX9JezLxigwoI2bHBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCjJzt+o5LJjfiLldsoRTqhGdY48MB8GA1UdIwQY
MBaAFO3rRCSr2G1u9I2552RvU5xtEMiGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2V0RUpLdlliVzcwamJublpHOVRuRzBReUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81MWIzMWEtN2U1MC00YTFlLTlmNjkt
MTZkM2EwZWE0OWFlLzEvS01uTzM2amtzbU4tSXVWMnloRk9xRVoxamp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81MWIzMWEtN2U1MC00YTFlLTlmNjktMTZkM2EwZWE0OWFl
LzEvN2V0RUpLdlliVzcwamJublpHOVRuRzBReUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuctMAwQF
1CcAMA0EAgACMAcDBQAqAKoAMA0GCSqGSIb3DQEBCwUAA4IBAQAZwNgPvsw8I0ZF
FuuERVJa3AXuy4qulwJ8LhdI85eXd+buaFQIPS048ueCcA6M03QqheZmpuZq5QVZ
9d3tN/QYOJzcRrImWXFDsHW0u1q+x8eewr9E7Kd8US4ERdlTU/8fJg/oc578BouW
dF3KsHdZXoHxuqwpIQxu9weqKCsD3yZkfcBGJgJVAZkQnQ0kF4PTFS57jRi4iVhz
wvCUi3lSQV3mkRS4Xbzsr2bneEGPFrO7bC+6NEY/bkrb9kux0+omOocIHWICD0rn
nXK8IRAsf2j3osKzjZE0HArBnVC2npUmYQRfpCGwQZWCGuzVL5Ql7RsXXfLjRdKu
e70iVzyU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:47 2024 by rpki-client on console-ams.rpki-client.org