Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kbSU57JX--WyT22taIRoWfoctsA.roa
File: kbSU57JX--WyT22taIRoWfoctsA.roa (raw, json)
Hash identifier: HS+J/myiORv2l72vQdMkx8hsg/6TEQo4r+QO6+DxImg=
Subject key identifier: 91:B4:94:E7:B2:57:FB:E5:B2:4F:6D:AD:68:84:68:59:FA:1C:B6:C0
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0188C4635472A2AAD990084C44E039DE08C6
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kbSU57JX--WyT22taIRoWfoctsA.roa
Signing time: Fri 16 Jun 2023 13:27:03 +0000
ROA not before: Fri 16 Jun 2023 13:27:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14576
IP address blocks: 193.93.192.0/22 maxlen: 22
91.243.88.0/22 maxlen: 22
91.243.92.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c4:63:54:72:a2:aa:d9:90:08:4c:44:e0:39:de:08:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jun 16 13:27:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91b494e7b257fbe5b24f6dad68846859fa1cb6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:61:9a:54:7f:ff:38:7c:f1:9b:10:eb:9f:68:
95:ea:07:00:fd:7c:ea:da:23:40:4e:b2:e3:da:1e:
a5:63:69:a6:8a:83:dd:17:7e:91:b9:56:a8:2d:f7:
77:99:4a:56:52:ce:04:b0:e3:68:40:a4:11:e8:89:
18:dd:9b:08:e6:bb:06:e1:03:54:73:b2:01:a7:3b:
11:7b:eb:c2:87:a0:6a:fe:7b:25:37:9a:e6:8e:f9:
95:34:86:c6:de:c3:92:e4:63:17:dc:8e:3d:59:41:
59:61:1d:a8:cd:cd:a9:bf:ae:31:82:77:ad:18:d3:
dd:4e:7e:e6:f0:c6:47:95:35:57:b4:52:02:73:96:
d3:aa:03:69:d7:87:3d:54:86:d7:83:7e:ea:04:12:
e0:1e:10:8c:5c:18:ea:18:1a:3d:69:f5:42:e9:17:
5a:73:f2:e7:d6:cf:49:7f:d4:0f:45:66:e2:0a:33:
a0:95:2b:37:43:4a:1c:e3:26:ef:6c:16:2b:84:ab:
a0:9c:7d:25:f1:b4:08:e7:e4:38:ad:d2:9f:73:d7:
c0:e4:17:c3:75:28:ac:6a:f7:e1:c5:d2:58:7c:ea:
1a:bc:2b:7b:10:d5:e0:89:6d:3b:41:b5:1e:0d:3e:
b1:35:1b:a5:c5:ad:d7:a2:a4:21:40:78:4f:79:b0:
45:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B4:94:E7:B2:57:FB:E5:B2:4F:6D:AD:68:84:68:59:FA:1C:B6:C0
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kbSU57JX--WyT22taIRoWfoctsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.88.0/21
193.93.192.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:8f:01:a2:a4:1f:f4:e3:b0:f9:f5:6e:d8:24:66:62:12:aa:
cd:6f:3a:88:64:84:ab:37:fc:68:0c:0b:00:c3:ca:ff:b2:9f:
6a:40:19:24:d0:73:9b:e0:7c:08:85:91:fb:36:41:52:7e:c4:
38:6f:32:af:6f:a2:a5:0f:52:de:ce:6b:56:ab:16:1e:bd:96:
94:07:01:5f:3b:44:f0:0b:0a:21:01:56:6d:2c:d9:9e:4e:1c:
08:9f:ce:63:d1:e9:5a:d8:83:f5:51:03:25:4b:fd:23:21:6d:
19:5e:e0:eb:f1:15:67:5f:4b:7f:a2:11:e7:06:29:7c:de:8c:
d1:da:c5:1d:dd:de:48:31:26:b1:11:5f:a2:b2:13:3b:c3:44:
06:0c:98:37:c0:35:a2:5d:67:eb:b9:73:b7:93:f4:9d:f6:96:
ac:cc:05:83:66:0e:d2:05:1c:ff:9c:b3:e3:a7:84:2a:24:55:
2e:f4:94:75:84:5d:cc:4f:89:b3:4e:ee:b3:fa:23:c5:7f:17:
5d:d4:5f:0b:38:a4:1e:9c:05:64:42:ac:76:bf:31:c0:47:d9:
8d:75:69:57:dd:3f:6b:67:53:28:09:50:45:47:2f:bf:c0:84:
87:83:40:8f:c2:95:63:50:89:8f:92:81:51:69:b4:e2:82:3a:
0f:d0:db:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjEY1RyoqrZkAhMROA53gjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwNjE2MTMyNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI0OTRlN2IyNTdmYmU1YjI0ZjZkYWQ2ODg0Njg1OWZhMWNiNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmGaVH//OHzxmxDrn2iV6gcA/Xzq
2iNATrLj2h6lY2mmioPdF36RuVaoLfd3mUpWUs4EsONoQKQR6IkY3ZsI5rsG4QNU
c7IBpzsRe+vCh6Bq/nslN5rmjvmVNIbG3sOS5GMX3I49WUFZYR2ozc2pv64xgnet
GNPdTn7m8MZHlTVXtFICc5bTqgNp14c9VIbXg37qBBLgHhCMXBjqGBo9afVC6Rda
c/Ln1s9Jf9QPRWbiCjOglSs3Q0oc4ybvbBYrhKugnH0l8bQI5+Q4rdKfc9fA5BfD
dSisavfhxdJYfOoavCt7ENXgiW07QbUeDT6xNRulxa3XoqQhQHhPebBFpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJG0lOeyV/vlsk9trWiEaFn6HLbAMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEva2JTVTU3SlgtLVd5VDIydGFJUm9XZm9jdHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW/NYAwQC
wV3AMA0GCSqGSIb3DQEBCwUAA4IBAQC3jwGipB/047D59W7YJGZiEqrNbzqIZISr
N/xoDAsAw8r/sp9qQBkk0HOb4HwIhZH7NkFSfsQ4bzKvb6KlD1LezmtWqxYevZaU
BwFfO0TwCwohAVZtLNmeThwIn85j0ela2IP1UQMlS/0jIW0ZXuDr8RVnX0t/ohHn
Bil83ozR2sUd3d5IMSaxEV+ishM7w0QGDJg3wDWiXWfruXO3k/Sd9paszAWDZg7S
BRz/nLPjp4QqJFUu9JR1hF3MT4mzTu6z+iPFfxdd1F8LOKQenAVkQqx2vzHAR9mN
dWlX3T9rZ1MoCVBFRy+/wISHg0CPwpVjUImPkoFRabTigjoP0Nvy
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:47 2024 by rpki-client on console-ams.rpki-client.org