Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/KjlZK14wJKJ12qWPzU7MGxKln5w.roa
File: KjlZK14wJKJ12qWPzU7MGxKln5w.roa (raw, json)
Hash identifier: 3UhoTE4C5vNHMi9cKEip0defd7kNK3l83S4cPRdUrek=
Subject key identifier: 2A:39:59:2B:5E:30:24:A2:75:DA:A5:8F:CD:4E:CC:1B:12:A5:9F:9C
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 01856BC0FF9A3A9DF09BE2CF24C34DF251DF
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/KjlZK14wJKJ12qWPzU7MGxKln5w.roa
Signing time: Sun 01 Jan 2023 05:14:48 +0000
ROA not before: Sun 01 Jan 2023 05:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31465
IP address blocks: 91.215.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c0:ff:9a:3a:9d:f0:9b:e2:cf:24:c3:4d:f2:51:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jan 1 05:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a39592b5e3024a275daa58fcd4ecc1b12a59f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6d:13:2d:ed:91:08:d0:31:f7:72:d5:52:b1:
48:05:71:df:71:83:42:4a:b6:22:14:db:02:dc:07:
cf:55:02:b1:ec:54:b2:64:03:4b:01:14:e2:f0:e5:
ff:5e:84:cb:b6:79:4c:c1:64:d3:2b:5e:a9:0d:85:
72:c3:cc:6d:6f:c3:bd:dd:4d:38:74:99:ee:ca:76:
7f:6a:a0:98:5f:61:3b:d4:78:57:77:09:8d:d9:ff:
de:e3:03:6f:ea:65:ff:09:6d:1b:1f:be:fe:23:be:
b0:c2:c8:f5:cd:54:16:04:27:54:a7:da:fe:e4:12:
75:0f:1f:67:4f:0d:54:5e:bf:af:95:41:b1:c1:13:
29:d5:5e:58:29:a9:35:80:b4:cc:d4:f5:c4:f7:47:
f2:5d:65:b4:09:74:ba:db:3a:46:e0:dc:84:20:82:
13:b3:31:97:58:e1:79:8c:8a:95:d2:63:a8:9f:99:
10:43:59:2a:67:dd:ed:ad:a2:4d:90:49:23:39:69:
ac:61:0d:03:0e:45:12:66:3e:bf:f9:f5:cc:6c:9d:
12:60:01:41:39:c6:7c:c6:60:da:37:e3:4d:52:b8:
c3:6f:69:d3:81:01:82:86:09:8f:60:18:00:59:c4:
61:4a:69:0d:77:01:ae:76:d8:35:b4:4a:4b:c0:e5:
8f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:39:59:2B:5E:30:24:A2:75:DA:A5:8F:CD:4E:CC:1B:12:A5:9F:9C
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/KjlZK14wJKJ12qWPzU7MGxKln5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.138.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e4:c3:c8:b3:49:90:f3:4e:7c:f1:90:cc:ab:7a:60:5e:e1:
81:16:82:b1:65:9c:0e:f7:49:19:1c:f1:ab:46:ef:dc:ab:2a:
f3:48:df:fa:e0:59:fd:58:5a:e6:56:20:3a:f7:8c:e1:ef:f8:
55:6c:40:67:ee:5f:ff:fb:66:53:dc:56:6f:7b:85:70:ce:06:
f9:df:6a:b9:43:40:92:85:fb:34:42:79:2b:fd:0e:3b:19:c9:
1d:d1:54:1b:8f:e8:62:38:37:7c:fe:6f:65:75:6c:55:53:ba:
39:64:d8:7f:4e:63:20:b1:49:ca:14:59:12:c1:bf:e3:6d:74:
70:45:71:74:e6:bc:1b:b6:2d:03:96:de:da:a9:5f:9f:e4:24:
61:4f:b1:23:7a:e0:a0:dd:16:11:93:78:ab:40:79:e4:dc:1e:
2c:73:eb:0f:9a:d3:d8:6b:8f:1e:cf:12:51:98:f7:6e:3d:cb:
bc:85:b7:bb:8a:e2:dd:8f:45:18:67:e3:b6:97:22:96:46:67:
9f:ad:99:f5:00:81:1b:25:a2:ee:18:9d:14:9c:e9:2f:de:b9:
60:93:87:65:59:d6:7b:e3:57:45:4a:d1:ba:97:5b:ed:a3:63:
81:ae:3c:1e:d2:43:62:ff:00:95:c2:a3:81:64:39:1f:30:7d:
6e:c6:da:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwP+aOp3wm+LPJMNN8lHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjMwMTAxMDUxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM5NTkyYjVlMzAyNGEyNzVkYWE1OGZjZDRlY2MxYjEyYTU5ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm0TLe2RCNAx93LVUrFIBXHfcYNC
SrYiFNsC3AfPVQKx7FSyZANLARTi8OX/XoTLtnlMwWTTK16pDYVyw8xtb8O93U04
dJnuynZ/aqCYX2E71HhXdwmN2f/e4wNv6mX/CW0bH77+I76wwsj1zVQWBCdUp9r+
5BJ1Dx9nTw1UXr+vlUGxwRMp1V5YKak1gLTM1PXE90fyXWW0CXS62zpG4NyEIIIT
szGXWOF5jIqV0mOon5kQQ1kqZ93traJNkEkjOWmsYQ0DDkUSZj6/+fXMbJ0SYAFB
OcZ8xmDaN+NNUrjDb2nTgQGChgmPYBgAWcRhSmkNdwGudtg1tEpLwOWPJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCo5WSteMCSiddqlj81OzBsSpZ+cMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvS2psWksxNHdKS0oxMnFXUHpVN01HeEtsbjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9eKMA0G
CSqGSIb3DQEBCwUAA4IBAQAS5MPIs0mQ80588ZDMq3pgXuGBFoKxZZwO90kZHPGr
Ru/cqyrzSN/64Fn9WFrmViA694zh7/hVbEBn7l//+2ZT3FZve4Vwzgb532q5Q0CS
hfs0Qnkr/Q47Gckd0VQbj+hiODd8/m9ldWxVU7o5ZNh/TmMgsUnKFFkSwb/jbXRw
RXF05rwbti0Dlt7aqV+f5CRhT7EjeuCg3RYRk3irQHnk3B4sc+sPmtPYa48ezxJR
mPduPcu8hbe7iuLdj0UYZ+O2lyKWRmefrZn1AIEbJaLuGJ0UnOkv3rlgk4dlWdZ7
41dFStG6l1vto2OBrjwe0kNi/wCVwqOBZDkfMH1uxtpg
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:26 2024 by rpki-client on console-fra.rpki-client.org