Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KGwqVRg5stFpzY4g_ghAGjjI_FM.roa
File: KGwqVRg5stFpzY4g_ghAGjjI_FM.roa (raw, json)
Hash identifier: b7MmbLwBd6x+uLbqnOmt050Edu79qOUx5mZzzlKVAnw=
Subject key identifier: 28:6C:2A:55:18:39:B2:D1:69:CD:8E:20:FE:08:40:1A:38:C8:FC:53
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018CA031F71A61E19079FE29BA9756FDDE78
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KGwqVRg5stFpzY4g_ghAGjjI_FM.roa
Signing time: Mon 25 Dec 2023 08:57:58 +0000
ROA not before: Mon 25 Dec 2023 08:57:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216383
IP address blocks: 87.248.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:31:f7:1a:61:e1:90:79:fe:29:ba:97:56:fd:de:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Dec 25 08:57:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=286c2a551839b2d169cd8e20fe08401a38c8fc53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cd:10:a2:89:bb:a9:1c:dd:29:6e:57:52:2d:
c0:58:5b:54:c2:bf:3c:2c:a4:45:ba:42:64:fb:79:
dc:39:72:cb:3c:0d:9c:ef:9f:c2:27:1d:18:13:4b:
3c:37:96:9a:26:e7:e4:29:0a:4e:0d:01:24:4d:53:
29:8d:df:6c:20:61:cc:45:3d:70:bb:26:8a:09:2e:
41:6c:51:27:33:8f:fe:5a:5f:dc:a4:b2:d8:e3:ff:
85:4e:f1:f3:6e:2e:18:b6:9a:0d:3e:fc:31:4d:6e:
ac:62:a4:6b:8b:2c:35:dc:51:29:f0:70:be:8a:bd:
1a:07:09:e2:92:b1:d7:f0:57:df:eb:f4:0a:a9:0d:
b7:4a:6f:4c:83:21:1d:c9:9b:88:75:43:31:22:36:
22:c0:45:1b:fd:92:9c:15:40:e3:9a:7d:c6:ad:3c:
45:57:7d:05:f2:6a:e5:97:0f:c4:79:11:66:be:ef:
a3:c7:c4:6a:83:57:e8:d5:bb:a8:86:e6:85:bd:82:
df:f6:62:72:bb:66:93:19:ae:01:e9:12:ec:ae:fc:
54:a2:7c:97:62:65:de:92:81:74:c4:96:65:2d:d0:
64:e2:cd:84:05:ac:a7:82:77:77:07:a2:56:19:f9:
b5:a3:53:b9:be:e3:19:a7:b2:a3:12:3c:a1:ab:ca:
ea:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6C:2A:55:18:39:B2:D1:69:CD:8E:20:FE:08:40:1A:38:C8:FC:53
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KGwqVRg5stFpzY4g_ghAGjjI_FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:16:fa:3c:16:0f:cb:99:a8:bc:8d:6d:cb:13:72:76:2b:7c:
b1:8b:1f:46:d4:62:82:33:81:89:a7:15:4e:13:2e:41:c8:e8:
2b:89:08:28:96:3a:b5:b6:0d:38:f1:df:16:a2:df:fb:28:48:
49:b3:4e:e1:26:67:df:28:92:58:7e:05:8f:fb:0f:59:ba:af:
cb:df:3c:b9:2d:aa:f3:d4:5b:bc:24:bf:45:84:a0:0f:4d:4d:
48:b6:a5:6e:82:39:ed:57:93:43:e8:d7:b2:d2:73:d6:d1:2f:
00:bc:72:b1:7b:81:c2:4d:c8:1d:81:89:09:bb:33:40:a5:1b:
7d:43:ee:80:bb:cc:b9:84:f5:6f:8a:d7:22:59:cf:0b:a7:79:
79:0c:01:dd:17:26:e3:33:88:99:19:1d:42:2a:c6:0f:2d:eb:
8b:55:b3:95:01:0f:03:38:29:83:03:d1:14:e8:8f:a2:ba:5b:
da:19:44:b0:5a:19:fa:d6:57:34:8a:41:d3:95:3c:0e:68:97:
1b:9a:12:22:bb:0d:97:8d:28:fc:d8:cf:07:cf:57:ee:01:9f:
8e:5d:1c:7a:7b:3f:10:03:78:9a:20:24:ae:09:df:26:aa:d3:
aa:94:79:7a:f5:5d:bc:20:6d:8c:b9:94:a5:7d:c8:8d:fb:86:
d5:1e:21:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYygMfcaYeGQef4pupdW/d54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMxMjI1MDg1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZjMmE1NTE4MzliMmQxNjljZDhlMjBmZTA4NDAxYTM4YzhmYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc0Qoom7qRzdKW5XUi3AWFtUwr88
LKRFukJk+3ncOXLLPA2c75/CJx0YE0s8N5aaJufkKQpODQEkTVMpjd9sIGHMRT1w
uyaKCS5BbFEnM4/+Wl/cpLLY4/+FTvHzbi4YtpoNPvwxTW6sYqRriyw13FEp8HC+
ir0aBwnikrHX8Fff6/QKqQ23Sm9MgyEdyZuIdUMxIjYiwEUb/ZKcFUDjmn3GrTxF
V30F8mrllw/EeRFmvu+jx8Rqg1fo1buohuaFvYLf9mJyu2aTGa4B6RLsrvxUonyX
YmXekoF0xJZlLdBk4s2EBayngnd3B6JWGfm1o1O5vuMZp7KjEjyhq8rqIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChsKlUYObLRac2OIP4IQBo4yPxTMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvS0d3cVZSZzVzdEZwelk0Z19naEFHampJX0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iBMA0G
CSqGSIb3DQEBCwUAA4IBAQCiFvo8Fg/Lmai8jW3LE3J2K3yxix9G1GKCM4GJpxVO
Ey5ByOgriQgoljq1tg048d8Wot/7KEhJs07hJmffKJJYfgWP+w9Zuq/L3zy5Larz
1Fu8JL9FhKAPTU1ItqVugjntV5ND6Ney0nPW0S8AvHKxe4HCTcgdgYkJuzNApRt9
Q+6Au8y5hPVvitciWc8Lp3l5DAHdFybjM4iZGR1CKsYPLeuLVbOVAQ8DOCmDA9EU
6I+iulvaGUSwWhn61lc0ikHTlTwOaJcbmhIiuw2XjSj82M8Hz1fuAZ+OXRx6ez8Q
A3iaICSuCd8mqtOqlHl69V28IG2MuZSlfciN+4bVHiHc
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:19 2024 by rpki-client on console-fra.rpki-client.org