Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/KfpMyvMzyqAYRxhbofFSuXEgvq0.roa
File: KfpMyvMzyqAYRxhbofFSuXEgvq0.roa (raw, json)
Hash identifier: aEcJJIL3i9ipr65oF4RsbcxEXoLwGDU+EhgCRT6sHH8=
Subject key identifier: 29:FA:4C:CA:F3:33:CA:A0:18:47:18:5B:A1:F1:52:B9:71:20:BE:AD
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 0185708C90624BDACDDF2E78CDCB75FB0B83
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/KfpMyvMzyqAYRxhbofFSuXEgvq0.roa
Signing time: Mon 02 Jan 2023 03:35:38 +0000
ROA not before: Mon 02 Jan 2023 03:35:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60132
IP address blocks: 185.56.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:90:62:4b:da:cd:df:2e:78:cd:cb:75:fb:0b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Jan 2 03:35:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29fa4ccaf333caa01847185ba1f152b97120bead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:2c:96:a0:79:28:65:07:75:3c:5d:53:85:
7b:80:67:d1:33:3e:c0:99:7a:3c:b7:60:7b:8c:23:
ca:27:54:08:52:8c:4a:63:f6:d1:33:fc:bb:f4:d8:
55:93:95:e8:73:a7:4b:4d:36:bd:42:a4:f7:f8:a4:
e7:de:53:84:db:47:f4:55:65:35:47:a5:10:28:5b:
17:3b:78:e2:31:24:45:ed:40:fb:de:59:34:6a:33:
69:20:23:44:65:5d:45:d1:e7:c5:9a:4c:f2:40:85:
31:0b:8d:ac:1f:f9:26:22:ba:f5:29:d3:49:55:8a:
98:b8:13:96:31:b0:d9:8f:c5:2c:44:af:4e:18:3e:
a3:bf:01:77:f1:7e:7d:92:99:46:0a:00:81:07:8f:
9a:d9:dd:bb:89:b3:7b:37:4c:41:c2:bf:19:9f:d4:
01:ed:07:eb:14:ad:60:cd:6c:38:32:cf:fa:7f:7d:
6a:9d:e5:ff:f1:3a:cb:ae:18:57:49:88:c6:ac:40:
aa:7a:9a:27:0a:0f:bf:31:4a:2b:4a:82:61:a6:c1:
68:4b:bb:d3:d9:6e:e2:e9:28:2b:fc:1d:59:0c:18:
4b:fb:ec:6d:2d:c2:ac:43:ae:6c:7f:37:9d:2b:f4:
97:b3:00:24:33:37:67:49:4d:95:47:b0:e3:43:bd:
e9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FA:4C:CA:F3:33:CA:A0:18:47:18:5B:A1:F1:52:B9:71:20:BE:AD
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/KfpMyvMzyqAYRxhbofFSuXEgvq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.153.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8d:49:c8:ee:1c:4a:f4:05:2f:19:19:7d:78:cf:ad:22:25:
c5:21:63:00:c8:4b:19:a3:3f:00:ea:48:e8:33:20:17:4c:ab:
c7:1e:be:ea:aa:e5:e1:0c:a1:0c:12:b4:4f:1d:2c:b9:63:10:
76:14:e5:48:5e:bf:c9:87:9a:a4:ce:c9:8e:e6:89:35:3d:aa:
3f:fd:ce:75:50:62:ec:a9:8b:4f:b8:6c:e9:f7:e7:8b:e6:2a:
93:1d:d1:b4:35:fc:c9:ed:5c:6d:f5:e8:ab:34:44:75:3a:63:
ff:6d:b5:06:91:df:6d:18:3d:fc:2f:84:d6:ee:05:38:d7:e1:
76:eb:ce:6a:6c:c5:d3:2c:24:57:bf:39:e9:b7:15:eb:50:a6:
6b:ce:6d:fc:fa:a0:f9:12:84:23:b0:03:e5:0c:20:b7:24:c5:
39:d6:1d:66:c1:18:fe:41:90:26:0d:80:eb:d3:7d:ed:86:a6:
7d:44:12:2f:6f:53:6d:64:2c:84:3f:08:91:08:42:a8:58:bd:
a7:99:ac:1c:8d:ab:3c:dc:aa:48:b8:ae:e1:8d:16:64:cd:ad:
40:3c:72:45:ef:4d:24:72:46:b2:e3:5f:a9:79:1b:7a:58:21:
c7:e5:03:84:6f:7a:1d:02:64:b5:51:a5:96:b9:1e:b0:98:c2:
bf:d4:be:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjJBiS9rN3y54zct1+wuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjMwMTAyMDMzNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWZhNGNjYWYzMzNjYWEwMTg0NzE4NWJhMWYxNTJiOTcxMjBiZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPEslqB5KGUHdTxdU4V7gGfRMz7A
mXo8t2B7jCPKJ1QIUoxKY/bRM/y79NhVk5Xoc6dLTTa9QqT3+KTn3lOE20f0VWU1
R6UQKFsXO3jiMSRF7UD73lk0ajNpICNEZV1F0efFmkzyQIUxC42sH/kmIrr1KdNJ
VYqYuBOWMbDZj8UsRK9OGD6jvwF38X59kplGCgCBB4+a2d27ibN7N0xBwr8Zn9QB
7QfrFK1gzWw4Ms/6f31qneX/8TrLrhhXSYjGrECqeponCg+/MUorSoJhpsFoS7vT
2W7i6Sgr/B1ZDBhL++xtLcKsQ65sfzedK/SXswAkMzdnSU2VR7DjQ73pAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCn6TMrzM8qgGEcYW6HxUrlxIL6tMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvS2ZwTXl2TXp5cUFZUnhoYm9mRlN1WEVndnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTiZMA0G
CSqGSIb3DQEBCwUAA4IBAQBWjUnI7hxK9AUvGRl9eM+tIiXFIWMAyEsZoz8A6kjo
MyAXTKvHHr7qquXhDKEMErRPHSy5YxB2FOVIXr/Jh5qkzsmO5ok1Pao//c51UGLs
qYtPuGzp9+eL5iqTHdG0NfzJ7Vxt9eirNER1OmP/bbUGkd9tGD38L4TW7gU41+F2
685qbMXTLCRXvznptxXrUKZrzm38+qD5EoQjsAPlDCC3JMU51h1mwRj+QZAmDYDr
033thqZ9RBIvb1NtZCyEPwiRCEKoWL2nmawcjas83KpIuK7hjRZkza1APHJF700k
ckay41+peRt6WCHH5QOEb3odAmS1UaWWuR6wmMK/1L7a
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:08 2024 by rpki-client on console-fra.rpki-client.org