Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/KZJHvENQyjmhg8aPwDOjk8_s51E.roa
File: KZJHvENQyjmhg8aPwDOjk8_s51E.roa (raw, json)
Hash identifier: xmRf0fWVx6dp2Yfa1SiPI3iZkyMRGYAYhIr6dUuEQdo=
Subject key identifier: 29:92:47:BC:43:50:CA:39:A1:83:C6:8F:C0:33:A3:93:CF:EC:E7:51
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 018CC2DAFD9CBC7AE0A5A3BE677C7D157EEF
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/KZJHvENQyjmhg8aPwDOjk8_s51E.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206077
IP address blocks: 185.253.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 07:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fd:9c:bc:7a:e0:a5:a3:be:67:7c:7d:15:7e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=299247bc4350ca39a183c68fc033a393cfece751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9f:7a:4d:94:a7:49:8d:b7:43:2b:73:52:0e:
e0:ec:d3:9b:66:70:48:23:36:44:86:23:1f:30:e9:
ff:07:eb:e6:43:5d:0d:44:98:9c:d7:68:ac:08:8c:
d3:6b:75:71:94:fb:20:b7:ea:af:19:6e:94:96:23:
07:69:ba:2c:27:fc:f0:dd:c3:07:f2:7b:45:4f:6a:
23:df:f8:70:07:2d:b2:59:07:4e:20:61:0d:cc:94:
d3:0d:b5:15:92:69:fc:e9:4f:52:97:0b:b5:87:94:
4d:89:33:80:fe:4f:ce:ad:3c:08:9a:d2:d9:d8:11:
a7:b9:fb:3d:84:df:49:0c:48:96:19:28:b7:8c:c2:
0e:a4:9f:81:f0:54:c6:93:cb:51:27:ec:53:1a:26:
e2:22:e5:41:e2:63:3c:28:93:5c:a2:ee:c1:3c:1d:
14:22:a5:4a:40:de:fc:07:c6:c1:26:c3:71:32:c7:
4b:8b:b5:b2:50:81:e9:50:c5:80:5a:c8:21:e3:10:
ba:fb:95:9c:c9:f4:03:84:33:be:af:f5:2d:40:80:
0a:d8:e4:ab:4c:64:69:1f:ce:79:fe:4e:c3:ab:b9:
6e:d3:12:8c:b2:31:b0:d2:cf:d9:49:e0:49:f4:18:
3b:60:97:49:23:9e:95:0c:3a:df:74:d6:cb:94:8f:
e3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:92:47:BC:43:50:CA:39:A1:83:C6:8F:C0:33:A3:93:CF:EC:E7:51
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/KZJHvENQyjmhg8aPwDOjk8_s51E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.146.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:6c:b0:a0:b9:97:c8:71:05:5e:76:45:33:71:2e:6c:87:e0:
c0:91:78:15:4e:3a:fc:1f:48:25:8f:11:a3:c2:bd:b0:fa:5d:
51:c0:b8:1d:78:77:66:10:53:4b:90:45:98:fb:ce:8d:78:ba:
64:1f:27:9c:4a:47:67:61:12:fc:42:d8:1f:5e:13:2d:1a:cf:
65:fb:b7:61:22:2d:b9:9d:0c:02:7a:f9:0b:31:35:74:01:7b:
91:e7:ce:ce:40:c9:c5:d6:c0:46:04:d8:c4:e0:6e:ac:65:2a:
b8:5a:9c:dc:bd:e5:dc:2c:32:07:24:32:b3:08:14:06:64:75:
5a:0b:84:7c:91:6e:22:f0:36:00:a6:d7:f1:64:77:78:ed:10:
30:39:33:5b:88:b7:c9:b5:e5:7b:07:98:10:d9:4a:9b:bd:c3:
f0:7e:c5:b1:e5:9c:54:be:1e:4c:0b:80:41:5d:3e:cc:83:18:
14:41:48:5a:ca:7d:2d:b0:1a:48:dc:af:7d:30:f1:be:75:7e:
ee:1d:cb:5d:b3:bc:33:dd:38:2e:76:44:69:f3:48:8b:cb:c6:
7c:b3:a2:43:64:e5:2f:a0:9c:d2:96:7d:70:a6:32:d8:3a:73:
ab:b7:09:3e:ab:ad:18:72:e3:6d:8f:82:82:91:3a:92:0d:41:
b6:3b:1b:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2v2cvHrgpaO+Z3x9FX7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTkyNDdiYzQzNTBjYTM5YTE4M2M2OGZjMDMzYTM5M2NmZWNlNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl596TZSnSY23QytzUg7g7NObZnBI
IzZEhiMfMOn/B+vmQ10NRJic12isCIzTa3VxlPsgt+qvGW6UliMHabosJ/zw3cMH
8ntFT2oj3/hwBy2yWQdOIGENzJTTDbUVkmn86U9Slwu1h5RNiTOA/k/OrTwImtLZ
2BGnufs9hN9JDEiWGSi3jMIOpJ+B8FTGk8tRJ+xTGibiIuVB4mM8KJNcou7BPB0U
IqVKQN78B8bBJsNxMsdLi7WyUIHpUMWAWsgh4xC6+5WcyfQDhDO+r/UtQIAK2OSr
TGRpH855/k7Dq7lu0xKMsjGw0s/ZSeBJ9Bg7YJdJI56VDDrfdNbLlI/jKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmSR7xDUMo5oYPGj8Azo5PP7OdRMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvS1pKSHZFTlF5am1oZzhhUHdET2prOF9zNTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf2SMA0G
CSqGSIb3DQEBCwUAA4IBAQCwbLCguZfIcQVedkUzcS5sh+DAkXgVTjr8H0gljxGj
wr2w+l1RwLgdeHdmEFNLkEWY+86NeLpkHyecSkdnYRL8QtgfXhMtGs9l+7dhIi25
nQwCevkLMTV0AXuR587OQMnF1sBGBNjE4G6sZSq4WpzcveXcLDIHJDKzCBQGZHVa
C4R8kW4i8DYAptfxZHd47RAwOTNbiLfJteV7B5gQ2UqbvcPwfsWx5ZxUvh5MC4BB
XT7MgxgUQUhayn0tsBpI3K99MPG+dX7uHctds7wz3TgudkRp80iLy8Z8s6JDZOUv
oJzSln1wpjLYOnOrtwk+q60YcuNtj4KCkTqSDUG2Oxt5
-----END CERTIFICATE-----
Generated at Wed Jan 10 10:40:53 2024 by rpki-client on console-fra.rpki-client.org