Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/kgvcq0rqj8lqVHO-kMm98BT3qd0.roa
File: kgvcq0rqj8lqVHO-kMm98BT3qd0.roa (raw, json)
Hash identifier: 5uA2/wElaKq7x5In+L68DLQD7GIIN2ZE6qoJtnrAe/k=
Subject key identifier: 92:0B:DC:AB:4A:EA:8F:C9:6A:54:73:BE:90:C9:BD:F0:14:F7:A9:DD
Certificate issuer: /CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Certificate serial: 01856C6EEC6EA8B59CD9EAE6859D110D9957
Authority key identifier: 5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/kgvcq0rqj8lqVHO-kMm98BT3qd0.roa
Signing time: Sun 01 Jan 2023 08:24:46 +0000
ROA not before: Sun 01 Jan 2023 08:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29014
IP address blocks: 88.205.24.0/22 maxlen: 24
88.205.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:ec:6e:a8:b5:9c:d9:ea:e6:85:9d:11:0d:99:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Validity
Not Before: Jan 1 08:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=920bdcab4aea8fc96a5473be90c9bdf014f7a9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fc:d7:c2:f6:e5:62:c5:8f:60:e5:66:9d:fe:
30:5c:a2:84:28:fa:80:d1:f9:20:0a:8f:57:3f:38:
ed:56:a5:a9:e6:a3:f7:b8:81:90:7e:23:8f:21:b4:
dd:38:9c:7f:e7:d7:60:10:87:00:f0:f4:cf:3b:20:
7c:52:0c:1c:d3:88:3c:50:a2:db:8c:0f:93:c9:2a:
85:a2:95:77:b7:3c:aa:2c:ec:0c:26:65:54:67:93:
fc:d8:74:f2:2a:4b:f1:58:d6:4a:3f:03:c1:54:ac:
28:5f:b6:3f:6a:d1:9e:be:85:ff:4c:2b:16:8c:0e:
23:6f:ea:03:02:c7:96:40:24:5f:12:60:53:01:bc:
6d:7f:e3:6b:d1:79:b6:fa:60:d8:78:aa:9a:5d:c6:
c6:b2:a3:6e:e9:d5:06:d1:c7:e5:52:5a:46:e4:33:
e1:16:86:bf:62:13:db:df:b7:73:2b:a3:2a:bd:a0:
f4:38:d4:9c:63:6b:86:78:68:d0:64:0a:f5:dc:50:
90:95:77:35:ef:d5:58:d7:c2:15:b4:a2:90:86:9e:
7b:c9:f3:3f:53:3a:12:cb:b0:86:5e:8f:c3:9b:d3:
73:be:ab:1f:0b:17:78:d3:be:9c:d2:18:e6:e1:58:
69:b2:8b:e8:00:3a:06:56:10:60:a1:4a:c8:dc:6a:
c5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0B:DC:AB:4A:EA:8F:C9:6A:54:73:BE:90:C9:BD:F0:14:F7:A9:DD
X509v3 Authority Key Identifier:
keyid:5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/kgvcq0rqj8lqVHO-kMm98BT3qd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.205.24.0/21
Signature Algorithm: sha256WithRSAEncryption
01:44:0b:f1:ed:57:dd:ce:2e:8a:d5:ed:c8:ba:e4:80:99:37:
5a:5a:c8:d6:d8:3a:ce:82:75:04:5d:6c:78:e2:ae:d3:cd:91:
dc:28:98:f4:31:ee:14:8e:89:e0:41:36:3e:1e:05:25:25:40:
ff:7e:cb:fd:3c:02:64:de:c3:55:be:87:23:59:d1:a4:0c:d7:
71:17:c9:4c:6b:48:98:dd:d4:03:ca:ab:c2:90:39:23:b5:5a:
8b:77:8e:34:56:42:65:07:ad:5a:d3:a6:15:fd:92:83:17:c6:
37:46:52:54:4e:b2:95:a0:bc:0c:84:41:28:6f:87:93:f5:a0:
c7:ec:fd:88:d5:b3:9a:cb:3c:c9:ff:e7:fb:f0:26:0b:ab:fb:
d5:cf:33:82:2f:fb:6f:9c:f3:7f:aa:f2:43:11:7a:d2:05:0f:
e9:d2:a3:cf:cb:6b:88:ea:2c:2d:73:fa:b2:55:6c:81:2f:76:
bb:b3:c0:fa:37:5a:e2:21:7c:93:23:4d:66:b2:56:06:80:ff:
56:b6:f1:59:35:3d:7d:25:9e:74:88:77:74:84:a9:3a:bc:af:
15:dd:fa:a4:72:53:3f:ff:32:7e:24:07:e4:0d:51:0c:91:b6:
44:07:36:57:b2:58:ab:cd:3a:ea:80:9e:ed:9c:00:a9:05:93:
d7:a7:f9:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbuxuqLWc2ermhZ0RDZlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNjhkNjk5ZDFhOTQ1N2M3OGFjZmJlYzAwNGY5ODY3N2Fh
NGNjMTYwHhcNMjMwMTAxMDgyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBiZGNhYjRhZWE4ZmM5NmE1NDczYmU5MGM5YmRmMDE0ZjdhOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/zXwvblYsWPYOVmnf4wXKKEKPqA
0fkgCo9XPzjtVqWp5qP3uIGQfiOPIbTdOJx/59dgEIcA8PTPOyB8Ugwc04g8UKLb
jA+TySqFopV3tzyqLOwMJmVUZ5P82HTyKkvxWNZKPwPBVKwoX7Y/atGevoX/TCsW
jA4jb+oDAseWQCRfEmBTAbxtf+Nr0Xm2+mDYeKqaXcbGsqNu6dUG0cflUlpG5DPh
Foa/YhPb37dzK6MqvaD0ONScY2uGeGjQZAr13FCQlXc179VY18IVtKKQhp57yfM/
UzoSy7CGXo/Dm9NzvqsfCxd4076c0hjm4VhpsovoADoGVhBgoUrI3GrFwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIL3KtK6o/JalRzvpDJvfAU96ndMB8GA1UdIwQY
MBaAFFpo1pnRqUV8eKz77ABPmGd6pMwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV21qV21kR3BSWHg0clB2c0FFLVlaM3FrekJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lMjhiYTYtYWFhZi00ZDMzLWI4ZGMt
MGFlZTM2MGIwYmE0LzEva2d2Y3EwcnFqOGxxVkhPLWtNbTk4QlQzcWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lMjhiYTYtYWFhZi00ZDMzLWI4ZGMtMGFlZTM2MGIwYmE0
LzEvV21qV21kR3BSWHg0clB2c0FFLVlaM3FrekJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWM0YMA0G
CSqGSIb3DQEBCwUAA4IBAQABRAvx7Vfdzi6K1e3IuuSAmTdaWsjW2DrOgnUEXWx4
4q7TzZHcKJj0Me4UjongQTY+HgUlJUD/fsv9PAJk3sNVvocjWdGkDNdxF8lMa0iY
3dQDyqvCkDkjtVqLd440VkJlB61a06YV/ZKDF8Y3RlJUTrKVoLwMhEEob4eT9aDH
7P2I1bOayzzJ/+f78CYLq/vVzzOCL/tvnPN/qvJDEXrSBQ/p0qPPy2uI6iwtc/qy
VWyBL3a7s8D6N1riIXyTI01mslYGgP9WtvFZNT19JZ50iHd0hKk6vK8V3fqkclM/
/zJ+JAfkDVEMkbZEBzZXslirzTrqgJ7tnACpBZPXp/mF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:47 2024 by rpki-client on console-ams.rpki-client.org