Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/KBoMDD3vy6cb7_xSn_kVkZRtmdw.roa
File: KBoMDD3vy6cb7_xSn_kVkZRtmdw.roa (raw, json)
Hash identifier: A8D5IeGOu9viEDfuO8PMMIUNcztJez165ognvPEdkIk=
Subject key identifier: 28:1A:0C:0C:3D:EF:CB:A7:1B:EF:FC:52:9F:F9:15:91:94:6D:99:DC
Certificate issuer: /CN=82fe7d00e94cd2a7cbf7f9e82cf0992417418df6
Certificate serial: 018CC94AAE8BC43A4B684C34A094DFB2CAA9
Authority key identifier: 82:FE:7D:00:E9:4C:D2:A7:CB:F7:F9:E8:2C:F0:99:24:17:41:8D:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gv59AOlM0qfL9_noLPCZJBdBjfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/KBoMDD3vy6cb7_xSn_kVkZRtmdw.roa
Signing time: Tue 02 Jan 2024 08:29:23 +0000
ROA not before: Tue 02 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48920
IP address blocks: 195.88.84.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:ae:8b:c4:3a:4b:68:4c:34:a0:94:df:b2:ca:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82fe7d00e94cd2a7cbf7f9e82cf0992417418df6
Validity
Not Before: Jan 2 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=281a0c0c3defcba71beffc529ff91591946d99dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:52:99:eb:6d:b0:ee:c1:bf:37:1c:bf:e6:2f:
68:57:a6:b3:3d:81:e7:08:a6:6f:df:2c:4f:95:e0:
c9:dc:89:82:bd:e1:ff:84:b6:8d:45:25:e5:41:ef:
49:3c:47:f9:95:bc:5d:b9:46:ed:b5:26:ee:7a:0d:
97:01:1b:9d:80:46:73:50:43:fe:24:90:3c:95:4b:
39:fe:a0:88:9b:ec:00:4f:fa:1a:9d:4d:c8:72:26:
df:e4:98:39:15:b8:bf:2d:32:bf:81:0e:63:1c:bb:
78:f4:a1:e3:18:79:eb:4e:d1:d0:5c:97:1b:70:3b:
f5:e5:50:1d:e9:c9:06:b7:71:80:b2:1c:e3:9d:87:
75:83:1b:68:96:ad:0f:fa:a0:da:9a:35:31:79:e9:
eb:36:d4:36:31:6f:af:6e:f3:1b:ce:01:4c:76:c5:
bf:78:80:27:aa:9f:e9:c4:ce:2e:a5:b0:28:d7:9a:
21:a1:63:68:fc:06:1f:a3:6b:86:a8:2f:75:26:32:
64:29:1b:e1:38:54:d1:a3:f9:b7:0d:2b:5b:b4:c8:
ed:8c:31:07:58:98:01:fc:f7:6d:67:2d:bc:6d:0f:
72:f3:b3:b9:aa:81:24:61:29:a7:2b:a6:85:45:12:
1e:c8:8b:10:ec:b6:d0:7a:a3:6e:0a:28:a7:61:e3:
b9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1A:0C:0C:3D:EF:CB:A7:1B:EF:FC:52:9F:F9:15:91:94:6D:99:DC
X509v3 Authority Key Identifier:
keyid:82:FE:7D:00:E9:4C:D2:A7:CB:F7:F9:E8:2C:F0:99:24:17:41:8D:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gv59AOlM0qfL9_noLPCZJBdBjfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/KBoMDD3vy6cb7_xSn_kVkZRtmdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/gv59AOlM0qfL9_noLPCZJBdBjfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.84.0/23
Signature Algorithm: sha256WithRSAEncryption
60:8b:83:66:0b:27:1e:71:24:ad:26:0e:65:24:57:df:5d:7b:
62:b7:cc:32:62:5e:b1:da:dd:4b:ec:be:ce:df:4c:58:98:d3:
ef:50:f0:75:bf:13:76:5d:24:8d:bc:ff:63:36:65:86:53:77:
1f:82:2b:6c:53:c5:1f:dc:d9:41:63:9b:74:aa:68:20:0f:18:
76:74:e7:63:44:66:fd:c4:71:d5:9d:1d:b7:74:3d:c5:c5:ac:
2d:c0:0e:97:20:ef:b9:1f:76:4c:0b:af:7b:02:98:28:6b:2b:
76:46:e3:09:1e:48:b6:10:86:4f:55:18:92:1c:1d:d6:16:97:
fa:25:10:dc:31:02:ed:02:86:ad:14:d4:ab:5e:8d:65:bb:9a:
36:e0:cb:24:4c:2d:8f:7f:b5:ea:7c:c2:5f:af:b4:70:98:a8:
b6:d2:8d:d7:70:d6:3d:05:fd:38:05:9b:6f:ad:0a:49:7e:f4:
35:d4:d5:94:e4:43:32:e2:57:b1:2f:90:d8:ae:e6:f4:6d:85:
61:1c:4e:f7:1e:be:47:98:a5:f0:a8:37:db:f9:e4:6a:2c:11:
b3:44:c9:88:0a:7c:f7:73:eb:cf:34:9a:48:ba:40:69:4c:d0:
3e:b6:e1:62:3d:54:d0:77:f8:64:7a:a9:39:82:a1:9b:fb:cb:
13:27:8c:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSq6LxDpLaEw0oJTfssqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZmU3ZDAwZTk0Y2QyYTdjYmY3ZjllODJjZjA5OTI0MTc0
MThkZjYwHhcNMjQwMTAyMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFhMGMwYzNkZWZjYmE3MWJlZmZjNTI5ZmY5MTU5MTk0NmQ5OWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlKZ622w7sG/Nxy/5i9oV6azPYHn
CKZv3yxPleDJ3ImCveH/hLaNRSXlQe9JPEf5lbxduUbttSbueg2XARudgEZzUEP+
JJA8lUs5/qCIm+wAT/oanU3Icibf5Jg5Fbi/LTK/gQ5jHLt49KHjGHnrTtHQXJcb
cDv15VAd6ckGt3GAshzjnYd1gxtolq0P+qDamjUxeenrNtQ2MW+vbvMbzgFMdsW/
eIAnqp/pxM4upbAo15ohoWNo/AYfo2uGqC91JjJkKRvhOFTRo/m3DStbtMjtjDEH
WJgB/PdtZy28bQ9y87O5qoEkYSmnK6aFRRIeyIsQ7LbQeqNuCiinYeO5twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgaDAw978unG+/8Up/5FZGUbZncMB8GA1UdIwQY
MBaAFIL+fQDpTNKny/f56CzwmSQXQY32MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3Y1OUFPbE0wcWZMOV9ub0xQQ1pKQmRCamZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8yMGM3ZTctYTQ5Zi00MDMxLWJhNzct
NjNkZjYwMzE2MWM5LzEvS0JvTUREM3Z5NmNiN194U25fa1ZrWlJ0bWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8yMGM3ZTctYTQ5Zi00MDMxLWJhNzctNjNkZjYwMzE2MWM5
LzEvZ3Y1OUFPbE0wcWZMOV9ub0xQQ1pKQmRCamZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1hUMA0G
CSqGSIb3DQEBCwUAA4IBAQBgi4NmCycecSStJg5lJFffXXtit8wyYl6x2t1L7L7O
30xYmNPvUPB1vxN2XSSNvP9jNmWGU3cfgitsU8Uf3NlBY5t0qmggDxh2dOdjRGb9
xHHVnR23dD3FxawtwA6XIO+5H3ZMC697Apgoayt2RuMJHki2EIZPVRiSHB3WFpf6
JRDcMQLtAoatFNSrXo1lu5o24MskTC2Pf7XqfMJfr7RwmKi20o3XcNY9Bf04BZtv
rQpJfvQ11NWU5EMy4lexL5DYrub0bYVhHE73Hr5HmKXwqDfb+eRqLBGzRMmICnz3
c+vPNJpIukBpTNA+tuFiPVTQd/hkeqk5gqGb+8sTJ4zG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:13 2025 by rpki-client