Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KLJrr88TQyJdb3yBlDX_TjSG0JQ.roa
File: KLJrr88TQyJdb3yBlDX_TjSG0JQ.roa (raw, json)
Hash identifier: SjKeCpLWV0cUBMCF3KZsAZpEL87/nvzJLrWPhgMz9zY=
Subject key identifier: 28:B2:6B:AF:CF:13:43:22:5D:6F:7C:81:94:35:FF:4E:34:86:D0:94
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCAF775287BE6536508E8AD76773E3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KLJrr88TQyJdb3yBlDX_TjSG0JQ.roa
Signing time: Sun 01 Jan 2023 05:45:03 +0000
ROA not before: Sun 01 Jan 2023 05:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204229
IP address blocks: 178.213.180.0/22 maxlen: 22
91.238.40.0/23 maxlen: 23
91.245.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 20 Jan 2023 17:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:af:77:52:87:be:65:36:50:8e:8a:d7:67:73:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28b26bafcf1343225d6f7c819435ff4e3486d094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ea:24:60:31:12:6c:93:b4:cd:f6:00:6e:ef:
57:94:9b:fb:bf:37:70:c6:db:6b:fd:09:b5:5d:0d:
5d:2f:4d:dd:b9:a8:96:2d:64:37:27:49:9c:49:d6:
97:c7:fc:e2:9a:c2:ec:7c:b5:78:b2:90:b6:b2:88:
42:e3:1a:90:53:d7:46:4d:67:05:47:76:4f:89:9c:
58:1a:af:1d:f2:42:2f:f3:cc:1f:ca:f2:79:fc:5e:
3f:0b:75:5b:e6:65:d5:18:9b:3b:5b:ed:4d:49:a5:
fd:57:eb:9d:19:68:d1:b7:c0:12:36:8b:07:75:e6:
f7:7b:c6:0d:6d:2a:8d:74:a1:04:84:ad:67:98:a7:
35:9e:64:d6:a1:6a:e6:47:f8:b1:8f:43:64:c9:8b:
35:8c:6c:2c:b8:cc:d3:c9:67:91:79:86:57:96:30:
07:59:8c:83:a2:be:cc:78:59:32:8e:86:27:c1:d1:
2f:fb:65:88:dc:5d:2a:c5:7b:3d:3b:a3:f7:b0:3f:
15:76:94:75:af:c2:21:12:6b:c8:4d:ba:ec:02:13:
0c:af:72:1a:4e:08:05:63:66:6d:0d:44:31:ac:63:
2a:ec:3f:88:fa:d7:3f:73:1c:c4:68:15:4d:d1:0a:
5e:01:ca:53:0f:87:6a:62:84:76:c7:ce:d2:2f:77:
f5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B2:6B:AF:CF:13:43:22:5D:6F:7C:81:94:35:FF:4E:34:86:D0:94
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KLJrr88TQyJdb3yBlDX_TjSG0JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.40.0/23
91.245.188.0/22
178.213.180.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:8c:7a:1f:ef:df:23:22:32:b8:db:1f:ee:e9:ae:08:8a:b4:
cd:50:39:86:72:6a:3e:a2:ad:07:65:65:f9:46:bb:af:99:2a:
8e:3f:76:d0:8b:51:c0:22:94:c8:3d:6b:02:82:36:28:be:26:
fd:1a:c1:f9:ae:fc:93:1d:ea:19:27:b0:0e:39:73:1e:f2:90:
ba:d0:74:33:af:a1:13:50:06:5f:30:60:e6:b1:29:45:f0:63:
15:75:cf:d9:97:ab:43:be:08:a8:d5:26:4a:8d:cc:01:fc:07:
db:ee:68:2b:19:e7:fe:48:71:d9:35:b4:05:f5:da:8b:04:69:
69:c4:b6:e0:8d:cc:87:90:87:e8:37:98:be:58:7b:7b:68:42:
a9:f3:2f:34:28:f0:5c:ed:c8:87:c1:9a:c5:ba:9e:f4:bb:1f:
76:cf:b5:c4:d2:f0:dd:f1:59:aa:89:e2:17:4f:73:da:64:91:
10:9d:29:06:1d:d7:d6:6b:32:f7:00:78:de:6d:7b:ac:00:ff:
d3:8a:be:0a:b6:32:72:0a:9b:c2:73:7b:f5:dc:8b:81:0a:92:
5c:16:da:38:a3:6f:b1:13:ab:b2:57:a9:c2:16:e6:8c:54:2e:
f7:9a:0b:e3:39:86:e7:89:95:fb:71:7d:e6:59:49:f4:d8:0c:
9e:73:a8:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr3K93Uoe+ZTZQjorXZ3PjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIyNmJhZmNmMTM0MzIyNWQ2ZjdjODE5NDM1ZmY0ZTM0ODZkMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+okYDESbJO0zfYAbu9XlJv7vzdw
xttr/Qm1XQ1dL03duaiWLWQ3J0mcSdaXx/zimsLsfLV4spC2sohC4xqQU9dGTWcF
R3ZPiZxYGq8d8kIv88wfyvJ5/F4/C3Vb5mXVGJs7W+1NSaX9V+udGWjRt8ASNosH
deb3e8YNbSqNdKEEhK1nmKc1nmTWoWrmR/ixj0NkyYs1jGwsuMzTyWeReYZXljAH
WYyDor7MeFkyjoYnwdEv+2WI3F0qxXs9O6P3sD8VdpR1r8IhEmvITbrsAhMMr3Ia
TggFY2ZtDUQxrGMq7D+I+tc/cxzEaBVN0QpeAcpTD4dqYoR2x87SL3f1xQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCiya6/PE0MiXW98gZQ1/040htCUMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvS0xKcnI4OFRReUpkYjN5QmxEWF9UalNHMEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+4oAwQC
W/W8AwQCstW0MA0GCSqGSIb3DQEBCwUAA4IBAQCcjHof798jIjK42x/u6a4IirTN
UDmGcmo+oq0HZWX5RruvmSqOP3bQi1HAIpTIPWsCgjYovib9GsH5rvyTHeoZJ7AO
OXMe8pC60HQzr6ETUAZfMGDmsSlF8GMVdc/Zl6tDvgio1SZKjcwB/Afb7mgrGef+
SHHZNbQF9dqLBGlpxLbgjcyHkIfoN5i+WHt7aEKp8y80KPBc7ciHwZrFup70ux92
z7XE0vDd8VmqieIXT3PaZJEQnSkGHdfWazL3AHjebXusAP/Tir4KtjJyCpvCc3v1
3IuBCpJcFto4o2+xE6uyV6nCFuaMVC73mgvjOYbniZX7cX3mWUn02Ayec6hJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org