Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KoBeUDwwhbdA-MYCJOvT-uPehEU.roa
File: KoBeUDwwhbdA-MYCJOvT-uPehEU.roa (raw, json)
Hash identifier: EfhIodbKyqmj47g2fkVFpNaOhsYsAxxII7aNZE961mw=
Subject key identifier: 2A:80:5E:50:3C:30:85:B7:40:F8:C6:02:24:EB:D3:FA:E3:DE:84:45
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018C63BC2EE8A955E615CF8C9FE9ACE809AA
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KoBeUDwwhbdA-MYCJOvT-uPehEU.roa
Signing time: Wed 13 Dec 2023 15:12:06 +0000
ROA not before: Wed 13 Dec 2023 15:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6762
IP address blocks: 193.38.155.0/24 maxlen: 24
185.213.194.0/24 maxlen: 24
194.62.160.0/24 maxlen: 24
193.163.87.0/24 maxlen: 24
195.225.83.0/24 maxlen: 24
5.180.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:bc:2e:e8:a9:55:e6:15:cf:8c:9f:e9:ac:e8:09:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Dec 13 15:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a805e503c3085b740f8c60224ebd3fae3de8445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bf:e6:7e:80:ad:e6:98:cf:78:38:25:48:a6:
6e:af:cf:49:db:f9:3c:6d:49:4d:9e:da:82:99:48:
48:fa:84:35:ca:c6:c2:fa:a0:83:d1:be:c4:6b:80:
3c:66:56:5e:73:4f:49:c7:97:47:18:4e:2b:8f:ee:
dd:ea:e7:c6:98:1f:7f:61:3b:6b:bd:06:41:5b:ca:
57:15:9f:06:97:b9:c8:b1:b9:06:5f:00:80:0a:10:
86:a0:66:83:07:d6:90:32:34:e5:82:ea:f4:a8:f8:
81:02:27:0b:f6:98:b1:bd:ef:93:9b:d8:9f:a1:b1:
3e:44:ac:1e:8e:e1:68:08:f4:86:05:c6:66:d9:f4:
8c:27:0d:cf:e7:6a:e3:4a:30:c9:91:f2:4a:a2:ea:
1f:f9:c2:03:19:ae:02:b8:d5:ee:b2:df:c4:3a:33:
a3:d8:6b:46:7d:25:86:bc:01:13:39:1c:5b:f2:bb:
a9:ee:c0:c3:3c:df:5c:33:3f:e0:47:d8:0a:3b:07:
27:27:ee:66:29:69:3f:83:07:89:2c:7e:47:c1:ce:
13:60:e1:a8:d3:d9:c6:40:a4:6b:cb:89:11:4c:2f:
03:72:21:22:38:1a:90:5f:85:c5:78:8a:52:77:ac:
a6:26:00:1e:35:a3:74:25:c9:b2:0d:35:d9:b2:c7:
f4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:80:5E:50:3C:30:85:B7:40:F8:C6:02:24:EB:D3:FA:E3:DE:84:45
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KoBeUDwwhbdA-MYCJOvT-uPehEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.177.0/24
185.213.194.0/24
193.38.155.0/24
193.163.87.0/24
194.62.160.0/24
195.225.83.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:19:52:cd:36:69:b0:81:61:ce:6a:83:b3:fd:04:19:3e:84:
83:f5:f6:f9:e1:ab:59:20:b0:62:51:f9:01:8c:0b:76:f9:9a:
39:61:c2:e3:9c:5c:96:b2:f6:75:0f:cf:98:91:ea:f7:ec:ee:
d0:08:ad:85:fd:76:fb:92:35:70:96:8a:d2:fe:c6:be:fd:36:
98:e8:dc:ae:7a:e5:78:db:ae:9b:3d:60:1d:71:da:27:1e:38:
24:44:73:c2:45:d8:09:ab:e2:12:31:a7:fa:c3:3f:63:51:f9:
c1:ef:6a:30:11:6f:0b:07:28:bf:b2:71:c6:da:f7:ec:d2:05:
90:cd:95:3c:25:cc:bc:b0:30:ae:42:d1:de:7e:b5:52:39:53:
87:4a:8e:eb:bd:64:7c:96:2c:91:25:d0:b9:76:78:ff:77:8f:
19:0a:cf:04:ce:28:a7:a0:36:ac:c9:3f:86:d9:d9:70:85:f5:
7c:1e:3e:ca:82:9d:b0:63:7c:26:e6:f9:5f:97:d7:4f:72:17:
f2:4c:46:56:ca:03:36:3f:ba:6c:f7:fd:7e:bb:e2:d1:a1:d4:
11:f0:a1:87:7d:da:50:02:58:36:97:bb:c3:ab:cf:96:6e:5a:
ce:5f:39:db:0e:f1:db:c0:70:eb:03:c9:4a:04:ee:80:c8:15:
cf:a8:b1:66
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxjvC7oqVXmFc+Mn+ms6AmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMjEzMTUxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTgwNWU1MDNjMzA4NWI3NDBmOGM2MDIyNGViZDNmYWUzZGU4NDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1L/mfoCt5pjPeDglSKZur89J2/k8
bUlNntqCmUhI+oQ1ysbC+qCD0b7Ea4A8ZlZec09Jx5dHGE4rj+7d6ufGmB9/YTtr
vQZBW8pXFZ8Gl7nIsbkGXwCAChCGoGaDB9aQMjTlgur0qPiBAicL9pixve+Tm9if
obE+RKwejuFoCPSGBcZm2fSMJw3P52rjSjDJkfJKouof+cIDGa4CuNXust/EOjOj
2GtGfSWGvAETORxb8rup7sDDPN9cMz/gR9gKOwcnJ+5mKWk/gweJLH5Hwc4TYOGo
09nGQKRry4kRTC8DciEiOBqQX4XFeIpSd6ymJgAeNaN0JcmyDTXZssf0KQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCqAXlA8MIW3QPjGAiTr0/rj3oRFMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvS29CZVVEd3doYmRBLU1ZQ0pPdlQtdVBlaEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbSxAwQA
udXCAwQAwSabAwQAwaNXAwQAwj6gAwQAw+FTMA0GCSqGSIb3DQEBCwUAA4IBAQCx
GVLNNmmwgWHOaoOz/QQZPoSD9fb54atZILBiUfkBjAt2+Zo5YcLjnFyWsvZ1D8+Y
ker37O7QCK2F/Xb7kjVwlorS/sa+/TaY6NyueuV4266bPWAdcdonHjgkRHPCRdgJ
q+ISMaf6wz9jUfnB72owEW8LByi/snHG2vfs0gWQzZU8Jcy8sDCuQtHefrVSOVOH
So7rvWR8liyRJdC5dnj/d48ZCs8EziinoDasyT+G2dlwhfV8Hj7Kgp2wY3wm5vlf
l9dPchfyTEZWygM2P7ps9/1+u+LRodQR8KGHfdpQAlg2l7vDq8+WblrOXznbDvHb
wHDrA8lKBO6AyBXPqLFm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org