Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/kcPWC8bg4op1h8c_MFusoBp5A2w.roa
File: kcPWC8bg4op1h8c_MFusoBp5A2w.roa (raw, json)
Hash identifier: oliph6HvMF3lFpWt3czim6atTdjzrtRd+sqeI2BQ4fk=
Subject key identifier: 91:C3:D6:0B:C6:E0:E2:8A:75:87:C7:3F:30:5B:AC:A0:1A:79:03:6C
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 018571FA0C4B6D317C6966D216B5526AE3B9
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/kcPWC8bg4op1h8c_MFusoBp5A2w.roa
Signing time: Mon 02 Jan 2023 10:14:50 +0000
ROA not before: Mon 02 Jan 2023 10:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5420
IP address blocks: 192.40.73.0/24 maxlen: 24
192.40.76.0/24 maxlen: 24
192.40.77.0/24 maxlen: 24
192.40.78.0/24 maxlen: 24
192.40.72.0/24 maxlen: 24
192.40.75.0/24 maxlen: 24
2001:67c:21a4::/48 maxlen: 48
2a06:f040::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Nov 2023 19:59:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:0c:4b:6d:31:7c:69:66:d2:16:b5:52:6a:e3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Jan 2 10:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91c3d60bc6e0e28a7587c73f305baca01a79036c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:03:60:9d:57:32:c5:df:7a:04:cf:b2:21:0f:
c5:16:b6:76:5c:4b:d5:fd:57:a2:b8:24:7c:5f:6d:
19:79:d6:1a:a1:43:41:6a:76:54:21:46:12:1e:68:
77:0c:45:0a:f1:8b:54:a3:72:f9:3d:db:c6:88:ef:
67:61:c6:40:62:77:8c:82:ef:09:d7:b8:9a:83:ce:
35:9c:a7:9a:43:78:9b:cb:1a:e7:c1:72:4b:12:d3:
f7:1e:22:2b:c1:78:ac:88:28:fd:1f:f4:87:78:88:
92:c4:38:03:2a:e6:c3:67:6c:74:c4:f3:d0:b0:4c:
9b:14:c0:24:da:09:b9:ee:4c:b2:3c:ec:de:62:c2:
82:66:01:4a:9e:fd:a6:f4:e2:cc:0f:da:81:a8:c2:
14:32:af:d5:40:46:04:d9:20:6e:ac:39:5d:8c:8e:
c1:e4:bc:f4:60:98:64:01:d2:48:dc:d1:36:90:bc:
b2:93:fe:06:67:24:a9:83:6b:0f:f3:ec:4b:c8:fa:
d8:07:31:c6:25:13:ad:d1:f7:ad:a3:e0:50:c4:45:
09:0b:bd:52:7d:ca:9c:9c:34:b3:e0:5e:e2:69:f0:
81:8d:7f:9c:f3:7a:06:0c:44:66:6a:d0:45:11:87:
58:36:a7:67:96:e0:7e:8b:70:df:2b:c4:80:7d:1f:
57:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C3:D6:0B:C6:E0:E2:8A:75:87:C7:3F:30:5B:AC:A0:1A:79:03:6C
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/kcPWC8bg4op1h8c_MFusoBp5A2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.72.0/23
192.40.75.0-192.40.78.255
IPv6:
2001:67c:21a4::/48
2a06:f040::/32
Signature Algorithm: sha256WithRSAEncryption
4d:ef:88:5c:64:af:9f:7c:10:f3:ad:27:cb:91:47:0f:49:eb:
e9:ac:40:91:01:7b:ca:8e:b6:1f:a5:c2:f0:e3:ef:4a:f7:67:
be:08:1c:18:fa:ac:2b:37:4a:4a:99:09:5c:77:8b:f4:30:3b:
49:7e:cb:02:00:07:d4:19:a9:bd:ca:ff:d9:0e:c0:4a:9b:f9:
ce:a6:ab:7a:54:b3:0a:85:8f:40:c8:db:81:0a:ac:a9:80:53:
a7:84:5b:ec:8c:a7:88:cb:da:94:27:52:ef:77:a1:13:19:df:
5d:53:56:85:00:09:d6:0b:6a:78:90:15:a6:d3:d5:cb:a3:89:
98:87:58:ca:a9:39:5f:6d:33:9c:e4:ef:13:74:e5:75:53:a0:
ef:e0:69:cb:fd:2a:4a:87:b6:6e:78:f7:94:ab:80:82:db:01:
84:be:ab:4f:ff:f0:ec:03:0e:15:12:57:b2:3d:e1:2e:b0:cb:
7f:21:f0:d8:29:ea:f4:11:c8:f0:fd:93:ec:df:5a:83:bc:81:
92:24:27:3f:1f:06:29:84:cf:54:70:7b:55:4b:f2:e1:8a:cc:
ba:b2:bf:06:4d:ac:8e:81:e8:17:11:2b:8b:27:da:ab:26:4b:
36:d1:44:1c:86:24:04:24:6e:e2:d1:f3:8e:0a:3f:7b:c2:b0:
62:a3:f4:06
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVx+gxLbTF8aWbSFrVSauO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjMwMTAyMTAxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWMzZDYwYmM2ZTBlMjhhNzU4N2M3M2YzMDViYWNhMDFhNzkwMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQNgnVcyxd96BM+yIQ/FFrZ2XEvV
/VeiuCR8X20ZedYaoUNBanZUIUYSHmh3DEUK8YtUo3L5PdvGiO9nYcZAYneMgu8J
17iag841nKeaQ3ibyxrnwXJLEtP3HiIrwXisiCj9H/SHeIiSxDgDKubDZ2x0xPPQ
sEybFMAk2gm57kyyPOzeYsKCZgFKnv2m9OLMD9qBqMIUMq/VQEYE2SBurDldjI7B
5Lz0YJhkAdJI3NE2kLyyk/4GZySpg2sP8+xLyPrYBzHGJROt0feto+BQxEUJC71S
fcqcnDSz4F7iafCBjX+c83oGDERmatBFEYdYNqdnluB+i3DfK8SAfR9XvwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJHD1gvG4OKKdYfHPzBbrKAaeQNsMB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xL2tjUFdDOGJnNG9wMWg4Y19NRnVzb0JwNUEydy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MBoEAgABMBQDBAHAKEgw
DAMEAMAoSwMEAMAoTjAWBAIAAjAQAwcAIAEGfCGkAwUAKgbwQDANBgkqhkiG9w0B
AQsFAAOCAQEATe+IXGSvn3wQ860ny5FHD0nr6axAkQF7yo62H6XC8OPvSvdnvggc
GPqsKzdKSpkJXHeL9DA7SX7LAgAH1Bmpvcr/2Q7ASpv5zqarelSzCoWPQMjbgQqs
qYBTp4Rb7IyniMvalCdS73ehExnfXVNWhQAJ1gtqeJAVptPVy6OJmIdYyqk5X20z
nOTvE3TldVOg7+Bpy/0qSoe2bnj3lKuAgtsBhL6rT//w7AMOFRJXsj3hLrDLfyHw
2Cnq9BHI8P2T7N9ag7yBkiQnPx8GKYTPVHB7VUvy4YrMurK/Bk2sjoHoFxEriyfa
qyZLNtFEHIYkBCRu4tHzjgo/e8KwYqP0Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org