Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/Kkktp31nQv9436dc8YTyIiHo0_c.roa
File: Kkktp31nQv9436dc8YTyIiHo0_c.roa (raw, json)
Hash identifier: dXTKRpzVKMatUQ7qQ9upzZuQIHPIKRQTT77dXdZ6Pkg=
Subject key identifier: 2A:49:2D:A7:7D:67:42:FF:78:DF:A7:5C:F1:84:F2:22:21:E8:D3:F7
Certificate issuer: /CN=3ad2f7cc2753309833031ba894649a80cffb13e8
Certificate serial: 01856E268F032532F855FC55AA40EF532CCF
Authority key identifier: 3A:D2:F7:CC:27:53:30:98:33:03:1B:A8:94:64:9A:80:CF:FB:13:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtL3zCdTMJgzAxuolGSagM_7E-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/Kkktp31nQv9436dc8YTyIiHo0_c.roa
Signing time: Sun 01 Jan 2023 16:24:58 +0000
ROA not before: Sun 01 Jan 2023 16:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9063
IP address blocks: 185.38.76.0/22 maxlen: 22
2a01:4060::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:8f:03:25:32:f8:55:fc:55:aa:40:ef:53:2c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad2f7cc2753309833031ba894649a80cffb13e8
Validity
Not Before: Jan 1 16:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a492da77d6742ff78dfa75cf184f22221e8d3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:1a:a5:b0:a1:34:19:66:b3:f7:9e:25:66:
71:27:e1:d0:a4:31:35:6e:82:8e:86:ae:f0:73:73:
d0:54:1d:aa:f8:e6:b9:ad:e2:b1:38:24:e8:a4:27:
70:4d:92:99:a6:f6:cd:ba:92:af:60:22:62:14:20:
e1:0e:b9:35:51:eb:99:b3:5c:d5:6d:0f:06:c2:f7:
2f:1c:b6:d0:f2:43:64:b7:db:47:ad:f5:88:da:58:
5a:7c:d4:3a:93:f2:5e:49:e6:38:52:c2:40:64:18:
50:63:08:5c:2c:03:97:21:b3:cd:86:3e:bb:75:1f:
33:d5:26:9c:d9:3c:19:6e:6c:87:47:70:6c:65:f6:
cc:23:27:1c:53:29:aa:78:95:60:aa:90:31:86:d5:
34:97:76:b3:9c:b4:1e:1b:a9:cc:ba:89:c8:dc:2f:
8f:d3:69:ee:b6:70:40:d4:30:3b:77:98:c0:41:c7:
3c:52:43:a0:18:be:e8:04:8e:f3:75:fe:33:8c:90:
e9:86:4d:f2:25:af:fe:53:41:60:77:4c:51:dc:b4:
cb:83:3f:88:76:d1:f7:44:18:71:e7:29:79:e4:5b:
36:f7:ad:df:80:56:6d:32:b8:c0:ed:d1:ef:a8:4f:
be:73:51:a9:32:e0:5e:7f:b9:03:42:f9:4c:6c:af:
5c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:49:2D:A7:7D:67:42:FF:78:DF:A7:5C:F1:84:F2:22:21:E8:D3:F7
X509v3 Authority Key Identifier:
keyid:3A:D2:F7:CC:27:53:30:98:33:03:1B:A8:94:64:9A:80:CF:FB:13:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtL3zCdTMJgzAxuolGSagM_7E-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/Kkktp31nQv9436dc8YTyIiHo0_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/OtL3zCdTMJgzAxuolGSagM_7E-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.76.0/22
IPv6:
2a01:4060::/32
Signature Algorithm: sha256WithRSAEncryption
64:f5:36:53:e8:93:45:b2:21:10:60:44:40:5c:56:00:03:03:
05:56:d0:15:0b:d1:b5:cc:0e:3c:0e:58:3e:fc:e7:b6:48:0e:
9c:05:50:b5:c1:cd:6a:e9:0a:8c:dd:bd:0b:63:41:a8:90:cf:
fe:c1:ee:09:96:f2:ec:5c:42:79:bc:11:ff:24:1d:6d:b3:f0:
c7:0c:92:07:c0:2e:78:a4:7b:04:39:1c:18:64:eb:78:19:97:
40:00:df:5b:a3:8d:45:46:59:3d:84:d0:f4:e7:08:dd:ec:cb:
88:26:ee:b9:fc:49:72:d7:a0:2d:88:bb:7a:a2:00:57:ab:e5:
d4:5b:ec:c8:ac:70:21:29:23:0f:a4:bb:52:42:3d:8e:30:c4:
cb:ff:bf:3d:a5:0c:5b:d4:8c:7f:6c:9f:24:4f:2c:ec:bd:e6:
4c:9b:83:00:2a:92:2f:4e:df:57:cf:4e:6a:d9:33:68:06:69:
d2:61:90:c6:46:a0:1f:cb:a1:a6:33:ce:b0:dd:34:39:08:c9:
72:22:b5:85:24:20:ee:1e:13:b7:08:bf:26:37:ca:6e:88:d8:
b4:77:08:13:52:dd:50:69:eb:aa:8b:7e:3b:bc:31:59:26:f5:
1c:b5:27:07:66:f6:f1:5e:1d:8d:0b:e8:ad:b6:2f:6a:4e:d3:
37:7a:e0:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuJo8DJTL4VfxVqkDvUyzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDJmN2NjMjc1MzMwOTgzMzAzMWJhODk0NjQ5YTgwY2Zm
YjEzZTgwHhcNMjMwMTAxMTYyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ5MmRhNzdkNjc0MmZmNzhkZmE3NWNmMTg0ZjIyMjIxZThkM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTEapbChNBlms/eeJWZxJ+HQpDE1
boKOhq7wc3PQVB2q+Oa5reKxOCTopCdwTZKZpvbNupKvYCJiFCDhDrk1UeuZs1zV
bQ8GwvcvHLbQ8kNkt9tHrfWI2lhafNQ6k/JeSeY4UsJAZBhQYwhcLAOXIbPNhj67
dR8z1Sac2TwZbmyHR3BsZfbMIyccUymqeJVgqpAxhtU0l3aznLQeG6nMuonI3C+P
02nutnBA1DA7d5jAQcc8UkOgGL7oBI7zdf4zjJDphk3yJa/+U0Fgd0xR3LTLgz+I
dtH3RBhx5yl55Fs2963fgFZtMrjA7dHvqE++c1GpMuBef7kDQvlMbK9cAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCpJLad9Z0L/eN+nXPGE8iIh6NP3MB8GA1UdIwQY
MBaAFDrS98wnUzCYMwMbqJRkmoDP+xPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RMM3pDZFRNSmd6QXh1b2xHU2FnTV83RS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82ZWJjMWMtNDJhYi00NTU5LTg0YjEt
ZjZhZDkzMzBjNGIwLzEvS2trdHAzMW5Rdjk0MzZkYzhZVHlJaUhvMF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82ZWJjMWMtNDJhYi00NTU5LTg0YjEtZjZhZDkzMzBjNGIw
LzEvT3RMM3pDZFRNSmd6QXh1b2xHU2FnTV83RS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSZMMA0E
AgACMAcDBQAqAUBgMA0GCSqGSIb3DQEBCwUAA4IBAQBk9TZT6JNFsiEQYERAXFYA
AwMFVtAVC9G1zA48Dlg+/Oe2SA6cBVC1wc1q6QqM3b0LY0GokM/+we4JlvLsXEJ5
vBH/JB1ts/DHDJIHwC54pHsEORwYZOt4GZdAAN9bo41FRlk9hND05wjd7MuIJu65
/Ely16AtiLt6ogBXq+XUW+zIrHAhKSMPpLtSQj2OMMTL/789pQxb1Ix/bJ8kTyzs
veZMm4MAKpIvTt9Xz05q2TNoBmnSYZDGRqAfy6GmM86w3TQ5CMlyIrWFJCDuHhO3
CL8mN8puiNi0dwgTUt1Qaeuqi347vDFZJvUctScHZvbxXh2NC+itti9qTtM3euC7
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:13 2024 by rpki-client on console-fra.rpki-client.org