Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/kpu3D9Q76tkNf25tgZlWCG96EiY.roa
File: kpu3D9Q76tkNf25tgZlWCG96EiY.roa (raw, json)
Hash identifier: iAd5F+mdFxVD8z6aphegwCz8uhNRZyjTBb7f1F9GGJU=
Subject key identifier: 92:9B:B7:0F:D4:3B:EA:D9:0D:7F:6E:6D:81:99:56:08:6F:7A:12:26
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 01856FCBBF8DD0BBB7F278674B442FE186D5
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/kpu3D9Q76tkNf25tgZlWCG96EiY.roa
Signing time: Mon 02 Jan 2023 00:05:01 +0000
ROA not before: Mon 02 Jan 2023 00:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35579
IP address blocks: 92.63.213.0/24 maxlen: 24
78.142.66.0/23 maxlen: 23
78.142.85.0/24 maxlen: 24
78.142.80.0/22 maxlen: 24
78.142.86.0/23 maxlen: 23
78.142.91.0/24 maxlen: 24
78.142.90.0/24 maxlen: 24
78.142.88.0/23 maxlen: 23
195.16.244.0/24 maxlen: 24
195.16.252.0/24 maxlen: 24
2a04:5080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:bf:8d:d0:bb:b7:f2:78:67:4b:44:2f:e1:86:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Jan 2 00:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=929bb70fd43bead90d7f6e6d819956086f7a1226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:48:9b:6d:f0:fb:c2:28:b7:43:ce:e0:35:88:
74:20:53:f1:a3:57:eb:5f:61:ec:e9:53:ce:9d:cc:
1e:4f:4b:4c:ad:6b:90:d5:bf:96:5e:95:2d:27:70:
9a:59:76:d6:93:48:0c:09:17:5f:32:2f:19:86:19:
4f:7a:11:22:de:3a:cc:50:74:8f:38:ab:2a:17:b9:
b0:c5:a1:25:2f:9a:8e:dc:5a:5d:34:87:8c:a2:e5:
80:0c:eb:32:64:cc:aa:d6:7c:65:9c:a3:59:3c:b4:
b1:bb:16:6b:28:c4:18:0f:f2:da:73:79:08:5c:4f:
71:3b:99:fe:5e:58:7c:27:99:5f:ea:9f:39:30:a9:
c2:26:b5:fe:c2:c7:d4:76:42:c1:86:2f:0d:0a:ec:
01:ca:4c:8a:e2:ae:5e:ac:72:07:67:8b:a4:99:07:
42:3c:87:f5:51:4f:25:c4:1a:80:f2:48:cd:2a:13:
de:3e:39:0a:c8:ee:b1:a9:d1:ba:95:c0:2f:d9:a9:
29:37:15:e1:1f:1d:f6:f5:b2:cd:f3:e0:29:57:63:
fc:3c:34:d3:68:c3:a3:4c:ff:3e:be:c7:72:9d:ec:
33:ec:d2:2b:1c:29:17:1a:c4:ef:73:26:51:6b:07:
ef:37:79:0e:bb:75:7f:1b:e5:c6:76:e7:de:ac:65:
aa:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9B:B7:0F:D4:3B:EA:D9:0D:7F:6E:6D:81:99:56:08:6F:7A:12:26
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/kpu3D9Q76tkNf25tgZlWCG96EiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.66.0/23
78.142.80.0/22
78.142.85.0-78.142.91.255
92.63.213.0/24
195.16.244.0/24
195.16.252.0/24
IPv6:
2a04:5080::/29
Signature Algorithm: sha256WithRSAEncryption
6f:3a:85:7a:15:c2:ea:ef:cd:8e:c2:30:64:d7:0f:46:a4:b4:
7d:69:09:b7:48:f7:2d:58:e6:d5:1f:de:b3:25:6c:65:3d:b7:
61:7b:56:9d:f7:30:df:23:06:6f:d6:8b:ff:4a:b7:df:b1:27:
9d:9f:b0:cd:b8:80:0d:cb:b9:03:08:b5:fb:b2:5f:4a:19:aa:
6d:a5:35:4e:55:7b:20:95:90:4a:62:ca:71:b3:af:4a:98:bd:
c5:4f:b2:63:c5:a1:36:06:72:38:9b:89:ee:b8:29:8d:0a:74:
ee:fe:25:52:12:2f:98:a3:7c:c6:ce:9d:e1:df:c9:2d:95:00:
7a:1c:8f:18:3c:68:42:79:b1:d9:bd:22:3a:0d:3d:b4:39:e0:
f1:0e:fc:8e:63:38:4d:fd:17:09:d3:27:6c:41:c0:de:49:6e:
0c:b9:13:a6:88:d5:8e:c7:63:10:6f:10:b1:b5:87:39:07:54:
89:f9:82:db:58:53:20:22:7c:05:5b:84:70:a6:b5:94:20:87:
14:2a:dd:a2:f1:3a:00:73:7a:ab:04:47:02:1d:e5:5a:e8:a6:
7a:cc:b6:57:3d:58:1c:1f:02:ba:94:7b:ff:4c:8c:32:bf:9a:
53:67:aa:90:ce:93:da:a7:b5:d1:1c:25:94:2f:4a:44:c8:a7:
91:65:3c:9a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVvy7+N0Lu38nhnS0Qv4YbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjMwMTAyMDAwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjliYjcwZmQ0M2JlYWQ5MGQ3ZjZlNmQ4MTk5NTYwODZmN2ExMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkibbfD7wii3Q87gNYh0IFPxo1fr
X2Hs6VPOncweT0tMrWuQ1b+WXpUtJ3CaWXbWk0gMCRdfMi8ZhhlPehEi3jrMUHSP
OKsqF7mwxaElL5qO3FpdNIeMouWADOsyZMyq1nxlnKNZPLSxuxZrKMQYD/Lac3kI
XE9xO5n+Xlh8J5lf6p85MKnCJrX+wsfUdkLBhi8NCuwBykyK4q5erHIHZ4ukmQdC
PIf1UU8lxBqA8kjNKhPePjkKyO6xqdG6lcAv2akpNxXhHx329bLN8+ApV2P8PDTT
aMOjTP8+vsdynewz7NIrHCkXGsTvcyZRawfvN3kOu3V/G+XGduferGWqvQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJKbtw/UO+rZDX9ubYGZVghvehImMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEva3B1M0Q5UTc2dGtOZjI1dGdabFdDRzk2RWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQBTo5CAwQC
To5QMAwDBABOjlUDBAJOjlgDBABcP9UDBADDEPQDBADDEPwwDQQCAAIwBwMFAyoE
UIAwDQYJKoZIhvcNAQELBQADggEBAG86hXoVwurvzY7CMGTXD0aktH1pCbdI9y1Y
5tUf3rMlbGU9t2F7Vp33MN8jBm/Wi/9Kt9+xJ52fsM24gA3LuQMItfuyX0oZqm2l
NU5VeyCVkEpiynGzr0qYvcVPsmPFoTYGcjibie64KY0KdO7+JVISL5ijfMbOneHf
yS2VAHocjxg8aEJ5sdm9IjoNPbQ54PEO/I5jOE39FwnTJ2xBwN5Jbgy5E6aI1Y7H
YxBvELG1hzkHVIn5gttYUyAifAVbhHCmtZQghxQq3aLxOgBzeqsERwId5VropnrM
tlc9WBwfArqUe/9MjDK/mlNnqpDOk9qntdEcJZQvSkTIp5FlPJo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org