Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/klHBPKNXP26ZL0YTbJ-QbEokAKE.roa
File: klHBPKNXP26ZL0YTbJ-QbEokAKE.roa (raw, json)
Hash identifier: hO/Sr/AuKZG5KICJtcHbq/GiF25CzdKUpi8ELdNp3kk=
Subject key identifier: 92:51:C1:3C:A3:57:3F:6E:99:2F:46:13:6C:9F:90:6C:4A:24:00:A1
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 01857094F90ECA5CFC2B0F6F33BFA30135A7
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/klHBPKNXP26ZL0YTbJ-QbEokAKE.roa
Signing time: Mon 02 Jan 2023 03:44:49 +0000
ROA not before: Mon 02 Jan 2023 03:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8763
IP address blocks: 81.91.160.0/20 maxlen: 20
81.91.172.0/24 maxlen: 24
81.91.170.0/24 maxlen: 24
81.91.173.0/24 maxlen: 24
185.151.140.0/24 maxlen: 24
2a02:568::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:f9:0e:ca:5c:fc:2b:0f:6f:33:bf:a3:01:35:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: Jan 2 03:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9251c13ca3573f6e992f46136c9f906c4a2400a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9a:f0:e6:8d:63:11:fb:d4:f7:7c:10:b1:40:
fe:5e:01:c5:a0:f2:e5:ce:0d:42:7b:19:de:68:b1:
97:40:55:f3:75:d3:f1:94:36:9e:d1:e4:b5:1e:7f:
0a:33:3c:9a:30:d6:b8:ed:3d:bd:79:24:76:59:09:
14:9f:be:a4:20:63:ba:6a:a2:92:2c:02:8c:20:e3:
43:b7:08:55:e4:36:fe:b0:eb:07:2c:62:ea:a5:c6:
c2:4a:1c:bf:e1:b8:5a:fc:1d:fd:7b:dc:c9:ac:3d:
5a:0c:ab:b4:d2:1c:94:89:4c:86:25:7f:6e:18:b7:
54:64:8c:92:57:5a:6f:1a:e5:6f:6d:bc:08:0e:23:
db:bf:01:a4:be:d7:4e:30:e1:7f:61:e1:66:28:0d:
aa:90:87:5f:b1:da:6b:11:d9:14:aa:9f:99:8e:9e:
86:8d:e5:75:14:2e:a2:eb:2e:06:32:cc:2c:dc:08:
3c:c2:3d:38:24:93:ec:54:e4:05:05:af:2d:6b:ae:
62:32:2b:cc:8a:17:30:5a:50:a1:f9:93:73:76:7a:
4e:8b:83:f5:96:0e:e7:de:d5:8d:35:93:73:2e:4c:
2b:41:8e:12:be:66:af:3c:2d:a8:7c:50:37:58:0d:
33:1f:fc:3f:68:57:e4:f6:77:de:69:16:1f:99:b7:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:51:C1:3C:A3:57:3F:6E:99:2F:46:13:6C:9F:90:6C:4A:24:00:A1
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/klHBPKNXP26ZL0YTbJ-QbEokAKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.160.0/20
185.151.140.0/24
IPv6:
2a02:568::/32
Signature Algorithm: sha256WithRSAEncryption
0f:b4:e4:fa:02:50:37:be:fb:97:15:e2:f6:93:0a:3e:04:01:
e6:36:c1:83:9a:41:16:3a:ea:ae:59:90:a3:a1:13:74:72:1a:
b2:14:77:42:72:e9:2e:06:ae:3a:dc:a1:ec:84:01:aa:32:8d:
26:49:ce:5a:f7:98:d8:02:02:c3:2a:c5:5e:68:1a:4a:a1:2d:
58:48:8b:5b:e1:c0:e8:fd:b8:6c:ac:33:5c:5c:fa:3f:af:dd:
ed:0f:ac:84:2a:76:41:36:f8:92:84:55:5e:27:17:1d:10:fc:
4e:b8:ed:a9:a2:3f:b4:90:9e:02:f1:8a:49:4e:70:fb:9b:54:
38:00:ce:87:d1:11:fb:56:6e:18:86:43:7c:6d:b9:c1:dd:f4:
28:2d:45:56:c4:10:49:63:ce:9a:da:7e:09:01:48:bc:25:ca:
6b:c0:9e:db:a4:0a:8e:3f:43:05:20:93:bc:a1:e8:67:4f:4b:
89:24:25:e4:f5:2c:67:9b:47:ba:bc:2b:2b:f7:89:ea:24:69:
14:e0:02:82:65:ea:fb:c2:5c:68:1a:1b:a8:32:66:2e:34:dd:
f8:1c:b9:e2:67:4d:97:a6:8f:f0:b5:c9:87:96:40:7e:5e:bb:
01:25:97:56:47:56:36:11:ca:2f:51:f0:86:e2:49:9e:b7:14:
76:72:0e:cf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwlPkOylz8Kw9vM7+jATWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2
YzkzYzcwHhcNMjMwMTAyMDM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjUxYzEzY2EzNTczZjZlOTkyZjQ2MTM2YzlmOTA2YzRhMjQwMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkprw5o1jEfvU93wQsUD+XgHFoPLl
zg1CexneaLGXQFXzddPxlDae0eS1Hn8KMzyaMNa47T29eSR2WQkUn76kIGO6aqKS
LAKMIONDtwhV5Db+sOsHLGLqpcbCShy/4bha/B39e9zJrD1aDKu00hyUiUyGJX9u
GLdUZIySV1pvGuVvbbwIDiPbvwGkvtdOMOF/YeFmKA2qkIdfsdprEdkUqp+Zjp6G
jeV1FC6i6y4GMsws3Ag8wj04JJPsVOQFBa8ta65iMivMihcwWlCh+ZNzdnpOi4P1
lg7n3tWNNZNzLkwrQY4SvmavPC2ofFA3WA0zH/w/aFfk9nfeaRYfmbdx8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJJRwTyjVz9umS9GE2yfkGxKJAChMB8GA1UdIwQY
MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt
ZGQ2Y2M5N2M5YmRkLzEva2xIQlBLTlhQMjZaTDBZVGJKLVFiRW9rQUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk
LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVugAwQA
uZeMMA0EAgACMAcDBQAqAgVoMA0GCSqGSIb3DQEBCwUAA4IBAQAPtOT6AlA3vvuX
FeL2kwo+BAHmNsGDmkEWOuquWZCjoRN0chqyFHdCcukuBq463KHshAGqMo0mSc5a
95jYAgLDKsVeaBpKoS1YSItb4cDo/bhsrDNcXPo/r93tD6yEKnZBNviShFVeJxcd
EPxOuO2poj+0kJ4C8YpJTnD7m1Q4AM6H0RH7Vm4YhkN8bbnB3fQoLUVWxBBJY86a
2n4JAUi8JcprwJ7bpAqOP0MFIJO8oehnT0uJJCXk9Sxnm0e6vCsr94nqJGkU4AKC
Zer7wlxoGhuoMmYuNN34HLniZ02Xpo/wtcmHlkB+XrsBJZdWR1Y2EcovUfCG4kme
txR2cg7P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:00 2024 by rpki-client on console-ams.rpki-client.org