Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/KTKGmTtRkGEkzXLivVHhpeW4zi8.roa
File: KTKGmTtRkGEkzXLivVHhpeW4zi8.roa (raw, json)
Hash identifier: IgEo+UsvT/YaVEaQfa7+gT1c6ex0DrVIugR1JFTQgWU=
Subject key identifier: 29:32:86:99:3B:51:90:61:24:CD:72:E2:BD:51:E1:A5:E5:B8:CE:2F
Certificate issuer: /CN=f7e5647cd0b7f722bed4569f37b8bf8f92538cf5
Certificate serial: 018CC9BBBD1DFFD38E4BC8576C4219D4F964
Authority key identifier: F7:E5:64:7C:D0:B7:F7:22:BE:D4:56:9F:37:B8:BF:8F:92:53:8C:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-VkfNC39yK-1FafN7i_j5JTjPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/KTKGmTtRkGEkzXLivVHhpeW4zi8.roa
Signing time: Tue 02 Jan 2024 10:32:53 +0000
ROA not before: Tue 02 Jan 2024 10:32:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60860
IP address blocks: 193.106.64.0/24 maxlen: 24
193.106.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 09:17:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:bd:1d:ff:d3:8e:4b:c8:57:6c:42:19:d4:f9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7e5647cd0b7f722bed4569f37b8bf8f92538cf5
Validity
Not Before: Jan 2 10:32:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=293286993b51906124cd72e2bd51e1a5e5b8ce2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6a:5c:c5:25:b9:7c:9a:82:d5:7c:f2:c1:c5:
bd:a1:1a:32:fc:e2:a5:36:3a:0c:a0:e6:af:08:f6:
d9:2a:4f:65:3e:4f:5b:46:b3:5b:6e:d4:e6:e6:8c:
c3:48:c6:71:91:ad:df:8e:9a:1b:11:a4:6c:73:6c:
b8:63:c9:2e:48:40:5c:63:15:6d:d4:7e:48:89:8e:
e3:9d:45:52:60:4c:20:00:69:bf:13:4d:b4:6e:c6:
71:aa:6d:c9:a8:04:fe:3a:78:f5:02:0c:13:e7:44:
1d:a2:e5:13:8f:70:6e:01:05:b0:b3:f7:73:1c:aa:
cf:f2:3a:61:42:76:63:a3:8f:a6:0c:62:7c:b0:49:
c7:09:38:fc:91:5a:55:52:00:ed:eb:90:91:a4:10:
e4:d6:d6:0d:8f:f2:f5:ca:81:25:e1:53:26:6a:5b:
26:20:99:0d:8c:87:cf:db:d1:ed:20:ac:a9:76:dd:
76:3f:eb:ee:7f:8a:d0:60:ac:1f:07:64:7d:e1:7f:
f7:0c:99:b8:82:fd:44:df:12:24:5f:53:ab:f8:39:
7d:8d:cf:19:a4:d1:40:2a:0a:09:9b:b1:9c:ed:94:
1f:21:8c:2f:94:1d:2c:1a:92:c6:7c:09:71:72:cd:
97:59:7e:3a:74:9c:0d:92:95:1e:93:e7:56:f7:c5:
54:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:32:86:99:3B:51:90:61:24:CD:72:E2:BD:51:E1:A5:E5:B8:CE:2F
X509v3 Authority Key Identifier:
keyid:F7:E5:64:7C:D0:B7:F7:22:BE:D4:56:9F:37:B8:BF:8F:92:53:8C:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-VkfNC39yK-1FafN7i_j5JTjPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/KTKGmTtRkGEkzXLivVHhpeW4zi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/9-VkfNC39yK-1FafN7i_j5JTjPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.64.0/24
193.106.67.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:64:3e:cc:64:f6:28:3a:84:33:e8:0c:55:83:4e:a8:3e:e2:
a2:34:27:f5:e3:b9:1e:02:76:54:82:97:67:8b:83:18:c0:a7:
52:2a:f4:c6:a1:c9:cf:98:36:22:01:03:34:c6:73:1d:f3:92:
62:76:01:f6:57:ef:23:d9:8f:2e:e6:4a:6e:09:4d:4b:f1:ed:
81:cb:a0:f5:c2:23:c0:d6:cb:17:1f:81:34:bd:c7:9a:bf:a1:
b9:16:6b:0d:e0:76:f3:79:66:16:55:68:6a:b9:a4:c2:24:59:
01:6f:07:0c:9f:59:ba:3c:d3:fd:a9:1b:b0:d4:3f:da:cf:a0:
9e:a7:10:46:34:c4:a4:33:00:c8:61:80:77:2d:a1:9e:72:25:
a3:a0:de:09:72:0c:7d:66:68:41:ff:8e:06:7a:ab:d3:a2:3f:
d7:ba:c4:d4:b3:0c:34:c8:9d:6a:09:28:e8:3c:b3:fd:64:e1:
51:ad:b5:79:24:a5:b5:6d:90:b9:29:51:18:eb:da:d2:2e:02:
d0:43:25:ce:e0:1c:72:1f:45:d2:9b:c9:ec:e0:54:e7:de:77:
b4:9e:e8:70:3c:c5:64:73:78:73:88:f8:97:0c:22:e6:dc:0c:
de:0e:93:8c:60:3c:04:67:d9:6c:3f:d2:15:0d:85:6d:1e:ad:
79:5e:74:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJu70d/9OOS8hXbEIZ1PlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZTU2NDdjZDBiN2Y3MjJiZWQ0NTY5ZjM3YjhiZjhmOTI1
MzhjZjUwHhcNMjQwMTAyMTAzMjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTMyODY5OTNiNTE5MDYxMjRjZDcyZTJiZDUxZTFhNWU1YjhjZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2pcxSW5fJqC1XzywcW9oRoy/OKl
NjoMoOavCPbZKk9lPk9bRrNbbtTm5ozDSMZxka3fjpobEaRsc2y4Y8kuSEBcYxVt
1H5IiY7jnUVSYEwgAGm/E020bsZxqm3JqAT+Onj1AgwT50QdouUTj3BuAQWws/dz
HKrP8jphQnZjo4+mDGJ8sEnHCTj8kVpVUgDt65CRpBDk1tYNj/L1yoEl4VMmalsm
IJkNjIfP29HtIKypdt12P+vuf4rQYKwfB2R94X/3DJm4gv1E3xIkX1Or+Dl9jc8Z
pNFAKgoJm7Gc7ZQfIYwvlB0sGpLGfAlxcs2XWX46dJwNkpUek+dW98VU5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCkyhpk7UZBhJM1y4r1R4aXluM4vMB8GA1UdIwQY
MBaAFPflZHzQt/civtRWnze4v4+SU4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOS1Wa2ZOQzM5eUstMUZhZk43aV9qNUpUalBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mOTA4MmItY2JhMy00ZmJjLWFkYTIt
ZGYwNjM3NjdjM2Y2LzEvS1RLR21UdFJrR0VrelhMaXZWSGhwZVc0emk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mOTA4MmItY2JhMy00ZmJjLWFkYTItZGYwNjM3NjdjM2Y2
LzEvOS1Wa2ZOQzM5eUstMUZhZk43aV9qNUpUalBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWpAAwQA
wWpDMA0GCSqGSIb3DQEBCwUAA4IBAQBKZD7MZPYoOoQz6AxVg06oPuKiNCf147ke
AnZUgpdni4MYwKdSKvTGocnPmDYiAQM0xnMd85JidgH2V+8j2Y8u5kpuCU1L8e2B
y6D1wiPA1ssXH4E0vceav6G5FmsN4HbzeWYWVWhquaTCJFkBbwcMn1m6PNP9qRuw
1D/az6CepxBGNMSkMwDIYYB3LaGeciWjoN4Jcgx9ZmhB/44GeqvToj/XusTUsww0
yJ1qCSjoPLP9ZOFRrbV5JKW1bZC5KVEY69rSLgLQQyXO4BxyH0XSm8ns4FTn3ne0
nuhwPMVkc3hziPiXDCLm3AzeDpOMYDwEZ9lsP9IVDYVtHq15XnRB
-----END CERTIFICATE-----
Generated at Thu Jan 11 12:38:57 2024 by rpki-client on console-ams.rpki-client.org