Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/KwJeHHtcJcevt4J8QPKT99n1FTM.roa
File: KwJeHHtcJcevt4J8QPKT99n1FTM.roa (raw, json)
Hash identifier: JYCHZZx+kuK1sVL/WlUT4ZpvLtLIP2ccbzBn9delCdo=
Subject key identifier: 2B:02:5E:1C:7B:5C:25:C7:AF:B7:82:7C:40:F2:93:F7:D9:F5:15:33
Certificate issuer: /CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Certificate serial: 0185715E703132A7194233A2712577CBDF92
Authority key identifier: 8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/KwJeHHtcJcevt4J8QPKT99n1FTM.roa
Signing time: Mon 02 Jan 2023 07:24:52 +0000
ROA not before: Mon 02 Jan 2023 07:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212894
IP address blocks: 185.228.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Feb 2023 11:20:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:70:31:32:a7:19:42:33:a2:71:25:77:cb:df:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Validity
Not Before: Jan 2 07:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b025e1c7b5c25c7afb7827c40f293f7d9f51533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:89:20:d0:72:eb:14:5c:bc:04:ff:de:0c:
03:a3:01:df:a4:f5:05:0f:85:1f:5f:f8:30:01:57:
dd:ee:43:1e:26:88:9d:58:d2:0e:1e:11:7a:5e:7d:
eb:80:49:67:c9:90:27:5c:c0:23:20:f8:1c:7f:c1:
34:77:a0:46:a3:2c:40:88:90:65:f6:d1:0b:e8:15:
1f:86:a3:a0:db:b4:ee:9f:fb:1c:a1:1b:b5:04:0c:
42:a7:a7:50:be:78:14:42:f7:90:5f:8d:d7:51:26:
61:70:8f:be:56:fc:ae:2b:03:1b:61:bb:96:3b:45:
b3:9b:4b:64:64:6f:64:c0:43:29:b0:94:a8:e6:e5:
e7:67:8c:95:9a:eb:df:39:de:e4:0a:ec:d9:9f:42:
6b:56:5a:d9:f3:ed:6c:69:ce:c0:74:a7:ce:17:67:
87:d7:76:cc:b7:c1:e0:47:7d:af:d1:a6:c3:23:42:
9d:18:04:41:ad:93:2b:05:db:b0:6b:17:1f:87:1d:
c1:30:bd:21:f2:cc:2b:07:f2:48:64:26:d1:bd:9e:
81:04:14:42:71:88:04:9c:3f:79:f2:c9:b3:be:45:
f0:02:4a:fd:f1:57:a5:0a:9d:ab:3a:ec:39:96:df:
a8:93:14:54:83:c6:c8:f0:e3:8e:ba:fd:08:fe:1e:
44:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:02:5E:1C:7B:5C:25:C7:AF:B7:82:7C:40:F2:93:F7:D9:F5:15:33
X509v3 Authority Key Identifier:
keyid:8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/KwJeHHtcJcevt4J8QPKT99n1FTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.243.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:88:f4:83:de:ef:03:9a:ab:c0:20:0b:b5:1a:06:10:93:4e:
2d:6d:d1:08:5a:68:1f:d5:99:1a:d7:42:c0:e3:b5:77:b8:a4:
53:8b:bf:bf:40:e1:30:36:ea:b1:de:a4:77:8d:64:c4:ef:fc:
db:60:92:f5:75:e3:a9:b8:38:14:22:92:55:84:3d:1c:0e:9b:
c5:f6:e1:cb:d8:fe:f3:ac:36:32:b2:d3:db:c9:88:ed:cf:ec:
2f:35:9e:ee:68:dc:1e:f9:9c:0f:51:73:24:29:f8:d5:41:a4:
67:d1:f8:e8:f5:aa:57:ee:e7:4e:11:7a:18:f1:05:c7:03:b6:
72:5e:4f:32:3c:8c:9a:8c:1f:a1:f1:6f:98:58:57:e8:2f:58:
f7:83:51:05:0e:08:d5:40:a0:55:79:db:6a:2a:f6:09:c2:76:
04:d3:81:0b:5a:e7:87:b9:57:5f:fb:82:05:2a:b7:b9:0a:0b:
4c:76:ef:4f:cf:00:0d:56:7c:df:0f:dd:a9:75:2d:fd:83:cc:
1e:1e:5b:ee:7a:30:95:ff:d2:63:12:d7:72:f6:5f:be:61:48:
40:86:ea:96:27:c5:3e:f0:25:ab:bd:85:a6:bc:1d:8c:5f:69:
f1:a4:54:63:37:6a:22:a1:d5:88:b9:ef:20:9e:ab:ef:9e:91:
61:97:7a:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXnAxMqcZQjOicSV3y9+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWU3YTNhZDE1MmJiODcyNWE3ZGI5YmI3NTIwODA0YjZm
MTE1NWYwHhcNMjMwMTAyMDcyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjAyNWUxYzdiNWMyNWM3YWZiNzgyN2M0MGYyOTNmN2Q5ZjUxNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCCJINBy6xRcvAT/3gwDowHfpPUF
D4UfX/gwAVfd7kMeJoidWNIOHhF6Xn3rgElnyZAnXMAjIPgcf8E0d6BGoyxAiJBl
9tEL6BUfhqOg27Tun/scoRu1BAxCp6dQvngUQveQX43XUSZhcI++VvyuKwMbYbuW
O0Wzm0tkZG9kwEMpsJSo5uXnZ4yVmuvfOd7kCuzZn0JrVlrZ8+1sac7AdKfOF2eH
13bMt8HgR32v0abDI0KdGARBrZMrBduwaxcfhx3BML0h8swrB/JIZCbRvZ6BBBRC
cYgEnD958smzvkXwAkr98VelCp2rOuw5lt+okxRUg8bI8OOOuv0I/h5EewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsCXhx7XCXHr7eCfEDyk/fZ9RUzMB8GA1UdIwQY
MBaAFI7uejrRUruHJafbm7dSCAS28RVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYt
NDk1OTFhZmUxN2YwLzEvS3dKZUhIdGNKY2V2dDRKOFFQS1Q5OW4xRlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYtNDk1OTFhZmUxN2Yw
LzEvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueTzMA0G
CSqGSIb3DQEBCwUAA4IBAQALiPSD3u8DmqvAIAu1GgYQk04tbdEIWmgf1Zka10LA
47V3uKRTi7+/QOEwNuqx3qR3jWTE7/zbYJL1deOpuDgUIpJVhD0cDpvF9uHL2P7z
rDYystPbyYjtz+wvNZ7uaNwe+ZwPUXMkKfjVQaRn0fjo9apX7udOEXoY8QXHA7Zy
Xk8yPIyajB+h8W+YWFfoL1j3g1EFDgjVQKBVedtqKvYJwnYE04ELWueHuVdf+4IF
Kre5CgtMdu9PzwANVnzfD92pdS39g8weHlvuejCV/9JjEtdy9l++YUhAhuqWJ8U+
8CWrvYWmvB2MX2nxpFRjN2oiodWIue8gnqvvnpFhl3q2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org