Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/KHmf3YRbNTQed5zNeT9s8MTBcnQ.roa
File: KHmf3YRbNTQed5zNeT9s8MTBcnQ.roa (raw, json)
Hash identifier: cPovH57aXGr1qVnGNnLQ1oF1N49RssIvP5TgtQVXtl8=
Subject key identifier: 28:79:9F:DD:84:5B:35:34:1E:77:9C:CD:79:3F:6C:F0:C4:C1:72:74
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 018770D34ACD5273DD78B4C55C9859C5A2F6
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/KHmf3YRbNTQed5zNeT9s8MTBcnQ.roa
Signing time: Tue 11 Apr 2023 14:58:28 +0000
ROA not before: Tue 11 Apr 2023 14:58:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210020
IP address blocks: 188.124.3.0/24 maxlen: 24
188.124.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:d3:4a:cd:52:73:dd:78:b4:c5:5c:98:59:c5:a2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Apr 11 14:58:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28799fdd845b35341e779ccd793f6cf0c4c17274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:04:72:e8:b8:ad:a5:2b:79:70:3d:bf:f8:49:
55:e8:f6:f8:37:eb:1c:b2:e2:da:9f:40:6d:75:21:
82:db:83:0f:da:87:09:ef:ca:48:b7:08:e3:7c:23:
e7:9d:31:8f:2a:f9:20:f3:f6:9f:69:e7:66:62:04:
f8:91:d3:e0:ec:c7:54:62:c0:66:25:dd:26:64:3d:
e1:22:76:8d:da:42:96:a5:3f:e9:eb:b0:a4:a2:b3:
43:43:df:91:aa:68:39:ec:73:76:2f:93:2f:e3:3e:
29:50:c7:5c:6f:7c:a1:42:66:7a:9d:c2:4c:04:ce:
0d:30:8a:42:43:f8:13:c9:cf:f0:51:27:35:61:85:
8a:7f:e0:c4:1b:9b:6c:b6:9c:92:2d:a2:0e:f7:78:
39:a8:09:67:d8:fc:9a:4c:af:c3:b5:c9:11:aa:ac:
44:7a:50:1f:4e:f8:b4:4d:2d:63:ba:fb:f8:f4:e4:
6b:ce:cf:9f:a7:e3:c8:a0:dc:b6:ec:39:2d:6a:61:
1e:e4:63:f9:06:e2:74:5f:7e:58:40:b4:83:42:f7:
7b:3c:ed:16:b0:f4:21:30:90:b0:db:a7:2d:69:97:
fb:a0:6e:13:de:b5:4e:9b:f0:b4:b7:0f:fd:c0:56:
86:46:0a:68:6d:26:89:f4:16:99:ee:fe:b4:a4:f7:
b6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:79:9F:DD:84:5B:35:34:1E:77:9C:CD:79:3F:6C:F0:C4:C1:72:74
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/KHmf3YRbNTQed5zNeT9s8MTBcnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.124.3.0/24
188.124.5.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:93:4b:70:c6:5c:41:19:20:2e:19:38:42:87:8b:7d:1a:5f:
42:2c:66:41:9a:a9:89:fa:eb:35:4b:0b:ba:65:8a:9b:5c:5d:
ea:13:89:25:fe:89:cf:ab:d1:3b:ac:89:da:bd:ed:7d:28:e7:
07:5e:ef:77:f6:6a:ee:c6:41:75:b3:89:d0:36:d0:1d:5b:e0:
9d:41:ba:5a:c5:5b:a1:99:67:ec:c8:7a:94:75:8d:2a:30:7a:
19:84:d5:36:60:89:1d:11:8a:c8:7d:36:35:04:7d:64:a2:3c:
e6:64:1d:a9:fb:b3:34:e9:e3:5b:9f:1f:c1:58:4f:7d:df:31:
af:02:4d:42:70:08:0e:9e:86:0f:bf:13:11:f4:c0:1a:e6:2e:
08:80:67:31:42:ba:a3:78:3a:8f:00:97:4e:ed:b0:bc:8f:fc:
7d:3f:f7:5b:d3:7c:49:a6:31:e3:c0:ab:e8:d6:55:68:d0:0d:
a0:3a:9b:c1:e7:a7:dc:1b:d8:4c:6c:76:24:4f:2b:57:55:d2:
f1:f1:21:b8:f1:d3:65:29:32:5c:8c:d1:c1:48:b7:74:16:da:
ac:7d:b1:1b:df:ef:de:c2:49:28:af:e6:14:cc:38:a4:eb:c4:
ff:31:6d:22:a9:f1:c8:d2:ad:bf:17:d6:c8:ed:fb:eb:d9:11:
98:88:a3:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdw00rNUnPdeLTFXJhZxaL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjMwNDExMTQ1ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc5OWZkZDg0NWIzNTM0MWU3NzljY2Q3OTNmNmNmMGM0YzE3Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhARy6LitpSt5cD2/+ElV6Pb4N+sc
suLan0BtdSGC24MP2ocJ78pItwjjfCPnnTGPKvkg8/afaedmYgT4kdPg7MdUYsBm
Jd0mZD3hInaN2kKWpT/p67CkorNDQ9+Rqmg57HN2L5Mv4z4pUMdcb3yhQmZ6ncJM
BM4NMIpCQ/gTyc/wUSc1YYWKf+DEG5tstpySLaIO93g5qAln2PyaTK/DtckRqqxE
elAfTvi0TS1juvv49ORrzs+fp+PIoNy27DktamEe5GP5BuJ0X35YQLSDQvd7PO0W
sPQhMJCw26ctaZf7oG4T3rVOm/C0tw/9wFaGRgpobSaJ9BaZ7v60pPe2OQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCh5n92EWzU0HneczXk/bPDEwXJ0MB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvS0htZjNZUmJOVFFlZDV6TmVUOXM4TVRCY25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvHwDAwQA
vHwFMA0GCSqGSIb3DQEBCwUAA4IBAQCwk0twxlxBGSAuGThCh4t9Gl9CLGZBmqmJ
+us1Swu6ZYqbXF3qE4kl/onPq9E7rInave19KOcHXu939mruxkF1s4nQNtAdW+Cd
QbpaxVuhmWfsyHqUdY0qMHoZhNU2YIkdEYrIfTY1BH1kojzmZB2p+7M06eNbnx/B
WE993zGvAk1CcAgOnoYPvxMR9MAa5i4IgGcxQrqjeDqPAJdO7bC8j/x9P/db03xJ
pjHjwKvo1lVo0A2gOpvB56fcG9hMbHYkTytXVdLx8SG48dNlKTJcjNHBSLd0Ftqs
fbEb3+/ewkkor+YUzDik68T/MW0iqfHI0q2/F9bI7fvr2RGYiKNs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:02 2024 by rpki-client on console-ams.rpki-client.org