Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/KWenMA6v2TA5ycJmMUC6P1zW4A4.roa
File: KWenMA6v2TA5ycJmMUC6P1zW4A4.roa (raw, json)
Hash identifier: f0m4APw2E9F5gJurXkdWjzpqCDbIcHvSPjyWCLB2xcs=
Subject key identifier: 29:67:A7:30:0E:AF:D9:30:39:C9:C2:66:31:40:BA:3F:5C:D6:E0:0E
Certificate issuer: /CN=eddd61bacf654e665d912a76de8f63b5004c7e48
Certificate serial: 018570CBE13ACC8FC65B24810FBC8B7FF4A2
Authority key identifier: ED:DD:61:BA:CF:65:4E:66:5D:91:2A:76:DE:8F:63:B5:00:4C:7E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7d1hus9lTmZdkSp23o9jtQBMfkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/KWenMA6v2TA5ycJmMUC6P1zW4A4.roa
Signing time: Mon 02 Jan 2023 04:44:47 +0000
ROA not before: Mon 02 Jan 2023 04:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202536
IP address blocks: 185.92.2.0/24 maxlen: 24
185.92.1.0/24 maxlen: 24
185.92.0.0/24 maxlen: 24
185.92.3.0/24 maxlen: 24
2a05:ef00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:e1:3a:cc:8f:c6:5b:24:81:0f:bc:8b:7f:f4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eddd61bacf654e665d912a76de8f63b5004c7e48
Validity
Not Before: Jan 2 04:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2967a7300eafd93039c9c2663140ba3f5cd6e00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1b:39:a5:da:fe:53:0e:52:00:c2:4f:59:91:
a9:42:0f:f1:84:38:9f:25:f6:97:06:e2:d1:7b:16:
b2:bf:79:16:bc:45:cc:0f:d5:dc:94:d1:df:47:f1:
8f:fa:5d:3b:68:a6:34:3a:67:61:40:9f:be:5c:85:
37:f5:da:fd:7e:c5:a8:91:c1:0f:b7:bf:18:36:5b:
98:5d:e5:8d:10:82:5e:62:74:78:bd:9f:02:0e:8f:
2d:ec:f8:a7:d3:5b:82:82:10:85:4a:14:88:1b:a4:
6d:1a:cf:c1:50:de:73:56:99:99:25:26:6d:94:23:
f4:de:56:69:70:6f:68:cc:4c:fa:77:4c:80:76:f0:
a0:b1:c4:35:6c:13:19:ff:98:a2:58:f0:df:7b:07:
fe:e7:76:de:f2:83:43:0e:be:a0:86:8d:0b:91:cd:
f2:55:11:99:22:2f:4e:1a:17:7b:e4:33:3d:a5:86:
4c:27:65:fc:89:57:e8:ab:be:bf:67:25:2c:53:46:
14:31:d6:54:11:2c:83:c5:f1:ad:0d:21:b3:17:89:
6f:13:7d:b8:7e:3b:43:47:e6:94:a7:7e:70:34:99:
a9:0d:f1:1d:a8:c8:41:64:c1:98:9a:f4:1f:28:f1:
cc:8a:22:03:c7:17:23:63:c2:3f:32:13:99:7a:a4:
03:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:67:A7:30:0E:AF:D9:30:39:C9:C2:66:31:40:BA:3F:5C:D6:E0:0E
X509v3 Authority Key Identifier:
keyid:ED:DD:61:BA:CF:65:4E:66:5D:91:2A:76:DE:8F:63:B5:00:4C:7E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d1hus9lTmZdkSp23o9jtQBMfkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/KWenMA6v2TA5ycJmMUC6P1zW4A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/7d1hus9lTmZdkSp23o9jtQBMfkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.0.0/22
IPv6:
2a05:ef00::/29
Signature Algorithm: sha256WithRSAEncryption
31:f6:44:11:22:43:b1:ea:b1:45:be:0d:33:32:04:e6:d0:a6:
23:58:65:d2:4b:a3:88:71:2b:ef:d4:e7:bd:2d:bb:9f:1c:e2:
49:02:54:3a:77:47:2c:a0:5c:ea:e3:18:96:f7:c9:9e:d5:4c:
64:c8:97:77:50:20:af:1d:47:b4:4a:59:fd:99:a4:42:76:1b:
ee:91:1c:1c:d7:ac:50:16:b4:8f:97:96:23:15:28:32:d2:91:
99:bd:99:24:c5:2d:06:b2:67:97:04:94:a3:9a:52:29:d6:61:
f5:18:15:45:18:2c:1a:2b:d7:47:06:92:1f:a2:35:4e:6a:d5:
c5:23:8c:c3:1a:fc:3b:07:86:15:af:30:df:93:3f:20:af:78:
c9:66:83:88:72:77:21:e6:c1:6d:05:5a:bc:97:6c:fc:fb:c0:
2a:f8:80:33:29:c9:dc:a4:8f:0f:b0:bb:38:c7:2e:f2:28:bf:
be:b2:b5:0e:ef:d7:ae:72:ff:70:4f:0d:9f:a0:6c:1c:03:52:
b1:a2:33:01:e4:96:33:7c:d9:e2:40:a4:ea:59:c2:39:8d:f9:
22:b5:ee:2c:21:63:0f:91:e9:ea:d0:6b:b6:f3:b6:6f:3c:bb:
b2:e4:46:7b:71:07:cd:25:7f:2d:fd:4e:70:54:f1:01:fa:41:
58:67:40:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwy+E6zI/GWySBD7yLf/SiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZGQ2MWJhY2Y2NTRlNjY1ZDkxMmE3NmRlOGY2M2I1MDA0
YzdlNDgwHhcNMjMwMTAyMDQ0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY3YTczMDBlYWZkOTMwMzljOWMyNjYzMTQwYmEzZjVjZDZlMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Rs5pdr+Uw5SAMJPWZGpQg/xhDif
JfaXBuLRexayv3kWvEXMD9XclNHfR/GP+l07aKY0OmdhQJ++XIU39dr9fsWokcEP
t78YNluYXeWNEIJeYnR4vZ8CDo8t7Pin01uCghCFShSIG6RtGs/BUN5zVpmZJSZt
lCP03lZpcG9ozEz6d0yAdvCgscQ1bBMZ/5iiWPDfewf+53be8oNDDr6gho0Lkc3y
VRGZIi9OGhd75DM9pYZMJ2X8iVfoq76/ZyUsU0YUMdZUESyDxfGtDSGzF4lvE324
fjtDR+aUp35wNJmpDfEdqMhBZMGYmvQfKPHMiiIDxxcjY8I/MhOZeqQDiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFClnpzAOr9kwOcnCZjFAuj9c1uAOMB8GA1UdIwQY
MBaAFO3dYbrPZU5mXZEqdt6PY7UATH5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2QxaHVzOWxUbVpka1NwMjNvOWp0UUJNZmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wNDVhMzgtZTBiYS00ODdmLWI0NjEt
NzI2NmFmYzk4ZGJhLzEvS1dlbk1BNnYyVEE1eWNKbU1VQzZQMXpXNEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wNDVhMzgtZTBiYS00ODdmLWI0NjEtNzI2NmFmYzk4ZGJh
LzEvN2QxaHVzOWxUbVpka1NwMjNvOWp0UUJNZmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVwAMA0E
AgACMAcDBQMqBe8AMA0GCSqGSIb3DQEBCwUAA4IBAQAx9kQRIkOx6rFFvg0zMgTm
0KYjWGXSS6OIcSvv1Oe9LbufHOJJAlQ6d0csoFzq4xiW98me1UxkyJd3UCCvHUe0
Sln9maRCdhvukRwc16xQFrSPl5YjFSgy0pGZvZkkxS0GsmeXBJSjmlIp1mH1GBVF
GCwaK9dHBpIfojVOatXFI4zDGvw7B4YVrzDfkz8gr3jJZoOIcnch5sFtBVq8l2z8
+8Aq+IAzKcncpI8PsLs4xy7yKL++srUO79eucv9wTw2foGwcA1KxojMB5JYzfNni
QKTqWcI5jfkite4sIWMPkenq0Gu287ZvPLuy5EZ7cQfNJX8t/U5wVPEB+kFYZ0B5
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:09 2024 by rpki-client on console-ams.rpki-client.org