Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kK2Knl0vGnXGEa_5XwYUoe_XVSo.roa
File: kK2Knl0vGnXGEa_5XwYUoe_XVSo.roa (raw, json)
Hash identifier: sflGiLEPnoSCQDct8onG23jfD78IDjWgr0LRtEsoIfg=
Subject key identifier: 90:AD:8A:9E:5D:2F:1A:75:C6:11:AF:F9:5F:06:14:A1:EF:D7:55:2A
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018DA271795F5F4E17CCFC9D66438EB12CDF
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kK2Knl0vGnXGEa_5XwYUoe_XVSo.roa
Signing time: Tue 13 Feb 2024 12:29:21 +0000
ROA not before: Tue 13 Feb 2024 12:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24875
IP address blocks: 160.238.64.0/24 maxlen: 24
160.238.65.0/24 maxlen: 24
160.238.66.0/24 maxlen: 24
160.238.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 04:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:71:79:5f:5f:4e:17:cc:fc:9d:66:43:8e:b1:2c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Feb 13 12:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90ad8a9e5d2f1a75c611aff95f0614a1efd7552a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:28:5f:68:07:05:c1:6d:39:ba:ff:0b:05:19:
4d:e2:ef:9e:5b:4b:e3:c3:a3:c9:28:f7:e0:67:06:
2e:28:95:76:10:1e:d7:e1:68:c2:6b:b2:17:4b:27:
bb:a5:e7:64:62:e3:4c:92:ee:92:28:33:31:16:ab:
a9:e7:f3:6f:c3:2f:f8:a2:bb:f4:be:eb:1a:63:de:
1b:2c:46:94:76:7d:eb:9b:41:0e:ea:2e:b3:03:29:
18:77:f6:73:9b:3d:c7:d3:09:9e:3a:2f:4b:3b:24:
10:6c:a6:9d:c3:27:ba:77:31:bf:c0:15:a1:3c:a2:
54:2c:76:3c:d7:a1:3b:c5:47:d8:53:2b:9b:a3:9f:
d4:8e:68:b3:0c:20:52:d5:32:24:d9:fb:90:7c:21:
ea:ae:c6:f7:a0:00:b2:a7:86:f5:c0:de:85:1d:c7:
c5:81:03:3c:98:91:ef:5e:26:14:b1:80:c0:09:df:
d4:08:1c:fc:20:87:57:08:53:03:81:a4:cf:e1:62:
ad:36:75:48:01:7d:c7:4d:8d:14:06:7d:aa:4d:5c:
8b:39:e5:00:85:18:cf:f6:fc:02:3f:57:c1:a4:80:
fa:bc:4c:91:ea:59:94:fe:7c:32:74:3c:f6:a0:10:
44:e4:66:dc:d6:7e:cc:31:91:d3:a0:e4:0d:de:e9:
11:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AD:8A:9E:5D:2F:1A:75:C6:11:AF:F9:5F:06:14:A1:EF:D7:55:2A
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kK2Knl0vGnXGEa_5XwYUoe_XVSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.238.64.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:a0:80:90:9c:11:df:2f:5d:83:35:40:59:d6:40:06:33:d1:
d0:19:4f:1a:d7:74:dc:93:6c:b0:31:c4:8f:28:cf:9d:53:7f:
86:7d:ca:f9:c8:8c:59:7e:d5:ec:1c:0b:11:03:ed:3a:a1:4c:
95:3b:68:bb:27:41:70:94:13:6f:75:09:75:f2:74:92:cb:1f:
a6:d7:43:e0:7e:93:0b:91:b0:e2:5a:cc:41:c7:3c:67:0c:c9:
7e:e1:e0:8a:29:4c:d5:02:25:57:ec:ef:4c:07:2c:94:2c:35:
69:58:5c:b2:47:19:93:2d:f0:ee:3c:12:7b:99:db:3a:07:d8:
aa:58:15:a5:84:dd:4f:65:ec:6b:12:6d:b2:1a:4f:bb:de:cc:
3c:e5:66:5b:7a:81:bb:c1:16:84:00:2d:f4:19:c8:26:a0:a7:
65:ae:12:fe:60:4e:74:17:cd:a1:83:7d:7b:0a:43:be:da:2f:
43:69:8f:65:8e:7b:db:d2:e3:44:72:0c:f3:25:0d:d6:d5:fa:
6b:fd:a5:e6:7e:33:f9:1a:37:f8:79:30:b6:27:1b:56:8e:06:
0e:10:33:97:8f:42:6e:c0:22:dc:bd:66:6e:0d:1a:db:8b:f4:
74:d9:77:a5:14:49:5b:f3:2c:3e:0c:0a:da:6d:e0:57:e9:ae:
57:f5:0a:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2icXlfX04XzPydZkOOsSzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMjEzMTIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGFkOGE5ZTVkMmYxYTc1YzYxMWFmZjk1ZjA2MTRhMWVmZDc1NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtChfaAcFwW05uv8LBRlN4u+eW0vj
w6PJKPfgZwYuKJV2EB7X4WjCa7IXSye7pedkYuNMku6SKDMxFqup5/Nvwy/4orv0
vusaY94bLEaUdn3rm0EO6i6zAykYd/Zzmz3H0wmeOi9LOyQQbKadwye6dzG/wBWh
PKJULHY816E7xUfYUyubo5/UjmizDCBS1TIk2fuQfCHqrsb3oACyp4b1wN6FHcfF
gQM8mJHvXiYUsYDACd/UCBz8IIdXCFMDgaTP4WKtNnVIAX3HTY0UBn2qTVyLOeUA
hRjP9vwCP1fBpID6vEyR6lmU/nwydDz2oBBE5Gbc1n7MMZHToOQN3ukR6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCtip5dLxp1xhGv+V8GFKHv11UqMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEva0syS25sMHZHblhHRWFfNVh3WVVvZV9YVlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoO5AMA0G
CSqGSIb3DQEBCwUAA4IBAQCfoICQnBHfL12DNUBZ1kAGM9HQGU8a13Tck2ywMcSP
KM+dU3+Gfcr5yIxZftXsHAsRA+06oUyVO2i7J0FwlBNvdQl18nSSyx+m10PgfpML
kbDiWsxBxzxnDMl+4eCKKUzVAiVX7O9MByyULDVpWFyyRxmTLfDuPBJ7mds6B9iq
WBWlhN1PZexrEm2yGk+73sw85WZbeoG7wRaEAC30GcgmoKdlrhL+YE50F82hg317
CkO+2i9DaY9ljnvb0uNEcgzzJQ3W1fpr/aXmfjP5Gjf4eTC2JxtWjgYOEDOXj0Ju
wCLcvWZuDRrbi/R02XelFElb8yw+DArabeBX6a5X9Qqi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:08 2025 by rpki-client