Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/KBxeq_f8USano-LOhY3_GxZDZu8.roa
File: KBxeq_f8USano-LOhY3_GxZDZu8.roa (raw, json)
Hash identifier: vu0k3LdAHhsEQ++I0LzMHrCMQg/JoFSK8PGeq8/LAjA=
Subject key identifier: 28:1C:5E:AB:F7:FC:51:26:A7:A3:E2:CE:85:8D:FF:1B:16:43:66:EF
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 01856D66372B32D9DCC378DE882AA790E2E3
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/KBxeq_f8USano-LOhY3_GxZDZu8.roa
Signing time: Sun 01 Jan 2023 12:54:53 +0000
ROA not before: Sun 01 Jan 2023 12:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61026
IP address blocks: 185.9.22.0/23 maxlen: 24
82.196.16.0/21 maxlen: 24
91.232.187.0/24 maxlen: 24
185.20.42.0/24 maxlen: 24
185.20.40.0/22 maxlen: 22
185.20.43.0/24 maxlen: 24
185.20.40.0/24 maxlen: 24
185.20.41.0/24 maxlen: 24
2a04:1500::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:37:2b:32:d9:dc:c3:78:de:88:2a:a7:90:e2:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 12:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=281c5eabf7fc5126a7a3e2ce858dff1b164366ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f7:df:d0:33:be:93:da:a2:c4:35:ff:6a:0a:
34:c9:dc:b8:65:58:f2:18:36:40:75:87:bf:af:6f:
bb:0d:7a:12:16:b4:75:b8:91:41:9b:7d:9a:9d:95:
dc:d4:8f:94:b8:8c:a1:12:3c:79:71:02:eb:ba:40:
76:31:36:1e:cf:f2:ea:cc:7d:dc:1e:e6:84:85:0a:
d3:2f:a2:51:70:74:91:f1:c3:fa:8c:6b:8a:cf:a8:
62:12:9b:9f:2f:3c:05:4a:6c:92:b0:05:f1:3d:50:
dc:6a:46:c2:5a:8a:bc:f8:e7:bd:f6:bf:1d:9a:c7:
c8:82:12:a1:d8:a5:81:d7:2e:cb:c1:7b:22:8a:5c:
60:19:ab:d0:ae:9d:e8:bb:d0:86:6b:82:69:10:a0:
db:4a:23:3a:0f:8b:46:d7:1c:b3:db:3c:a4:f9:3b:
42:81:5e:2e:8a:2f:7a:c4:b6:13:06:d7:13:05:9c:
06:70:04:a1:a4:a0:54:c2:f5:c0:65:2f:71:f8:bd:
d5:e0:84:10:e1:1e:bb:a6:20:d2:1f:ae:a7:79:35:
a6:6d:b8:12:b5:b5:25:6c:3e:32:c2:68:d4:55:35:
2c:36:eb:de:c6:a1:24:bb:df:a6:cf:97:3e:e0:a5:
2c:d0:e7:2d:42:df:75:be:b5:ac:4c:56:25:fa:ac:
7b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1C:5E:AB:F7:FC:51:26:A7:A3:E2:CE:85:8D:FF:1B:16:43:66:EF
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/KBxeq_f8USano-LOhY3_GxZDZu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
91.232.187.0/24
185.9.22.0/23
185.20.40.0/22
IPv6:
2a04:1500::/29
Signature Algorithm: sha256WithRSAEncryption
ab:8c:86:44:28:b9:71:a5:d0:2e:8c:e4:b1:f2:6e:fd:a8:06:
b7:fe:21:41:03:c9:19:bd:0e:e7:2d:e0:39:90:7c:54:a9:c6:
7d:f4:36:4b:d6:fa:2d:7c:17:4c:b8:c8:a3:b0:d6:59:1d:ad:
97:3f:19:bd:89:a5:e6:7e:b9:f7:09:88:8e:b6:cd:12:5c:15:
7d:ad:85:63:5d:08:a1:4c:ce:b5:6d:aa:a1:ef:ad:2d:ae:d2:
13:71:cb:73:a5:a5:0f:07:36:53:28:cc:59:2e:93:3d:e2:4b:
39:d5:95:48:65:1a:d8:14:1d:67:14:5d:35:4b:18:98:6a:13:
0c:e4:dd:a7:91:01:09:d7:82:50:9e:90:bd:4e:aa:47:e3:f6:
88:47:18:a2:95:79:d4:7d:d6:e7:79:a9:bc:c1:3b:5d:27:aa:
26:65:55:54:5f:56:e0:e3:9e:c4:0e:39:81:e5:ae:51:b7:77:
7a:59:16:85:34:01:14:14:ea:9d:00:9b:d3:c7:6c:9d:3c:ae:
c7:f1:ed:88:4d:84:4d:14:3e:60:8c:e6:ad:df:2b:f8:f7:88:
df:e9:6a:7c:fc:b7:5b:0f:b3:b7:1b:ea:bd:57:78:52:f6:57:
0a:69:68:ae:97:5b:be:65:eb:eb:bc:8b:db:ef:7d:70:55:4a:
d7:eb:24:d7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtZjcrMtncw3jeiCqnkOLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjMwMTAxMTI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFjNWVhYmY3ZmM1MTI2YTdhM2UyY2U4NThkZmYxYjE2NDM2NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifff0DO+k9qixDX/ago0ydy4ZVjy
GDZAdYe/r2+7DXoSFrR1uJFBm32anZXc1I+UuIyhEjx5cQLrukB2MTYez/LqzH3c
HuaEhQrTL6JRcHSR8cP6jGuKz6hiEpufLzwFSmySsAXxPVDcakbCWoq8+Oe99r8d
msfIghKh2KWB1y7LwXsiilxgGavQrp3ou9CGa4JpEKDbSiM6D4tG1xyz2zyk+TtC
gV4uii96xLYTBtcTBZwGcAShpKBUwvXAZS9x+L3V4IQQ4R67piDSH66neTWmbbgS
tbUlbD4ywmjUVTUsNuvexqEku9+mz5c+4KUs0OctQt91vrWsTFYl+qx7lQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCgcXqv3/FEmp6PizoWN/xsWQ2bvMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvS0J4ZXFfZjhVU2Fuby1MT2hZM19HeFpEWnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDUsQQAwQA
W+i7AwQBuQkWAwQCuRQoMA0EAgACMAcDBQMqBBUAMA0GCSqGSIb3DQEBCwUAA4IB
AQCrjIZEKLlxpdAujOSx8m79qAa3/iFBA8kZvQ7nLeA5kHxUqcZ99DZL1votfBdM
uMijsNZZHa2XPxm9iaXmfrn3CYiOts0SXBV9rYVjXQihTM61baqh760trtITcctz
paUPBzZTKMxZLpM94ks51ZVIZRrYFB1nFF01SxiYahMM5N2nkQEJ14JQnpC9TqpH
4/aIRxiilXnUfdbneam8wTtdJ6omZVVUX1bg457EDjmB5a5Rt3d6WRaFNAEUFOqd
AJvTx2ydPK7H8e2ITYRNFD5gjOat3yv494jf6Wp8/LdbD7O3G+q9V3hS9lcKaWiu
l1u+ZevrvIvb731wVUrX6yTX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:58 2024 by rpki-client on console-fra.rpki-client.org