Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KQY-X85BQ2YJ2Xu-goh4H3DuYtk.roa
File: KQY-X85BQ2YJ2Xu-goh4H3DuYtk.roa (raw, json)
Hash identifier: 9mYCpGJ+AR3/a4TJSfnixlKfdyQmgnTAV69FjxNsM1I=
Subject key identifier: 29:06:3E:5F:CE:41:43:66:09:D9:7B:BE:82:88:78:1F:70:EE:62:D9
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB719BF3C2535E4532DF997DD9470
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KQY-X85BQ2YJ2Xu-goh4H3DuYtk.roa
Signing time: Tue 02 Jan 2024 08:32:42 +0000
ROA not before: Tue 02 Jan 2024 08:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207614
IP address blocks: 5.154.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 12:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b7:19:bf:3c:25:35:e4:53:2d:f9:97:dd:94:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29063e5fce41436609d97bbe8288781f70ee62d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:57:43:f5:69:8c:cb:40:54:53:3d:b2:3f:c4:
7f:07:b7:6e:b4:e1:36:91:df:96:a3:1d:b1:b7:a6:
f6:c6:64:05:81:c1:9a:3a:13:ee:86:ff:56:d2:66:
1b:83:a7:34:db:20:42:f5:74:34:7d:eb:54:50:d8:
5a:ba:37:4b:6a:3d:f9:01:e4:70:bc:b6:8d:72:d1:
ff:3b:c6:f9:13:04:5f:70:e0:81:07:10:fa:e1:19:
e9:08:16:0f:1b:1e:4c:61:99:a5:a4:40:9b:22:97:
73:c3:85:a6:3a:01:f5:4e:91:79:35:ba:96:1c:2f:
55:5a:6f:27:f2:28:13:9e:21:48:10:59:50:71:e3:
ee:08:4f:9d:87:1c:d1:11:0b:c5:47:8f:67:49:19:
7f:4f:23:37:0a:4f:5b:83:a0:6e:54:11:5f:9b:34:
59:85:76:97:0e:51:94:ee:ae:21:db:8f:1c:a7:a7:
94:e2:4f:3a:b8:0b:91:a2:f6:a0:49:62:3f:7e:a6:
2f:22:51:ef:2e:48:5f:ef:3c:4e:76:f1:81:a8:a2:
69:3d:aa:7e:9a:5f:0e:d3:47:86:dc:e5:91:02:7e:
fe:d4:5b:2a:39:40:ac:ec:d0:a4:a3:96:d6:bf:4a:
ee:37:5a:94:56:19:52:35:a2:d9:be:1c:b7:b6:5b:
d8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:06:3E:5F:CE:41:43:66:09:D9:7B:BE:82:88:78:1F:70:EE:62:D9
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KQY-X85BQ2YJ2Xu-goh4H3DuYtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.7.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:5d:e5:ef:15:f3:07:de:a9:fd:55:e2:90:76:1c:c1:a8:f1:
25:3a:38:d1:54:a3:c9:f1:df:32:79:ed:49:e0:59:4e:f8:45:
81:43:a9:69:cb:6b:e8:77:8b:bd:30:bf:d8:b9:cf:dc:dd:6b:
69:bd:35:b8:33:1c:84:3f:7b:89:be:fa:de:01:4f:0f:20:1a:
01:9f:bc:ef:a0:8d:4a:68:4a:cf:5d:48:43:e5:c5:b3:62:a7:
1d:62:cd:79:9a:dc:10:ae:37:62:ba:82:08:7a:bd:8a:7c:02:
a8:c9:92:ac:80:1f:c6:77:e9:fa:f1:66:e2:0f:a3:53:be:00:
66:c7:48:e5:8c:bb:23:66:d0:b0:dd:22:73:f2:15:fe:38:87:
8f:3d:99:f9:65:4e:8c:33:c0:a2:3a:5c:d3:6c:fc:cd:84:d3:
f8:fa:fd:cd:7b:08:32:7a:f9:63:e4:26:a9:26:73:dd:b6:df:
1b:15:cd:17:99:74:75:76:e7:80:4a:f8:76:3e:ae:20:f4:63:
e9:64:48:c5:07:f0:65:a5:01:8d:dd:22:b5:75:d4:d9:6c:91:
de:99:3b:90:bc:43:c9:43:94:39:f3:07:c9:bd:a0:cd:70:6c:
f6:12:35:ea:55:d8:d5:6b:c3:80:4e:e7:9b:bd:fa:13:b5:f1:
6c:51:cc:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTbcZvzwlNeRTLfmX3ZRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA2M2U1ZmNlNDE0MzY2MDlkOTdiYmU4Mjg4NzgxZjcwZWU2MmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjldD9WmMy0BUUz2yP8R/B7dutOE2
kd+Wox2xt6b2xmQFgcGaOhPuhv9W0mYbg6c02yBC9XQ0fetUUNhaujdLaj35AeRw
vLaNctH/O8b5EwRfcOCBBxD64RnpCBYPGx5MYZmlpECbIpdzw4WmOgH1TpF5NbqW
HC9VWm8n8igTniFIEFlQcePuCE+dhxzREQvFR49nSRl/TyM3Ck9bg6BuVBFfmzRZ
hXaXDlGU7q4h248cp6eU4k86uAuRovagSWI/fqYvIlHvLkhf7zxOdvGBqKJpPap+
ml8O00eG3OWRAn7+1FsqOUCs7NCko5bWv0ruN1qUVhlSNaLZvhy3tlvYCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkGPl/OQUNmCdl7voKIeB9w7mLZMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvS1FZLVg4NUJRMllKMlh1LWdvaDRIM0R1WXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZoHMA0G
CSqGSIb3DQEBCwUAA4IBAQC/XeXvFfMH3qn9VeKQdhzBqPElOjjRVKPJ8d8yee1J
4FlO+EWBQ6lpy2vod4u9ML/Yuc/c3WtpvTW4MxyEP3uJvvreAU8PIBoBn7zvoI1K
aErPXUhD5cWzYqcdYs15mtwQrjdiuoIIer2KfAKoyZKsgB/Gd+n68WbiD6NTvgBm
x0jljLsjZtCw3SJz8hX+OIePPZn5ZU6MM8CiOlzTbPzNhNP4+v3Newgyevlj5Cap
JnPdtt8bFc0XmXR1dueASvh2Pq4g9GPpZEjFB/BlpQGN3SK1ddTZbJHemTuQvEPJ
Q5Q58wfJvaDNcGz2EjXqVdjVa8OATuebvfoTtfFsUcyK
-----END CERTIFICATE-----
Generated at Tue Feb 20 14:54:01 2024 by rpki-client on console-fra.rpki-client.org