Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KlyKht7LfNaabQNNYastyHYKujc.roa
File: KlyKht7LfNaabQNNYastyHYKujc.roa (raw, json)
Hash identifier: TZGxwcJwChXw4/7wBeD9Hj1ibxK3DQkThozZDvnyvGE=
Subject key identifier: 2A:5C:8A:86:DE:CB:7C:D6:9A:6D:03:4D:61:AB:2D:C8:76:0A:BA:37
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53DA68C15EB0092CB5DB766B5C1953
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KlyKht7LfNaabQNNYastyHYKujc.roa
Signing time: Sun 01 Jan 2023 07:55:12 +0000
ROA not before: Sun 01 Jan 2023 07:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213107
IP address blocks: 185.88.174.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 06:28:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:da:68:c1:5e:b0:09:2c:b5:db:76:6b:5c:19:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a5c8a86decb7cd69a6d034d61ab2dc8760aba37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3d:48:55:cc:2f:e5:1d:a8:ac:3a:d3:bf:1e:
4c:27:03:46:1a:5e:80:71:4a:52:1f:28:b5:86:ed:
24:ad:fe:cb:f1:e4:35:44:7c:8a:11:72:41:fb:96:
78:58:3e:33:b4:17:c7:45:db:64:41:d3:a5:19:44:
dd:8d:05:7a:50:4f:60:73:12:ab:4c:62:6f:ba:d9:
fd:a9:5c:7a:cb:6d:a8:64:c4:86:83:c2:fc:f5:0d:
37:b9:bc:d9:83:47:31:82:48:12:73:5f:59:a9:30:
cf:76:99:44:7c:55:43:ee:8e:54:b3:9a:3a:65:f6:
60:9b:cf:3b:de:53:ff:ab:36:df:0f:f0:d7:43:a9:
cf:00:06:19:ab:53:8c:90:3b:30:4b:47:cc:42:1d:
ed:41:01:5c:f8:56:d8:d4:78:7e:17:db:92:7f:e5:
6c:ce:76:15:a6:8a:81:39:95:4d:78:c3:65:3b:fa:
e4:cd:79:3c:4a:da:bb:3c:af:9e:bb:e1:c2:0e:7f:
89:df:f3:e1:6f:ac:fb:e7:74:38:eb:4b:49:ec:2a:
1b:96:9b:2a:a4:d8:a5:da:75:8f:e7:b3:8e:9e:ce:
6d:ab:a4:a7:b0:1d:a4:5b:57:33:6a:ce:68:2f:65:
2d:bb:92:84:d0:a0:95:2b:52:8d:42:90:c8:0e:77:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5C:8A:86:DE:CB:7C:D6:9A:6D:03:4D:61:AB:2D:C8:76:0A:BA:37
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KlyKht7LfNaabQNNYastyHYKujc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.14.0/24
185.88.174.0/24
Signature Algorithm: sha256WithRSAEncryption
67:fd:02:1c:69:54:0b:a3:2e:63:c1:07:08:1a:49:06:ce:1a:
59:a4:e1:9e:e8:6d:2e:05:64:ad:6f:60:58:26:d5:0c:a2:0f:
d9:89:d2:78:13:a7:9e:0e:77:35:ff:e1:92:77:cd:a1:6b:78:
23:63:9a:e2:ad:f7:78:31:5d:c1:5c:7f:38:c6:f3:a9:e4:bc:
c6:59:97:97:de:91:08:4b:a9:cf:3f:f4:37:3e:a9:45:1b:07:
e3:84:23:b8:99:81:21:f7:4c:f1:40:74:0c:a9:7c:94:c0:22:
68:b5:ae:e6:90:e7:4e:14:34:90:19:22:45:ef:5b:32:77:9d:
6a:3c:dd:e8:49:a1:c5:c7:db:f3:71:58:eb:05:56:6d:40:32:
a1:a6:6d:95:d6:c3:25:50:0e:d5:9f:30:f2:e2:06:03:96:2d:
9f:99:34:d3:1c:a7:be:10:5b:33:58:88:d6:6c:7d:e7:26:3e:
e5:4b:66:7f:98:20:85:eb:ec:16:54:a7:a1:3f:bc:c1:e4:6b:
8f:ce:5f:45:5b:ea:b6:7b:3a:c7:5c:54:db:a5:05:b3:7d:c2:
ed:27:83:2b:09:d0:58:c4:f5:13:3e:31:0e:19:93:8e:5c:0c:
1a:c5:a6:71:27:a4:f1:02:fe:d7:17:df:fb:f1:72:b1:ba:93:
d6:5f:2e:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU9powV6wCSy123ZrXBlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTVjOGE4NmRlY2I3Y2Q2OWE2ZDAzNGQ2MWFiMmRjODc2MGFiYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz1IVcwv5R2orDrTvx5MJwNGGl6A
cUpSHyi1hu0krf7L8eQ1RHyKEXJB+5Z4WD4ztBfHRdtkQdOlGUTdjQV6UE9gcxKr
TGJvutn9qVx6y22oZMSGg8L89Q03ubzZg0cxgkgSc19ZqTDPdplEfFVD7o5Us5o6
ZfZgm8873lP/qzbfD/DXQ6nPAAYZq1OMkDswS0fMQh3tQQFc+FbY1Hh+F9uSf+Vs
znYVpoqBOZVNeMNlO/rkzXk8Stq7PK+eu+HCDn+J3/Phb6z753Q460tJ7Coblpsq
pNil2nWP57OOns5tq6SnsB2kW1czas5oL2Utu5KE0KCVK1KNQpDIDncO+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpciobey3zWmm0DTWGrLch2Cro3MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvS2x5S2h0N0xmTmFhYlFOTllhc3R5SFlLdWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVYOAwQA
uViuMA0GCSqGSIb3DQEBCwUAA4IBAQBn/QIcaVQLoy5jwQcIGkkGzhpZpOGe6G0u
BWStb2BYJtUMog/ZidJ4E6eeDnc1/+GSd82ha3gjY5rirfd4MV3BXH84xvOp5LzG
WZeX3pEIS6nPP/Q3PqlFGwfjhCO4mYEh90zxQHQMqXyUwCJota7mkOdOFDSQGSJF
71syd51qPN3oSaHFx9vzcVjrBVZtQDKhpm2V1sMlUA7VnzDy4gYDli2fmTTTHKe+
EFszWIjWbH3nJj7lS2Z/mCCF6+wWVKehP7zB5GuPzl9FW+q2ezrHXFTbpQWzfcLt
J4MrCdBYxPUTPjEOGZOOXAwaxaZxJ6TxAv7XF9/78XKxupPWXy42
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org