Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Kp5qKiQjISvKRylAkIrYORJkzy0.roa
File: Kp5qKiQjISvKRylAkIrYORJkzy0.roa (raw, json)
Hash identifier: Eo+uVnrG3JEWX91/et+EIHChgXW6eDDmLMb9F/dAGNY=
Subject key identifier: 2A:9E:6A:2A:24:23:21:2B:CA:47:29:40:90:8A:D8:39:12:64:CF:2D
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F6675638EC9D84BFCDCF1C9DEC01
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Kp5qKiQjISvKRylAkIrYORJkzy0.roa
Signing time: Mon 01 Jan 2024 08:30:05 +0000
ROA not before: Mon 01 Jan 2024 08:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209474
IP address blocks: 194.62.54.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 11:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f6:67:56:38:ec:9d:84:bf:cd:cf:1c:9d:ec:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a9e6a2a2423212bca472940908ad8391264cf2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d4:9e:0a:40:ea:db:71:5d:35:f9:5e:79:c1:
70:4a:3f:f9:5e:2d:ee:6b:c8:cf:86:0f:cb:85:b4:
83:67:6d:44:86:a2:70:82:e0:63:9c:e5:c2:bf:d6:
f2:03:17:b0:5b:b5:d0:dd:05:6f:37:e5:16:03:12:
88:55:ac:5d:c9:98:a8:8d:8a:dd:37:33:23:9e:66:
6b:87:15:42:51:ac:05:28:0e:19:2c:72:33:88:00:
03:ee:f9:3f:30:3a:9f:26:56:1b:15:7e:bf:f7:0a:
10:f7:65:8e:92:02:a5:33:fb:be:94:11:63:6e:49:
b7:3b:0c:be:69:e8:06:4c:ba:4d:b3:c3:44:7c:d9:
f1:43:83:55:2b:38:e4:fd:6e:77:bd:2f:84:cb:f4:
0f:c3:ce:21:55:a9:13:ad:a1:12:d3:17:32:71:79:
03:02:70:c8:ba:36:cb:05:17:d7:c6:fd:d0:cf:9f:
d7:5b:b9:52:d4:83:ab:53:c9:ed:5b:6a:c2:07:19:
d9:60:36:d4:d3:6b:95:e3:b7:54:3e:9d:0e:b7:7e:
3c:f6:cc:ff:bc:2c:a3:4b:a6:1f:ac:70:27:17:7c:
b0:2d:1d:8a:17:c7:bb:3b:54:82:76:8c:0e:29:15:
ab:9f:56:fb:8b:5d:23:9e:ca:17:ae:71:92:85:5f:
b7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9E:6A:2A:24:23:21:2B:CA:47:29:40:90:8A:D8:39:12:64:CF:2D
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Kp5qKiQjISvKRylAkIrYORJkzy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.239.0/24
194.62.54.0/24
Signature Algorithm: sha256WithRSAEncryption
25:5f:50:d4:44:8b:1a:05:1b:0a:09:7c:45:8f:ea:c5:56:09:
10:ea:ca:97:55:9a:14:14:a9:90:41:2b:85:40:5b:3a:20:82:
da:2b:7e:c1:7b:34:b8:81:12:53:ac:05:f5:ae:0c:d9:76:6e:
ec:c6:b4:db:26:a9:8a:51:1a:20:a6:d2:aa:db:13:8e:f1:6b:
d9:ae:44:b0:ac:1b:95:17:a4:7b:96:56:d1:ee:5e:c6:fd:56:
26:1e:e5:61:71:c9:21:e6:a7:a3:c1:28:45:6c:c8:a9:5c:f0:
72:ea:12:2d:c0:10:5b:b7:e9:0f:72:49:41:fe:39:32:b0:2b:
9f:e6:d5:e6:bf:7c:ec:3d:5a:43:a0:14:47:64:fd:fc:20:00:
a5:7c:03:fd:97:bd:73:3c:91:0e:53:41:c6:1a:f1:aa:2e:0d:
5e:5d:d0:4f:0e:7c:85:9c:7c:5b:86:a6:f7:07:33:bf:8d:25:
e7:da:07:03:cc:1a:4c:14:4b:6e:f2:d3:21:43:4d:94:07:b6:
3e:f9:9e:e1:42:ad:87:87:5d:cb:22:c9:76:4d:6b:8f:85:24:
86:92:8e:6f:eb:72:83:16:3c:88:37:00:04:b7:94:ed:41:45:
d2:43:75:15:7d:f5:20:e4:01:f8:f2:95:5a:49:2f:f1:36:58:
03:0c:c6:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJPZnVjjsnYS/zc8cnewBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTllNmEyYTI0MjMyMTJiY2E0NzI5NDA5MDhhZDgzOTEyNjRjZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNSeCkDq23FdNfleecFwSj/5Xi3u
a8jPhg/LhbSDZ21EhqJwguBjnOXCv9byAxewW7XQ3QVvN+UWAxKIVaxdyZiojYrd
NzMjnmZrhxVCUawFKA4ZLHIziAAD7vk/MDqfJlYbFX6/9woQ92WOkgKlM/u+lBFj
bkm3Owy+aegGTLpNs8NEfNnxQ4NVKzjk/W53vS+Ey/QPw84hVakTraES0xcycXkD
AnDIujbLBRfXxv3Qz5/XW7lS1IOrU8ntW2rCBxnZYDbU02uV47dUPp0Ot3489sz/
vCyjS6YfrHAnF3ywLR2KF8e7O1SCdowOKRWrn1b7i10jnsoXrnGShV+3iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCqeaiokIyErykcpQJCK2DkSZM8tMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvS3A1cUtpUWpJU3ZLUnlsQWtJcllPUkprenkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf7vAwQA
wj42MA0GCSqGSIb3DQEBCwUAA4IBAQAlX1DURIsaBRsKCXxFj+rFVgkQ6sqXVZoU
FKmQQSuFQFs6IILaK37BezS4gRJTrAX1rgzZdm7sxrTbJqmKURogptKq2xOO8WvZ
rkSwrBuVF6R7llbR7l7G/VYmHuVhcckh5qejwShFbMipXPBy6hItwBBbt+kPcklB
/jkysCuf5tXmv3zsPVpDoBRHZP38IAClfAP9l71zPJEOU0HGGvGqLg1eXdBPDnyF
nHxbhqb3BzO/jSXn2gcDzBpMFEtu8tMhQ02UB7Y++Z7hQq2Hh13LIsl2TWuPhSSG
ko5v63KDFjyINwAEt5TtQUXSQ3UVffUg5AH48pVaSS/xNlgDDMa7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org