Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/KJsLZMTlghW4Gk9CRmj_PitGEPA.roa
File: KJsLZMTlghW4Gk9CRmj_PitGEPA.roa (raw, json)
Hash identifier: WTuGbhI/iDAS2s6eO4Z9Ddw2c9hYAk0pkdL5mKobj6k=
Subject key identifier: 28:9B:0B:64:C4:E5:82:15:B8:1A:4F:42:46:68:FF:3E:2B:46:10:F0
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0186174ADF93C46544F9D2AAABD77C5C43D6
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/KJsLZMTlghW4Gk9CRmj_PitGEPA.roa
Signing time: Fri 03 Feb 2023 12:40:28 +0000
ROA not before: Fri 03 Feb 2023 12:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210546
IP address blocks: 194.113.233.0/24 maxlen: 24
193.37.70.0/24 maxlen: 24
80.66.87.0/24 maxlen: 24
80.66.89.0/24 maxlen: 24
87.251.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:4a:df:93:c4:65:44:f9:d2:aa:ab:d7:7c:5c:43:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Feb 3 12:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289b0b64c4e58215b81a4f424668ff3e2b4610f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:42:02:de:a0:39:9e:98:07:20:e8:3a:f9:49:
c2:90:bc:38:9d:6e:b2:be:9f:35:af:84:00:fb:b4:
77:fb:1c:cc:10:74:54:1a:e8:d5:4f:c4:3a:19:fd:
94:7f:b2:04:f9:75:32:62:e8:11:3f:b3:e6:73:7c:
08:49:b9:df:49:d7:7e:56:5c:e6:2b:19:3a:0c:37:
88:77:de:d6:06:65:4f:cd:7e:f3:c0:d6:c1:81:d1:
b8:dc:22:fd:f1:cb:a8:b6:94:68:f0:c2:b2:62:0d:
1a:ce:d6:c5:01:ba:cc:fb:83:80:53:43:9e:3b:1d:
40:53:5d:ae:f8:d4:5c:7d:fc:c3:c4:9e:3e:6d:cf:
3b:23:98:4e:cc:2f:c9:fb:ba:ff:44:22:00:4a:da:
f1:47:52:db:7b:20:7e:76:63:20:f9:4f:05:ca:c8:
fd:c9:0d:42:32:6b:40:98:f2:d9:c7:5d:0d:d2:e5:
94:38:0d:8f:b1:75:19:29:95:d5:2e:c5:a0:d4:a7:
52:77:67:2b:46:fa:4e:6c:16:74:05:0e:1f:5e:e5:
94:b8:79:bd:4e:19:4f:f3:4d:cd:48:46:b0:6a:29:
f4:78:20:1b:86:96:d0:f5:2f:ac:ef:43:32:c1:94:
5a:5a:c2:b8:ea:54:f7:c8:f4:50:b2:74:32:b1:d7:
6b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9B:0B:64:C4:E5:82:15:B8:1A:4F:42:46:68:FF:3E:2B:46:10:F0
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/KJsLZMTlghW4Gk9CRmj_PitGEPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.87.0/24
80.66.89.0/24
87.251.78.0/24
193.37.70.0/24
194.113.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:5a:c2:bd:15:96:4f:8c:56:65:ae:8a:ed:e2:13:0d:f8:8e:
24:fe:f8:ca:96:fe:5e:7e:4d:c6:4b:54:b4:bc:74:d5:33:0c:
2a:bb:8b:76:47:6e:ce:ee:41:ba:6c:06:2d:56:ad:68:f4:77:
5b:7e:02:f1:38:27:2a:82:d9:b4:72:45:d7:5e:00:11:15:5f:
3c:ba:6a:be:0f:54:b4:53:3e:6c:d3:83:b6:8c:99:95:f3:c2:
d2:28:90:a0:68:21:61:09:24:73:9e:0f:40:21:e8:52:6e:1e:
20:6e:d0:c1:91:20:ef:af:7d:c0:f2:26:25:d8:7e:c2:83:02:
6a:bc:03:57:5e:65:56:e2:0e:63:c8:a7:8a:8d:18:b8:ff:51:
40:79:ab:b1:13:cc:6f:9f:25:3e:05:47:2c:75:08:1c:fd:13:
3d:99:ff:c9:c5:48:60:2d:1e:d6:05:80:ef:59:32:18:55:6e:
92:d8:cd:96:f3:4a:e7:13:02:00:5b:52:4a:91:0c:0b:7e:f4:
8e:06:04:f2:77:ae:e1:8b:f4:ad:9c:f5:58:eb:32:69:d2:31:
72:13:7e:68:e8:16:4a:f1:c5:42:6c:48:46:b4:e9:db:41:8b:
99:55:d4:15:d5:84:f4:d2:f5:04:e7:f2:f4:1c:cf:e2:17:3c:
93:a3:d5:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYXSt+TxGVE+dKqq9d8XEPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMwMjAzMTI0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODliMGI2NGM0ZTU4MjE1YjgxYTRmNDI0NjY4ZmYzZTJiNDYxMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUIC3qA5npgHIOg6+UnCkLw4nW6y
vp81r4QA+7R3+xzMEHRUGujVT8Q6Gf2Uf7IE+XUyYugRP7Pmc3wISbnfSdd+Vlzm
Kxk6DDeId97WBmVPzX7zwNbBgdG43CL98cuotpRo8MKyYg0aztbFAbrM+4OAU0Oe
Ox1AU12u+NRcffzDxJ4+bc87I5hOzC/J+7r/RCIAStrxR1LbeyB+dmMg+U8Fysj9
yQ1CMmtAmPLZx10N0uWUOA2PsXUZKZXVLsWg1KdSd2crRvpObBZ0BQ4fXuWUuHm9
ThlP803NSEawain0eCAbhpbQ9S+s70MywZRaWsK46lT3yPRQsnQysddrZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCibC2TE5YIVuBpPQkZo/z4rRhDwMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvS0pzTFpNVGxnaFc0R2s5Q1Jtal9QaXRHRVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEJXAwQA
UEJZAwQAV/tOAwQAwSVGAwQAwnHpMA0GCSqGSIb3DQEBCwUAA4IBAQBaWsK9FZZP
jFZlrort4hMN+I4k/vjKlv5efk3GS1S0vHTVMwwqu4t2R27O7kG6bAYtVq1o9Hdb
fgLxOCcqgtm0ckXXXgARFV88umq+D1S0Uz5s04O2jJmV88LSKJCgaCFhCSRzng9A
IehSbh4gbtDBkSDvr33A8iYl2H7CgwJqvANXXmVW4g5jyKeKjRi4/1FAeauxE8xv
nyU+BUcsdQgc/RM9mf/JxUhgLR7WBYDvWTIYVW6S2M2W80rnEwIAW1JKkQwLfvSO
BgTyd67hi/StnPVY6zJp0jFyE35o6BZK8cVCbEhGtOnbQYuZVdQV1YT00vUE5/L0
HM/iFzyTo9Uu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:36 2023 by rpki-client on console-ams.rpki-client.org