Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KGBU1oGXmhaO84ieL01uyFCA8c8.roa
File: KGBU1oGXmhaO84ieL01uyFCA8c8.roa (raw, json)
Hash identifier: Y65VEL7/58QIFJ6BlvfWzLCb1oHUm1+lURMExexDB/8=
Subject key identifier: 28:60:54:D6:81:97:9A:16:8E:F3:88:9E:2F:4D:6E:C8:50:80:F1:CF
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0185EA74FB8AED0F11DC6D145B7C525C76E6
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KGBU1oGXmhaO84ieL01uyFCA8c8.roa
Signing time: Wed 25 Jan 2023 19:43:33 +0000
ROA not before: Wed 25 Jan 2023 19:43:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 23:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ea:74:fb:8a:ed:0f:11:dc:6d:14:5b:7c:52:5c:76:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 25 19:43:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=286054d681979a168ef3889e2f4d6ec85080f1cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:05:7e:05:7f:5a:34:6a:7e:0d:c6:ff:12:fc:
0c:98:86:5d:b5:fb:bd:d8:91:f3:16:97:ce:da:97:
5d:46:52:1e:59:ae:a9:a2:53:d7:3d:76:9f:4c:1b:
b1:20:87:7a:e2:8e:43:b0:1b:2d:3f:6c:50:9d:cc:
77:cf:fe:0f:d3:3b:16:c4:47:c6:53:91:a6:dc:78:
25:1f:26:4f:60:e2:f2:49:a5:d7:3c:2f:f9:54:9a:
69:3b:04:52:53:80:98:a2:39:9c:2e:10:86:bd:f2:
4d:d2:49:e4:30:f5:31:c4:dc:0b:90:44:1c:1a:fd:
6f:0f:d8:1e:a1:ce:a0:08:e9:7d:59:2c:f1:d4:ac:
1a:a4:76:26:26:35:96:a8:fd:15:65:a8:f5:e8:e0:
59:b3:1f:2b:ff:75:1d:ee:1f:78:94:50:e6:be:6c:
a6:d1:c7:29:92:e4:2e:4a:c9:c8:b3:29:6f:a0:b4:
aa:4b:f1:65:f4:fc:1c:fa:7a:9a:b1:c8:37:36:65:
d2:a8:f1:fd:ed:cf:ce:c5:ac:a6:24:7a:d4:72:e2:
82:b0:b0:83:b6:cb:22:4a:a6:aa:5c:81:3e:b8:fb:
cf:90:c6:44:69:51:99:1a:ba:8b:dc:44:4d:24:5c:
c3:aa:91:7c:39:56:9c:d5:2b:6c:5e:69:7e:53:c2:
90:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:60:54:D6:81:97:9A:16:8E:F3:88:9E:2F:4D:6E:C8:50:80:F1:CF
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KGBU1oGXmhaO84ieL01uyFCA8c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
188.132.189.0/24
188.132.191.0/24
188.132.193.0/24
188.132.249.0/24
212.68.35.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
42:11:52:02:a6:f3:81:8c:1f:9f:4e:b8:a2:e2:c0:3c:4f:b9:
b4:d9:80:1e:35:2d:b6:43:5b:80:4d:9b:47:6d:99:48:5b:f3:
74:82:71:dd:26:28:d3:5d:9a:31:0b:e0:af:0d:1b:8e:f5:e0:
0e:92:24:be:0e:3e:82:87:18:d6:ac:c3:fa:7a:af:92:73:76:
bf:ef:2f:1c:0a:eb:4d:a4:2c:2c:af:33:3b:dc:af:2b:de:ce:
74:a6:73:fc:bd:5d:2a:e9:2b:f0:1b:94:a1:2c:e1:fc:1c:0e:
64:6e:df:94:e2:70:66:0e:38:e9:c8:fe:a3:5c:08:10:34:f5:
22:e6:33:6d:9e:a9:f4:12:b9:02:73:ee:99:82:28:12:2c:20:
4b:cf:c1:6a:f8:4f:12:fb:37:54:a1:c0:d9:78:90:c8:2a:72:
24:f9:c7:c5:43:28:fb:64:15:d6:e5:de:fa:03:39:c6:97:70:
2e:67:fc:ad:c1:c4:38:b1:65:77:3e:1e:08:fa:4e:ad:cd:05:
bf:52:08:fe:c7:b5:b7:62:3d:e3:59:3c:65:c2:3b:19:72:bb:
e4:55:d1:ef:55:31:e9:ac:f3:f1:57:0a:4a:53:44:0a:ea:10:
36:67:e4:c8:7e:f2:48:f9:00:5d:93:2d:28:8a:54:d5:8f:e4:
57:3a:06:4a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYXqdPuK7Q8R3G0UW3xSXHbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTI1MTk0MzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYwNTRkNjgxOTc5YTE2OGVmMzg4OWUyZjRkNmVjODUwODBmMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwV+BX9aNGp+Dcb/EvwMmIZdtfu9
2JHzFpfO2pddRlIeWa6polPXPXafTBuxIId64o5DsBstP2xQncx3z/4P0zsWxEfG
U5Gm3HglHyZPYOLySaXXPC/5VJppOwRSU4CYojmcLhCGvfJN0knkMPUxxNwLkEQc
Gv1vD9geoc6gCOl9WSzx1KwapHYmJjWWqP0VZaj16OBZsx8r/3Ud7h94lFDmvmym
0ccpkuQuSsnIsylvoLSqS/Fl9Pwc+nqascg3NmXSqPH97c/OxaymJHrUcuKCsLCD
tssiSqaqXIE+uPvPkMZEaVGZGrqL3ERNJFzDqpF8OVac1StsXml+U8KQLwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFChgVNaBl5oWjvOIni9NbshQgPHPMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvS0dCVTFvR1htaGFPODRpZUwwMXV5RkNBOGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATodJAwQA
vIS9AwQAvIS/AwQAvITBAwQAvIT5AwQA1EQjMAwDBADURDsDBADURDwwDQYJKoZI
hvcNAQELBQADggEBAEIRUgKm84GMH59OuKLiwDxPubTZgB41LbZDW4BNm0dtmUhb
83SCcd0mKNNdmjEL4K8NG4714A6SJL4OPoKHGNasw/p6r5Jzdr/vLxwK602kLCyv
MzvcryveznSmc/y9XSrpK/AblKEs4fwcDmRu35TicGYOOOnI/qNcCBA09SLmM22e
qfQSuQJz7pmCKBIsIEvPwWr4TxL7N1ShwNl4kMgqciT5x8VDKPtkFdbl3voDOcaX
cC5n/K3BxDixZXc+Hgj6Tq3NBb9SCP7HtbdiPeNZPGXCOxlyu+RV0e9VMems8/FX
CkpTRArqEDZn5Mh+8kj5AF2TLSiKVNWP5Fc6Bko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org