Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KXKCUqfK_bX5iHQS-Y7Cgy3PjT0.roa
File: KXKCUqfK_bX5iHQS-Y7Cgy3PjT0.roa (raw, json)
Hash identifier: uhm/tw02rRsfuodLJwJP/DoQTOFmOmFIlvAewZZztuI=
Subject key identifier: 29:72:82:52:A7:CA:FD:B5:F9:88:74:12:F9:8E:C2:83:2D:CF:8D:3D
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018570028EE86A0646630A02840D1772AC81
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KXKCUqfK_bX5iHQS-Y7Cgy3PjT0.roa
Signing time: Mon 02 Jan 2023 01:04:53 +0000
ROA not before: Mon 02 Jan 2023 01:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202561
IP address blocks: 188.132.221.0/24 maxlen: 24
188.132.222.0/24 maxlen: 24
188.132.152.0/24 maxlen: 24
188.132.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 09:15:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:8e:e8:6a:06:46:63:0a:02:84:0d:17:72:ac:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 01:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29728252a7cafdb5f9887412f98ec2832dcf8d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:66:0c:0e:e5:0d:af:62:32:83:81:fa:6e:cd:
3d:42:5e:9a:7f:e7:51:8e:cc:52:65:73:cd:1b:66:
0c:4b:81:38:ae:55:01:c0:86:7d:4f:c8:74:82:e0:
9f:5f:e0:10:70:5b:db:5d:35:8e:de:e9:80:c2:3e:
05:2a:46:d9:c6:14:30:16:3f:6d:20:a0:c3:d1:5d:
07:3f:af:fe:83:3d:5b:b2:a5:84:2a:c5:1f:5a:27:
38:db:e9:12:ee:bd:79:bb:9b:81:ba:6c:c9:00:58:
9a:74:e7:a8:4b:fa:68:fb:74:f4:72:75:ea:53:ac:
cd:7e:68:65:1a:b3:b7:c6:1e:8b:dd:77:31:f0:d8:
76:8a:1f:4b:c9:77:1a:74:bf:60:51:a5:06:f4:13:
65:8a:4f:a2:f4:0a:cd:5f:cf:96:48:7e:cf:ff:c8:
bd:6e:85:72:63:40:6a:21:d5:f2:c2:a2:1e:47:f9:
ec:25:f2:68:af:6c:8b:8b:6a:fd:53:88:6b:5c:5a:
07:87:97:c7:6e:f8:35:63:47:d5:a3:30:05:a9:73:
90:d8:80:78:36:4a:3b:5a:1d:28:c0:cd:49:e4:49:
a6:61:31:98:27:23:3b:0a:c8:53:20:61:c5:ce:16:
e7:3c:61:64:22:45:4f:e4:0c:75:c5:0b:d1:20:6c:
ec:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:72:82:52:A7:CA:FD:B5:F9:88:74:12:F9:8E:C2:83:2D:CF:8D:3D
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KXKCUqfK_bX5iHQS-Y7Cgy3PjT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.152.0/24
188.132.203.0/24
188.132.221.0-188.132.222.255
Signature Algorithm: sha256WithRSAEncryption
34:39:1b:0a:ed:49:08:e9:f5:b2:71:d1:a6:83:16:10:ff:7f:
38:8f:d8:d2:e7:97:f3:7a:71:b7:4e:33:69:d9:21:b6:ae:09:
fa:da:57:2a:1b:d9:d6:74:a5:c1:ed:4a:30:3b:ce:c1:b1:70:
5c:a0:f8:a7:b3:d2:bc:8a:74:54:da:65:f1:6d:d1:41:39:31:
01:d6:3d:6a:df:3a:39:43:02:8f:08:8b:1d:f9:d5:0a:43:b0:
d5:ad:ad:20:20:a1:76:3b:fa:9a:b9:be:4f:c1:25:dc:c9:d2:
ec:ac:ec:73:21:1d:cf:e1:c7:18:3c:29:7c:47:20:25:68:f0:
71:32:57:bc:8b:c2:7b:25:47:c1:73:c7:64:3c:db:18:f3:c6:
a7:83:a4:4b:22:5d:50:59:da:de:f2:f6:16:98:21:05:c2:74:
81:06:26:c1:c1:ec:19:35:ae:bd:02:ed:2a:4c:f2:fc:85:9a:
38:ef:bf:75:4a:63:94:da:57:c2:1a:64:c7:a9:8c:a5:6f:70:
17:05:8d:ea:00:90:3c:b1:50:ef:16:c2:49:59:1c:66:0b:e2:
1b:a5:af:c2:c4:ad:86:5e:bc:4e:22:49:01:ff:71:fd:f6:ac:
79:4c:91:f2:25:84:93:4d:d1:7c:60:f1:eb:97:84:fc:10:30:
ce:c8:bd:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwAo7oagZGYwoChA0XcqyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTAyMDEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTcyODI1MmE3Y2FmZGI1Zjk4ODc0MTJmOThlYzI4MzJkY2Y4ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WYMDuUNr2Iyg4H6bs09Ql6af+dR
jsxSZXPNG2YMS4E4rlUBwIZ9T8h0guCfX+AQcFvbXTWO3umAwj4FKkbZxhQwFj9t
IKDD0V0HP6/+gz1bsqWEKsUfWic42+kS7r15u5uBumzJAFiadOeoS/po+3T0cnXq
U6zNfmhlGrO3xh6L3Xcx8Nh2ih9LyXcadL9gUaUG9BNlik+i9ArNX8+WSH7P/8i9
boVyY0BqIdXywqIeR/nsJfJor2yLi2r9U4hrXFoHh5fHbvg1Y0fVozAFqXOQ2IB4
Nko7Wh0owM1J5EmmYTGYJyM7CshTIGHFzhbnPGFkIkVP5Ax1xQvRIGzsDQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFClyglKnyv21+Yh0EvmOwoMtz409MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvS1hLQ1VxZktfYlg1aUhRUy1ZN0NneTNQalQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAvISYAwQA
vITLMAwDBAC8hN0DBAC8hN4wDQYJKoZIhvcNAQELBQADggEBADQ5GwrtSQjp9bJx
0aaDFhD/fziP2NLnl/N6cbdOM2nZIbauCfraVyob2dZ0pcHtSjA7zsGxcFyg+Kez
0ryKdFTaZfFt0UE5MQHWPWrfOjlDAo8Iix351QpDsNWtrSAgoXY7+pq5vk/BJdzJ
0uys7HMhHc/hxxg8KXxHICVo8HEyV7yLwnslR8Fzx2Q82xjzxqeDpEsiXVBZ2t7y
9haYIQXCdIEGJsHB7Bk1rr0C7SpM8vyFmjjvv3VKY5TaV8IaZMepjKVvcBcFjeoA
kDyxUO8WwklZHGYL4hulr8LErYZevE4iSQH/cf32rHlMkfIlhJNN0Xxg8euXhPwQ
MM7IvVk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org