Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/KXrYd1fPpZnSmPxZTJ62kr5KZRM.roa
File: KXrYd1fPpZnSmPxZTJ62kr5KZRM.roa (raw, json)
Hash identifier: SaE7pqSxuwp4VUWEAGU63QCKdTqRO9U5208o3V5uBYg=
Subject key identifier: 29:7A:D8:77:57:CF:A5:99:D2:98:FC:59:4C:9E:B6:92:BE:4A:65:13
Certificate issuer: /CN=54f87b5a62c1ff0f522812e9add1756bc73384c5
Certificate serial: 0186C08B9DD01727C3D13726858A9A7E0CBB
Authority key identifier: 54:F8:7B:5A:62:C1:FF:0F:52:28:12:E9:AD:D1:75:6B:C7:33:84:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPh7WmLB_w9SKBLprdF1a8czhMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/KXrYd1fPpZnSmPxZTJ62kr5KZRM.roa
Signing time: Wed 08 Mar 2023 09:27:00 +0000
ROA not before: Wed 08 Mar 2023 09:27:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47372
IP address blocks: 185.192.168.0/22 maxlen: 32
93.191.160.0/21 maxlen: 32
2a06:5d00::/30 maxlen: 48
2a06:5d04::/31 maxlen: 48
2a06:5d00::/29 maxlen: 48
2a06:5d06::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:8b:9d:d0:17:27:c3:d1:37:26:85:8a:9a:7e:0c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f87b5a62c1ff0f522812e9add1756bc73384c5
Validity
Not Before: Mar 8 09:27:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=297ad87757cfa599d298fc594c9eb692be4a6513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:37:f8:ab:91:b4:4d:3e:cf:74:c6:67:cb:
3b:3c:04:52:8f:8f:b2:d0:55:8f:9b:23:a1:2a:bc:
de:ad:25:f9:f1:5b:bc:80:19:cc:59:fb:23:54:a5:
6c:97:50:06:42:ca:8c:e2:1f:13:22:bf:b7:ed:42:
71:a8:e9:0a:24:fc:7e:7d:80:10:23:c1:6f:be:01:
85:21:5b:f3:2e:46:79:02:5f:f0:d7:d6:2e:78:06:
17:ad:46:53:77:a1:3c:aa:e8:65:70:4d:20:b4:ff:
06:ec:6b:67:cc:03:88:6c:21:fe:37:06:53:ad:64:
d3:1d:9a:e0:43:34:a9:b9:3b:34:d9:48:e4:77:31:
66:30:69:b1:71:1a:34:52:38:3f:36:14:f7:4f:4b:
3f:bd:a4:94:78:24:94:cc:2c:e3:b7:61:6a:20:58:
cf:ec:ca:28:31:46:a0:9d:e4:73:0e:37:7b:61:43:
0f:17:e6:13:0e:38:12:95:7e:45:0e:4a:28:b3:d4:
d2:f4:15:e7:f4:3a:29:36:7a:d7:e5:4f:88:9b:eb:
fc:50:8c:a4:df:b3:9a:2a:ce:0a:bc:24:c8:a9:67:
10:96:5f:cc:3d:70:bb:cf:50:a3:8d:5d:3f:41:86:
3c:ca:7c:b4:6b:7c:d1:24:68:ee:bc:71:a7:e9:8e:
57:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7A:D8:77:57:CF:A5:99:D2:98:FC:59:4C:9E:B6:92:BE:4A:65:13
X509v3 Authority Key Identifier:
keyid:54:F8:7B:5A:62:C1:FF:0F:52:28:12:E9:AD:D1:75:6B:C7:33:84:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPh7WmLB_w9SKBLprdF1a8czhMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/KXrYd1fPpZnSmPxZTJ62kr5KZRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/VPh7WmLB_w9SKBLprdF1a8czhMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.160.0/21
185.192.168.0/22
IPv6:
2a06:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
23:4f:69:9d:5f:e7:df:46:df:d8:d8:79:2a:9d:42:0d:f5:08:
6d:d9:50:89:22:75:c2:2f:a2:74:ef:7c:d1:e0:62:ef:ff:09:
76:ce:7e:eb:b7:db:80:3f:d0:68:f6:6a:80:95:e7:dd:f7:41:
cd:bb:f4:04:c2:8c:01:f8:55:14:56:a7:17:4d:29:b9:59:79:
ad:72:d6:07:c5:c7:88:f0:84:b4:9a:36:1f:b0:f2:32:6b:0d:
40:c8:df:cc:07:17:04:38:4b:5a:39:ea:ec:6d:98:60:4f:ed:
89:4d:02:50:d6:b0:ee:58:2c:6b:fd:39:00:b1:9c:a9:14:03:
58:a1:af:7a:62:4a:5d:38:73:43:d5:f9:ee:ec:81:b8:0e:91:
85:65:29:84:5c:5d:6b:90:d3:4e:76:a0:89:7e:9d:88:1c:3c:
17:4f:53:86:ba:73:a5:23:f4:e1:20:70:88:43:9c:2d:7e:88:
48:20:39:7a:bd:6b:a0:a9:57:55:fd:5c:cb:40:70:b2:67:c6:
06:fc:d3:6d:38:d8:20:b2:38:e8:94:3a:cd:83:09:2a:31:2f:
bc:7c:b6:f6:0b:55:46:98:f7:1a:9b:a8:e5:a3:95:a7:15:04:
0a:7f:ed:48:2d:5d:36:f5:cf:36:fb:fc:ff:5a:d5:82:4a:6c:
20:fc:f1:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbAi53QFyfD0TcmhYqafgy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Zjg3YjVhNjJjMWZmMGY1MjI4MTJlOWFkZDE3NTZiYzcz
Mzg0YzUwHhcNMjMwMzA4MDkyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTdhZDg3NzU3Y2ZhNTk5ZDI5OGZjNTk0YzllYjY5MmJlNGE2NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph43+KuRtE0+z3TGZ8s7PARSj4+y
0FWPmyOhKrzerSX58Vu8gBnMWfsjVKVsl1AGQsqM4h8TIr+37UJxqOkKJPx+fYAQ
I8FvvgGFIVvzLkZ5Al/w19YueAYXrUZTd6E8quhlcE0gtP8G7GtnzAOIbCH+NwZT
rWTTHZrgQzSpuTs02UjkdzFmMGmxcRo0Ujg/NhT3T0s/vaSUeCSUzCzjt2FqIFjP
7MooMUagneRzDjd7YUMPF+YTDjgSlX5FDkoos9TS9BXn9DopNnrX5U+Im+v8UIyk
37OaKs4KvCTIqWcQll/MPXC7z1CjjV0/QYY8yny0a3zRJGjuvHGn6Y5XIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCl62HdXz6WZ0pj8WUyetpK+SmUTMB8GA1UdIwQY
MBaAFFT4e1piwf8PUigS6a3RdWvHM4TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBoN1dtTEJfdzlTS0JMcHJkRjFhOGN6aE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yY2M0MTktOGUzNC00MWE5LWIyNDMt
ODU1NDE4ZmZlZDQxLzEvS1hyWWQxZlBwWm5TbVB4WlRKNjJrcjVLWlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8yY2M0MTktOGUzNC00MWE5LWIyNDMtODU1NDE4ZmZlZDQx
LzEvVlBoN1dtTEJfdzlTS0JMcHJkRjFhOGN6aE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXb+gAwQC
ucCoMA0EAgACMAcDBQMqBl0AMA0GCSqGSIb3DQEBCwUAA4IBAQAjT2mdX+ffRt/Y
2HkqnUIN9Qht2VCJInXCL6J073zR4GLv/wl2zn7rt9uAP9Bo9mqAlefd90HNu/QE
wowB+FUUVqcXTSm5WXmtctYHxceI8IS0mjYfsPIyaw1AyN/MBxcEOEtaOersbZhg
T+2JTQJQ1rDuWCxr/TkAsZypFANYoa96YkpdOHND1fnu7IG4DpGFZSmEXF1rkNNO
dqCJfp2IHDwXT1OGunOlI/ThIHCIQ5wtfohIIDl6vWugqVdV/VzLQHCyZ8YG/NNt
ONggsjjolDrNgwkqMS+8fLb2C1VGmPcam6jlo5WnFQQKf+1ILV029c82+/z/WtWC
Smwg/PGK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:10 2024 by rpki-client on console-ams.rpki-client.org