Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/KRp1vlVa1MRP7zCDfqgydN08HtY.roa
File: KRp1vlVa1MRP7zCDfqgydN08HtY.roa (raw, json)
Hash identifier: JKZVVLoqGkmqJ/nC5FttXVYJIHoY+Dl/9gFBQ8AsFx0=
Subject key identifier: 29:1A:75:BE:55:5A:D4:C4:4F:EF:30:83:7E:A8:32:74:DD:3C:1E:D6
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018925040FD662706C69A108D4723C32F1D6
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/KRp1vlVa1MRP7zCDfqgydN08HtY.roa
Signing time: Wed 05 Jul 2023 07:46:10 +0000
ROA not before: Wed 05 Jul 2023 07:46:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jul 2023 09:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:04:0f:d6:62:70:6c:69:a1:08:d4:72:3c:32:f1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jul 5 07:46:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=291a75be555ad4c44fef30837ea83274dd3c1ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8a:8f:d6:68:98:72:0c:2a:50:7a:dd:6f:67:
a0:75:63:89:a1:9c:df:1b:e4:8b:ed:3d:18:ba:f4:
36:a9:b1:7b:05:64:17:14:2f:6a:71:05:fb:44:f0:
39:5a:42:52:65:43:c3:5b:7f:91:02:96:5d:f8:16:
03:e7:22:d6:67:e1:99:36:66:42:f1:32:e8:02:9a:
b6:17:40:4e:eb:11:fb:2a:ab:b4:2d:24:b6:b4:1c:
96:a9:ea:b3:6f:e3:0c:eb:57:d8:13:0d:40:f1:93:
ed:eb:d9:54:91:ab:e6:ad:b1:95:90:0e:5b:1b:c6:
3d:81:92:f2:db:84:03:03:8f:da:75:f4:09:8c:c0:
6a:bf:3d:60:74:c8:c9:59:de:17:90:98:91:43:9b:
8e:a3:59:0f:33:82:7c:75:e4:d5:b4:3d:4f:a2:b5:
4c:10:8b:68:3a:34:66:54:cf:77:cb:7e:e0:ce:9c:
7b:d2:eb:6d:9e:8e:15:fe:c0:6b:0b:0f:5b:b4:f5:
69:ce:85:eb:c1:56:de:fc:7a:c4:87:ce:00:b7:8b:
09:25:81:7d:65:74:73:69:1a:c4:14:a0:41:b9:d0:
04:cc:46:41:bc:6e:13:76:2d:af:ab:4e:d3:72:26:
0c:4a:a3:06:77:0b:cd:1a:6e:27:28:b4:50:9e:bf:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1A:75:BE:55:5A:D4:C4:4F:EF:30:83:7E:A8:32:74:DD:3C:1E:D6
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/KRp1vlVa1MRP7zCDfqgydN08HtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.54.0/24
45.94.213.0/24
89.46.217.0/24
185.3.200.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:f7:57:b0:77:22:17:70:53:e9:53:c1:90:04:e8:0f:fc:4d:
e5:f6:7c:fa:54:a1:51:1b:a8:37:4d:2c:07:42:de:ac:cd:46:
4a:e5:d2:e0:f3:27:5b:00:62:28:1e:12:d1:22:7d:99:1e:4f:
b4:d6:58:7e:43:b6:fb:52:b4:f7:e2:c3:e1:3f:74:9a:b2:d7:
3b:b0:e2:a9:31:10:ba:bc:c7:59:f4:79:5d:8e:4d:6c:ad:12:
eb:e7:27:63:1f:4c:e3:58:58:41:95:99:60:e0:87:58:35:6d:
15:5f:94:eb:91:bf:cd:1b:a9:8d:d3:01:f3:d9:ba:ea:54:04:
3a:19:36:09:49:6d:40:4a:67:3f:60:e1:e7:31:62:99:1f:50:
8f:c5:37:2a:f7:9e:3d:8c:bd:78:50:2d:c9:11:85:37:c5:9c:
e1:dd:fa:e0:cc:d8:ae:c1:cd:aa:df:70:e1:85:d7:9d:ea:0d:
23:f4:56:03:28:b9:d0:18:8c:a2:1c:a5:e0:b9:14:74:55:ea:
b8:c6:f5:6f:c8:2c:24:6e:49:cf:31:87:29:81:d8:8f:5c:8f:
14:05:4f:b5:85:05:8f:0c:d6:e8:e1:cc:db:b5:c5:17:e4:92:
6a:90:4f:dc:bf:19:a1:a8:c3:42:d8:89:ed:7e:87:3a:c5:98:
da:d4:c3:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYklBA/WYnBsaaEI1HI8MvHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNzA1MDc0NjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTFhNzViZTU1NWFkNGM0NGZlZjMwODM3ZWE4MzI3NGRkM2MxZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIqP1miYcgwqUHrdb2egdWOJoZzf
G+SL7T0YuvQ2qbF7BWQXFC9qcQX7RPA5WkJSZUPDW3+RApZd+BYD5yLWZ+GZNmZC
8TLoApq2F0BO6xH7Kqu0LSS2tByWqeqzb+MM61fYEw1A8ZPt69lUkavmrbGVkA5b
G8Y9gZLy24QDA4/adfQJjMBqvz1gdMjJWd4XkJiRQ5uOo1kPM4J8deTVtD1PorVM
EItoOjRmVM93y37gzpx70uttno4V/sBrCw9btPVpzoXrwVbe/HrEh84At4sJJYF9
ZXRzaRrEFKBBudAEzEZBvG4Tdi2vq07TciYMSqMGdwvNGm4nKLRQnr8s4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCkadb5VWtTET+8wg36oMnTdPB7WMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvS1JwMXZsVmExTVJQN3pDRGZxZ3lkTjA4SHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZ82AwQA
LV7VAwQAWS7ZAwQAuQPIAwQBue8CMA0GCSqGSIb3DQEBCwUAA4IBAQCc91ewdyIX
cFPpU8GQBOgP/E3l9nz6VKFRG6g3TSwHQt6szUZK5dLg8ydbAGIoHhLRIn2ZHk+0
1lh+Q7b7UrT34sPhP3Sastc7sOKpMRC6vMdZ9Hldjk1srRLr5ydjH0zjWFhBlZlg
4IdYNW0VX5Trkb/NG6mN0wHz2brqVAQ6GTYJSW1ASmc/YOHnMWKZH1CPxTcq9549
jL14UC3JEYU3xZzh3frgzNiuwc2q33Dhhded6g0j9FYDKLnQGIyiHKXguRR0Veq4
xvVvyCwkbknPMYcpgdiPXI8UBU+1hQWPDNbo4czbtcUX5JJqkE/cvxmhqMNC2Int
foc6xZja1MMK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org