Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/V_KPBXbOPkGyqf033bT0DKZ2R7A.roa
File: V_KPBXbOPkGyqf033bT0DKZ2R7A.roa (raw, json)
Hash identifier: NTr6dKdxTm1KUS54qp7WgSux9XfYr4oeHSbq2xPJFg4=
Subject key identifier: 57:F2:8F:05:76:CE:3E:41:B2:A9:FD:37:DD:B4:F4:0C:A6:76:47:B0
Certificate issuer: /CN=cda843e812b16dec60bb7098ca4133117db8474d
Certificate serial: 01856ED4C3671EA22CDA21E5E86D88860D5D
Authority key identifier: CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/V_KPBXbOPkGyqf033bT0DKZ2R7A.roa
Signing time: Sun 01 Jan 2023 19:35:15 +0000
ROA not before: Sun 01 Jan 2023 19:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 185.96.140.0/24 maxlen: 24
2a00:5020::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c3:67:1e:a2:2c:da:21:e5:e8:6d:88:86:0d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cda843e812b16dec60bb7098ca4133117db8474d
Validity
Not Before: Jan 1 19:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57f28f0576ce3e41b2a9fd37ddb4f40ca67647b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1d:e3:ef:0c:b7:17:27:3e:5f:d3:5c:3a:5b:
5c:e9:8b:6f:04:cd:4c:c0:25:dd:b7:cd:3c:68:6a:
19:90:be:2d:7b:b0:42:04:02:25:6f:ff:e2:03:a9:
d7:66:98:bf:3a:39:97:88:d9:fc:a9:bb:60:1b:d5:
e0:27:5a:95:6a:41:81:80:0d:d9:27:57:0d:b3:93:
91:1c:88:76:2f:31:46:86:60:40:99:d3:5b:39:8b:
f4:57:58:58:71:4f:93:04:ae:cc:b6:f7:cd:87:24:
ec:c0:b3:71:80:62:5f:c9:91:a5:81:70:a3:07:9d:
38:e6:17:fb:d2:98:c8:d4:d2:ef:ed:c8:d6:2d:32:
a2:3a:3f:d3:09:c3:23:51:cb:39:7c:7b:ee:c4:67:
76:f9:06:00:8f:73:65:68:03:8e:ab:ba:9d:c1:77:
70:bd:34:b1:e2:4f:c6:c8:e8:85:25:5a:7a:3a:f2:
b9:7d:bd:ad:aa:de:9e:f4:35:d1:fc:66:71:3c:4a:
e8:74:f3:b9:71:66:18:0d:e6:34:87:a8:e4:d9:f6:
5c:de:ab:b5:47:6a:b7:fc:f3:06:5b:51:cd:98:cd:
ea:da:71:5c:b0:88:35:6f:27:0d:2c:8d:43:9d:bb:
da:e2:da:2b:fe:94:10:cf:f4:fd:df:9c:2a:c2:73:
66:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F2:8F:05:76:CE:3E:41:B2:A9:FD:37:DD:B4:F4:0C:A6:76:47:B0
X509v3 Authority Key Identifier:
keyid:CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/V_KPBXbOPkGyqf033bT0DKZ2R7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.140.0/24
IPv6:
2a00:5020::/48
Signature Algorithm: sha256WithRSAEncryption
7e:83:6e:80:9e:4d:b5:72:2f:ac:ad:12:00:a1:91:e9:c8:8e:
c0:60:81:bf:4d:e6:a4:cb:ee:e7:d5:ce:a3:c7:1d:d0:e2:55:
18:9d:17:95:41:f6:5f:74:e3:b9:d5:77:40:c1:95:6f:53:e0:
c2:40:64:c1:bf:24:af:33:22:40:66:2e:0b:5d:86:56:54:1c:
95:3d:02:ee:84:9c:38:a2:95:3e:67:86:37:01:86:09:47:58:
10:3c:c8:1b:10:45:80:f4:5c:e1:e1:71:73:21:d2:95:c4:f6:
fd:fe:69:b4:07:6c:ec:b8:d5:8f:6e:50:85:4a:67:bf:69:94:
e3:b4:81:71:72:ac:03:7e:8d:07:ef:c7:7b:8a:26:48:72:c2:
bb:d9:20:61:ec:a5:73:80:62:62:21:00:70:1a:4c:85:2c:6c:
19:30:05:9a:83:74:80:8e:5a:cb:de:13:f9:d4:fc:ed:f5:25:
a4:e8:b1:34:36:12:03:4a:09:2d:6a:60:85:3c:54:35:73:34:
d7:b5:02:65:92:1a:15:13:e9:bd:4a:e7:77:29:51:58:54:04:
62:96:fd:2c:fd:23:b3:f2:00:64:0e:ae:dc:e7:cb:4b:66:85:
32:95:b6:e7:48:d4:0e:df:aa:de:83:cc:ca:69:88:1a:2e:4b:
e6:81:b6:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVu1MNnHqIs2iHl6G2Ihg1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYTg0M2U4MTJiMTZkZWM2MGJiNzA5OGNhNDEzMzExN2Ri
ODQ3NGQwHhcNMjMwMTAxMTkzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2YyOGYwNTc2Y2UzZTQxYjJhOWZkMzdkZGI0ZjQwY2E2NzY0N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkh3j7wy3Fyc+X9NcOltc6YtvBM1M
wCXdt808aGoZkL4te7BCBAIlb//iA6nXZpi/OjmXiNn8qbtgG9XgJ1qVakGBgA3Z
J1cNs5ORHIh2LzFGhmBAmdNbOYv0V1hYcU+TBK7MtvfNhyTswLNxgGJfyZGlgXCj
B5045hf70pjI1NLv7cjWLTKiOj/TCcMjUcs5fHvuxGd2+QYAj3NlaAOOq7qdwXdw
vTSx4k/GyOiFJVp6OvK5fb2tqt6e9DXR/GZxPErodPO5cWYYDeY0h6jk2fZc3qu1
R2q3/PMGW1HNmM3q2nFcsIg1bycNLI1Dnbva4tor/pQQz/T935wqwnNmVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFfyjwV2zj5Bsqn9N9209AymdkewMB8GA1UdIwQY
MBaAFM2oQ+gSsW3sYLtwmMpBMxF9uEdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQt
ODQyMWQ3ODFiMDNiLzEvVl9LUEJYYk9Qa0d5cWYwMzNiVDBES1oyUjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQtODQyMWQ3ODFiMDNi
LzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWCMMA8E
AgACMAkDBwAqAFAgAAAwDQYJKoZIhvcNAQELBQADggEBAH6DboCeTbVyL6ytEgCh
kenIjsBggb9N5qTL7ufVzqPHHdDiVRidF5VB9l9047nVd0DBlW9T4MJAZMG/JK8z
IkBmLgtdhlZUHJU9Au6EnDiilT5nhjcBhglHWBA8yBsQRYD0XOHhcXMh0pXE9v3+
abQHbOy41Y9uUIVKZ79plOO0gXFyrAN+jQfvx3uKJkhywrvZIGHspXOAYmIhAHAa
TIUsbBkwBZqDdICOWsveE/nU/O31JaTosTQ2EgNKCS1qYIU8VDVzNNe1AmWSGhUT
6b1K53cpUVhUBGKW/Sz9I7PyAGQOrtzny0tmhTKVtudI1A7fqt6DzMppiBouS+aB
tjE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:55 2024 by rpki-client on console-ams.rpki-client.org