Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KjmnFYAwxunvOVDdoFnHQeCS1mo.roa
File: KjmnFYAwxunvOVDdoFnHQeCS1mo.roa (raw, json)
Hash identifier: msQO6XAyG0kX98N0Cv1tfb++lm3YtttnrEf25GAEgLo=
Subject key identifier: 2A:39:A7:15:80:30:C6:E9:EF:39:50:DD:A0:59:C7:41:E0:92:D6:6A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A4F8403AB6940DF3BC06F1094C588
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KjmnFYAwxunvOVDdoFnHQeCS1mo.roa
Signing time: Tue 02 Jan 2024 12:33:39 +0000
ROA not before: Tue 02 Jan 2024 12:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209668
IP address blocks: 92.253.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 10:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:4f:84:03:ab:69:40:df:3b:c0:6f:10:94:c5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a39a7158030c6e9ef3950dda059c741e092d66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a3:ba:0f:20:72:16:cb:a0:83:c0:79:42:86:
d2:2c:fe:9c:84:cd:18:d5:09:40:02:94:9d:16:16:
a4:35:7b:2e:9c:84:52:18:d8:bb:c5:96:05:4c:df:
6e:0a:09:85:79:fc:ee:c3:17:2f:47:e6:dc:85:c8:
3d:58:21:c2:97:05:18:92:7c:06:f5:93:9b:6b:88:
67:b4:0c:37:d6:48:2f:1e:44:c8:60:9f:81:da:d1:
56:82:e0:0a:55:a8:8c:b1:5a:b9:a5:a3:4c:b9:4d:
6b:b0:48:a9:c2:34:2d:b0:29:90:1d:88:05:22:98:
f4:65:bd:f9:b7:c2:ab:43:91:8e:eb:b2:3f:98:5e:
97:a7:5d:58:d0:be:d0:97:55:f3:af:a0:e3:47:ca:
41:7e:c5:78:1e:71:59:62:be:ea:aa:41:8f:de:8c:
2d:13:31:e6:cd:01:fd:6b:2b:55:ba:ad:b0:31:38:
ec:b6:75:a8:3d:51:ee:92:31:7c:41:8c:56:e2:11:
93:d4:de:63:8a:2d:46:ca:93:c5:1e:d0:c6:0c:37:
6c:b8:cc:d9:b5:bb:06:6c:79:f6:70:56:d1:c3:7a:
70:0c:69:01:2d:76:ed:81:17:83:9c:77:ac:94:b5:
03:51:18:69:d3:26:f5:c8:fb:f9:44:12:65:17:88:
35:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:39:A7:15:80:30:C6:E9:EF:39:50:DD:A0:59:C7:41:E0:92:D6:6A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KjmnFYAwxunvOVDdoFnHQeCS1mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.253.232.0/24
Signature Algorithm: sha256WithRSAEncryption
93:70:b2:75:74:2e:18:b6:8b:1b:10:b7:29:43:a7:dd:6f:f1:
fc:48:a4:17:29:8a:5a:bd:c0:8c:04:29:ba:0d:fe:f1:89:03:
36:c6:0e:6a:9f:c7:fa:72:f5:53:80:43:8d:ad:b7:1a:72:ad:
cb:f2:ac:d2:22:b9:27:d7:f4:47:28:98:8f:62:65:47:21:2e:
12:a7:15:a9:72:37:c6:e0:99:5d:df:9a:e1:78:85:f3:8f:71:
17:30:a5:86:4b:2f:8e:b0:8a:11:18:2e:4b:d3:10:d0:be:f7:
07:1e:7e:25:d8:8d:74:ba:fa:72:33:b2:38:58:27:50:5b:aa:
be:dc:18:d9:46:5b:11:4a:15:ba:6d:9f:ad:96:f4:b5:22:06:
ed:92:af:72:c1:85:10:eb:36:55:45:18:c6:94:ae:a4:8a:05:
a4:6a:86:f2:15:a7:98:58:15:17:34:85:12:aa:0c:5a:2b:c9:
73:db:56:75:f0:f7:0a:b9:d0:bb:97:82:67:1b:b8:ec:5c:5d:
45:e0:25:7d:39:e4:f8:77:24:a2:62:18:79:a0:2c:2f:f7:42:
9a:23:6e:c7:7d:18:02:d0:d8:c3:69:7c:0e:b5:fe:05:c6:eb:
ab:11:69:1e:49:9d:1b:22:80:10:18:b7:49:a1:fc:ba:58:46:
0a:22:60:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKk+EA6tpQN87wG8QlMWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM5YTcxNTgwMzBjNmU5ZWYzOTUwZGRhMDU5Yzc0MWUwOTJkNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqO6DyByFsugg8B5QobSLP6chM0Y
1QlAApSdFhakNXsunIRSGNi7xZYFTN9uCgmFefzuwxcvR+bchcg9WCHClwUYknwG
9ZOba4hntAw31kgvHkTIYJ+B2tFWguAKVaiMsVq5paNMuU1rsEipwjQtsCmQHYgF
Ipj0Zb35t8KrQ5GO67I/mF6Xp11Y0L7Ql1Xzr6DjR8pBfsV4HnFZYr7qqkGP3owt
EzHmzQH9aytVuq2wMTjstnWoPVHukjF8QYxW4hGT1N5jii1GypPFHtDGDDdsuMzZ
tbsGbHn2cFbRw3pwDGkBLXbtgReDnHeslLUDURhp0yb1yPv5RBJlF4g1GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCo5pxWAMMbp7zlQ3aBZx0HgktZqMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvS2ptbkZZQXd4dW52T1ZEZG9GbkhRZUNTMW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXP3oMA0G
CSqGSIb3DQEBCwUAA4IBAQCTcLJ1dC4YtosbELcpQ6fdb/H8SKQXKYpavcCMBCm6
Df7xiQM2xg5qn8f6cvVTgEONrbcacq3L8qzSIrkn1/RHKJiPYmVHIS4SpxWpcjfG
4Jld35rheIXzj3EXMKWGSy+OsIoRGC5L0xDQvvcHHn4l2I10uvpyM7I4WCdQW6q+
3BjZRlsRShW6bZ+tlvS1Igbtkq9ywYUQ6zZVRRjGlK6kigWkaobyFaeYWBUXNIUS
qgxaK8lz21Z18PcKudC7l4JnG7jsXF1F4CV9OeT4dySiYhh5oCwv90KaI27HfRgC
0NjDaXwOtf4FxuurEWkeSZ0bIoAQGLdJofy6WEYKImBc
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:15 2025 by rpki-client