Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/kvcdTKco9HfpqFyWkFzWsTBLEcY.roa
File: kvcdTKco9HfpqFyWkFzWsTBLEcY.roa (raw, json)
Hash identifier: Jdv0ZAw2As0eSBN8eFtNKC1Y2vckUqx3J5JUaCfRHQ0=
Subject key identifier: 92:F7:1D:4C:A7:28:F4:77:E9:A8:5C:96:90:5C:D6:B1:30:4B:11:C6
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 0189A894BD45261D201B1FD9E335DE7E14D7
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/kvcdTKco9HfpqFyWkFzWsTBLEcY.roa
Signing time: Sun 30 Jul 2023 20:54:27 +0000
ROA not before: Sun 30 Jul 2023 20:54:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49740
IP address blocks: 85.187.160.0/20 maxlen: 20
194.69.202.0/24 maxlen: 24
85.187.176.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a8:94:bd:45:26:1d:20:1b:1f:d9:e3:35:de:7e:14:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jul 30 20:54:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92f71d4ca728f477e9a85c96905cd6b1304b11c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:60:a6:8e:88:ec:8f:e6:2a:64:a6:7c:d2:18:
e5:9b:a6:c4:ba:e7:76:ff:40:f5:03:ea:93:8c:ab:
b6:a2:34:84:70:c9:92:2d:db:aa:9e:fa:da:b8:2d:
42:89:e3:39:79:09:89:7f:f4:af:e4:53:a7:90:91:
56:57:16:93:99:bc:bd:37:fb:5e:68:0b:bd:55:42:
11:53:ad:ac:a4:47:93:23:16:df:b3:c5:b0:b8:ca:
98:1e:45:0c:0a:54:be:33:dc:86:ae:9d:c9:e6:ff:
4c:02:97:d5:db:d1:e9:22:c8:3b:ad:12:2b:bf:3f:
22:0c:de:26:0b:58:28:4c:4a:3a:ed:33:a9:bc:8a:
95:e2:e2:f2:9e:0b:49:6e:f7:1a:6c:5f:c0:ba:f7:
68:db:0d:28:f4:e2:22:cf:e9:40:15:01:ac:5a:10:
8e:4a:e7:99:8e:c1:8d:a1:a5:f1:68:4a:06:d9:ff:
77:d1:85:41:a1:8a:ec:ee:9f:c9:40:e6:2d:7f:de:
6f:28:2e:5a:30:6b:70:dd:ba:46:46:95:b9:5d:8e:
3c:11:63:e3:3c:f5:08:2c:ef:5e:e4:f3:89:59:ff:
20:e5:4a:81:90:23:8d:1d:29:ed:59:59:2a:f5:bb:
ab:ec:dd:ab:09:55:b8:d5:c2:cc:9e:21:3f:c4:28:
38:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F7:1D:4C:A7:28:F4:77:E9:A8:5C:96:90:5C:D6:B1:30:4B:11:C6
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/kvcdTKco9HfpqFyWkFzWsTBLEcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.160.0-85.187.179.255
194.69.202.0/24
Signature Algorithm: sha256WithRSAEncryption
39:a7:54:69:a7:76:33:74:58:dd:33:84:bd:80:9c:5a:1f:bc:
42:17:59:95:48:bd:ea:dd:e4:16:aa:03:7e:fb:da:12:35:fc:
11:0d:9e:44:9b:50:3d:2c:b0:1f:8a:f6:f2:d6:3f:87:b3:a8:
e8:cc:2f:ea:70:f8:ff:34:8d:c9:44:aa:e3:99:e3:1f:cb:af:
28:58:67:4e:94:13:d5:11:f5:12:36:62:8f:f8:53:7e:5a:f3:
17:52:c1:dc:93:0f:06:71:84:ee:7d:23:1d:c5:ca:04:df:e9:
42:dc:71:06:41:9f:61:57:ba:50:bf:52:40:f1:5f:1d:b7:26:
02:44:d0:c5:f3:ca:c1:d9:bf:50:76:37:ca:76:5e:22:79:88:
18:aa:70:76:c1:01:79:cc:60:e1:b4:bc:e2:21:13:56:c8:fe:
6c:0e:3c:2a:fa:74:bc:0c:89:1a:ff:f3:3c:c5:89:0d:57:26:
46:ca:ac:23:84:c8:10:e1:6f:e1:a5:8b:02:e9:e6:1a:4f:7e:
d9:14:f7:b3:77:5a:4c:92:31:ea:f1:d0:7a:c4:35:7b:66:c0:
cc:25:a5:21:41:47:a5:6b:34:ce:f2:20:47:7f:76:e0:70:b1:
fe:92:cb:4a:40:85:fd:1b:3d:0f:e6:eb:5b:aa:58:79:ba:77:
35:40:f5:25
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYmolL1FJh0gGx/Z4zXefhTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjMwNzMwMjA1NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY3MWQ0Y2E3MjhmNDc3ZTlhODVjOTY5MDVjZDZiMTMwNGIxMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGCmjojsj+YqZKZ80hjlm6bEuud2
/0D1A+qTjKu2ojSEcMmSLduqnvrauC1CieM5eQmJf/Sv5FOnkJFWVxaTmby9N/te
aAu9VUIRU62spEeTIxbfs8WwuMqYHkUMClS+M9yGrp3J5v9MApfV29HpIsg7rRIr
vz8iDN4mC1goTEo67TOpvIqV4uLyngtJbvcabF/Auvdo2w0o9OIiz+lAFQGsWhCO
SueZjsGNoaXxaEoG2f930YVBoYrs7p/JQOYtf95vKC5aMGtw3bpGRpW5XY48EWPj
PPUILO9e5POJWf8g5UqBkCONHSntWVkq9bur7N2rCVW41cLMniE/xCg4gwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJL3HUynKPR36ahclpBc1rEwSxHGMB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEva3ZjZFRLY285SGZwcUZ5V2tGeldzVEJMRWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVVu6AD
BAJVu7ADBADCRcowDQYJKoZIhvcNAQELBQADggEBADmnVGmndjN0WN0zhL2AnFof
vEIXWZVIverd5BaqA3772hI1/BENnkSbUD0ssB+K9vLWP4ezqOjML+pw+P80jclE
quOZ4x/LryhYZ06UE9UR9RI2Yo/4U35a8xdSwdyTDwZxhO59Ix3FygTf6ULccQZB
n2FXulC/UkDxXx23JgJE0MXzysHZv1B2N8p2XiJ5iBiqcHbBAXnMYOG0vOIhE1bI
/mwOPCr6dLwMiRr/8zzFiQ1XJkbKrCOEyBDhb+GliwLp5hpPftkU97N3WkySMerx
0HrENXtmwMwlpSFBR6VrNM7yIEd/duBwsf6Sy0pAhf0bPQ/m61uqWHm6dzVA9SU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:50 2024 by rpki-client on console-fra.rpki-client.org