Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KBO_TRJWKw3EDgFcYJJKEDXUKUQ.roa
File: KBO_TRJWKw3EDgFcYJJKEDXUKUQ.roa (raw, json)
Hash identifier: JrGwdhOBnYCAKZ6sYsmSSrchkJ4CFb6LDTVpe3+6q7o=
Subject key identifier: 28:13:BF:4D:12:56:2B:0D:C4:0E:01:5C:60:92:4A:10:35:D4:29:44
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E1C94CF168A7ED52F3FCF87B138D2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KBO_TRJWKw3EDgFcYJJKEDXUKUQ.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 265561
IP address blocks: 201.77.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 12:18:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1c:94:cf:16:8a:7e:d5:2f:3f:cf:87:b1:38:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2813bf4d12562b0dc40e015c60924a1035d42944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b0:37:97:b8:51:63:c3:b0:bb:1a:66:00:c9:
d6:16:d6:ae:fa:ca:d7:e2:35:b9:86:0b:c9:52:64:
b6:25:c2:7d:a9:71:db:ae:ec:1b:ab:4d:10:48:1d:
bb:59:50:7d:cf:0c:3e:0d:d2:8a:ae:49:a6:02:e0:
7a:df:ac:3f:3a:18:41:d4:a2:d4:af:1c:bf:65:69:
74:52:08:4c:27:6d:21:47:65:10:2c:7a:75:2e:d1:
06:75:73:ed:4a:a3:66:4d:ef:02:c3:a5:84:ad:6a:
af:19:19:a8:a0:b4:71:9b:d8:28:21:61:52:53:65:
90:7d:c9:72:62:64:fa:b4:24:bd:b2:63:82:c3:ab:
66:7b:4c:64:64:49:0c:f2:ea:ad:5e:ef:cc:6a:20:
6f:f0:f7:ef:22:38:de:5b:66:49:ff:b0:5c:ba:c8:
0a:7d:d3:4e:cb:ef:f7:c5:7f:5a:55:99:db:73:d0:
9e:70:d3:12:e6:53:cc:dd:17:77:38:f7:78:b6:8e:
8d:b3:e3:9e:ad:0c:0d:98:17:ae:ef:d7:1e:40:b1:
bc:53:78:c8:64:bf:ac:0e:a3:ea:29:27:2d:7f:dc:
dc:f4:ae:09:7a:80:ef:7a:98:c2:0a:80:63:a5:53:
86:2a:99:cb:2c:ad:e6:0c:a7:6d:d0:ef:5b:dd:c3:
fc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:13:BF:4D:12:56:2B:0D:C4:0E:01:5C:60:92:4A:10:35:D4:29:44
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KBO_TRJWKw3EDgFcYJJKEDXUKUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.77.59.0/24
Signature Algorithm: sha256WithRSAEncryption
04:1e:67:0a:83:a8:e9:a2:1e:55:ac:7f:44:91:fb:9a:f8:e3:
95:a5:5b:24:02:20:ae:82:ed:db:7d:35:06:94:64:72:27:bb:
bd:3a:27:d7:68:ee:a9:5e:b4:29:2a:62:b5:52:ab:de:a8:97:
c3:8f:cf:0e:b0:fc:02:b9:64:fc:0a:12:66:fa:8d:63:5b:2c:
4a:ee:34:1a:c2:7b:55:6a:ee:b0:3a:c6:98:93:6f:ba:cd:c5:
f9:5c:3a:34:6e:d8:5c:54:19:11:66:75:9b:d3:52:77:3a:a7:
a7:18:82:02:44:94:a4:37:d1:6e:f8:a5:1b:84:d5:4e:a4:e7:
2a:71:57:92:8d:aa:f6:de:e1:ce:57:dd:8b:86:a0:26:e4:71:
11:3f:ed:74:14:19:56:b5:86:5f:0f:46:5d:c7:7f:2e:a7:4a:
58:bd:eb:23:ef:e1:cb:f3:31:67:30:a3:f2:19:99:08:5c:3e:
3e:44:33:ca:51:d6:3a:c5:5d:97:53:b7:50:6d:26:a2:5e:49:
8e:57:10:34:85:02:d6:71:78:98:40:25:3c:f0:84:d9:7b:94:
fa:f1:30:9d:b5:a3:e3:a5:ee:c7:9b:c7:11:f6:48:aa:73:29:
c2:d4:31:0c:14:0b:1e:0e:82:fe:0d:df:af:88:97:99:f4:59:
35:53:ec:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhyUzxaKftUvP8+HsTjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEzYmY0ZDEyNTYyYjBkYzQwZTAxNWM2MDkyNGExMDM1ZDQyOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLA3l7hRY8OwuxpmAMnWFtau+srX
4jW5hgvJUmS2JcJ9qXHbruwbq00QSB27WVB9zww+DdKKrkmmAuB636w/OhhB1KLU
rxy/ZWl0UghMJ20hR2UQLHp1LtEGdXPtSqNmTe8Cw6WErWqvGRmooLRxm9goIWFS
U2WQfclyYmT6tCS9smOCw6tme0xkZEkM8uqtXu/MaiBv8PfvIjjeW2ZJ/7BcusgK
fdNOy+/3xX9aVZnbc9CecNMS5lPM3Rd3OPd4to6Ns+OerQwNmBeu79ceQLG8U3jI
ZL+sDqPqKSctf9zc9K4JeoDvepjCCoBjpVOGKpnLLK3mDKdt0O9b3cP8GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgTv00SVisNxA4BXGCSShA11ClEMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvS0JPX1RSSldLdzNFRGdGY1lKSktFRFhVS1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyU07MA0G
CSqGSIb3DQEBCwUAA4IBAQAEHmcKg6jpoh5VrH9Ekfua+OOVpVskAiCugu3bfTUG
lGRyJ7u9OifXaO6pXrQpKmK1UqveqJfDj88OsPwCuWT8ChJm+o1jWyxK7jQawntV
au6wOsaYk2+6zcX5XDo0bthcVBkRZnWb01J3OqenGIICRJSkN9Fu+KUbhNVOpOcq
cVeSjar23uHOV92LhqAm5HERP+10FBlWtYZfD0Zdx38up0pYvesj7+HL8zFnMKPy
GZkIXD4+RDPKUdY6xV2XU7dQbSaiXkmOVxA0hQLWcXiYQCU88ITZe5T68TCdtaPj
pe7Hm8cR9kiqcynC1DEMFAseDoL+Dd+viJeZ9Fk1U+wF
-----END CERTIFICATE-----
Generated at Mon Jan 8 15:32:20 2024 by rpki-client on console-fra.rpki-client.org