Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/KzM7fclX8SKsPcLPO66L4M1ftC4.roa
File: KzM7fclX8SKsPcLPO66L4M1ftC4.roa (raw, json)
Hash identifier: 2MKOEGFe+ZJyPykQFWJ1+TSKjuo0q3LGFG4zEDH8t/U=
Subject key identifier: 2B:33:3B:7D:C9:57:F1:22:AC:3D:C2:CF:3B:AE:8B:E0:CD:5F:B4:2E
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0188B8091B0EA2A52C31EED7899E760C1E06
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/KzM7fclX8SKsPcLPO66L4M1ftC4.roa
Signing time: Wed 14 Jun 2023 03:53:04 +0000
ROA not before: Wed 14 Jun 2023 03:53:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 188.191.98.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:09:1b:0e:a2:a5:2c:31:ee:d7:89:9e:76:0c:1e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jun 14 03:53:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b333b7dc957f122ac3dc2cf3bae8be0cd5fb42e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:72:a3:4a:83:db:c3:74:87:61:dd:62:6f:0a:
7a:2b:43:2b:b6:6f:37:9b:e3:5c:b7:86:4f:b4:09:
0c:93:f5:8a:20:bd:f1:16:18:0c:1e:08:55:b0:3c:
00:06:31:ca:a8:ce:00:bc:e2:b1:26:41:04:7d:8b:
6f:0d:94:df:af:20:86:66:c8:9a:f4:6f:3d:21:b3:
97:1b:86:a2:03:f5:4c:2d:30:bd:cc:2a:78:b8:f0:
f8:df:26:a1:7e:49:db:69:e3:60:b2:d8:33:50:be:
6f:45:d2:a7:50:68:9c:21:a7:17:8a:ec:d7:e8:80:
d7:92:16:87:ba:f5:8d:78:1a:d7:31:34:61:30:54:
9b:78:4f:a1:d7:d5:cf:6d:03:28:92:5f:1a:e0:cd:
3d:a2:45:fc:2b:0d:ba:6f:41:34:7e:75:09:cf:66:
2f:5a:fa:b8:d2:30:37:8d:b2:77:06:e8:d3:5c:28:
98:f2:85:cf:86:fc:4b:e8:7a:60:8d:e0:d0:17:61:
03:ae:ee:20:79:f9:f5:5a:75:ec:c0:90:bb:db:0a:
78:cf:6e:7b:f7:56:33:f9:98:2e:41:37:65:73:15:
9f:fe:49:bd:04:7b:61:dc:19:a6:bb:39:4f:28:9f:
5c:b0:e4:87:3b:48:2f:52:3f:19:68:23:53:da:4d:
22:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:33:3B:7D:C9:57:F1:22:AC:3D:C2:CF:3B:AE:8B:E0:CD:5F:B4:2E
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/KzM7fclX8SKsPcLPO66L4M1ftC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.226.0/24
188.191.98.0/24
188.191.101.0/24
188.191.103.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
8c:6b:78:81:59:e9:0f:4d:23:ab:70:2e:a8:e1:e5:5e:5c:7c:
b5:59:05:bc:0d:38:e3:56:d8:68:8f:78:a1:e1:0f:16:36:65:
6f:08:30:af:42:ea:46:69:1f:48:ad:e6:44:48:5b:c3:99:94:
3c:fa:1a:93:98:b8:7b:bd:00:0b:1b:7b:3c:73:3c:ff:e9:58:
e9:43:a8:95:6c:73:c0:3a:bf:d6:b4:94:c4:7c:d3:50:7b:88:
83:0d:68:16:b1:2a:37:fe:b6:89:cb:37:f5:b8:22:4d:80:52:
65:ee:3b:ce:3f:e2:e2:38:1d:0c:13:1d:aa:06:d7:2c:76:7a:
c8:ea:d0:a0:04:4b:08:36:b6:68:f8:19:08:45:3f:39:d1:10:
cf:69:e3:50:b9:9c:45:7c:ed:b5:e0:9d:dc:0d:c6:dc:5f:2c:
9c:f6:12:e7:9b:5a:77:69:dd:c4:5b:2a:a0:89:fd:ca:41:fa:
a3:cd:f2:79:d0:a3:ee:5d:20:5a:c7:73:0f:66:67:67:a4:5a:
23:8b:50:8a:76:5c:52:3d:a6:e9:d5:da:74:fd:0b:9d:de:7e:
f0:57:b8:25:d8:eb:dc:8d:ce:9d:10:d6:9f:2e:af:d6:68:e3:
87:c5:eb:c7:0f:c4:44:b5:80:b6:4f:83:51:66:af:68:c9:e3:
91:75:32:56
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYi4CRsOoqUsMe7XiZ52DB4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNjE0MDM1MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMzM2I3ZGM5NTdmMTIyYWMzZGMyY2YzYmFlOGJlMGNkNWZiNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnKjSoPbw3SHYd1ibwp6K0Mrtm83
m+Nct4ZPtAkMk/WKIL3xFhgMHghVsDwABjHKqM4AvOKxJkEEfYtvDZTfryCGZsia
9G89IbOXG4aiA/VMLTC9zCp4uPD43yahfknbaeNgstgzUL5vRdKnUGicIacXiuzX
6IDXkhaHuvWNeBrXMTRhMFSbeE+h19XPbQMokl8a4M09okX8Kw26b0E0fnUJz2Yv
Wvq40jA3jbJ3BujTXCiY8oXPhvxL6HpgjeDQF2EDru4gefn1WnXswJC72wp4z257
91Yz+ZguQTdlcxWf/km9BHth3BmmuzlPKJ9csOSHO0gvUj8ZaCNT2k0iVwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCszO33JV/EirD3Czzuui+DNX7QuMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvS3pNN2ZjbFg4U0tzUGNMUE82Nkw0TTFmdEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW+HiAwQA
vL9iAwQAvL9lAwQAvL9nMAwDBAC8v20DBAC8v24wDQYJKoZIhvcNAQELBQADggEB
AIxreIFZ6Q9NI6twLqjh5V5cfLVZBbwNOONW2GiPeKHhDxY2ZW8IMK9C6kZpH0it
5kRIW8OZlDz6GpOYuHu9AAsbezxzPP/pWOlDqJVsc8A6v9a0lMR801B7iIMNaBax
Kjf+tonLN/W4Ik2AUmXuO84/4uI4HQwTHaoG1yx2esjq0KAESwg2tmj4GQhFPznR
EM9p41C5nEV87bXgndwNxtxfLJz2EuebWndp3cRbKqCJ/cpB+qPN8nnQo+5dIFrH
cw9mZ2ekWiOLUIp2XFI9punV2nT9C53efvBXuCXY69yNzp0Q1p8ur9Zo44fF68cP
xES1gLZPg1Fmr2jJ45F1MlY=
-----END CERTIFICATE-----
Generated at Tue Nov 14 08:07:33 2023 by rpki-client on console-ams.rpki-client.org