Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/kpy8k1WQjqy5M7gpUUMyI1yRM7s.roa
File: kpy8k1WQjqy5M7gpUUMyI1yRM7s.roa (raw, json)
Hash identifier: xdSO7HSb7pwalopyiYrIcmDx9qNOT+NS7WBziog4KWk=
Subject key identifier: 92:9C:BC:93:55:90:8E:AC:B9:33:B8:29:51:43:32:23:5C:91:33:BB
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 018571955AEC396C7CD4850AC2A2F761933B
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/kpy8k1WQjqy5M7gpUUMyI1yRM7s.roa
Signing time: Mon 02 Jan 2023 08:24:51 +0000
ROA not before: Mon 02 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 158.233.228.0/24 maxlen: 24
158.233.229.0/24 maxlen: 24
158.233.242.0/24 maxlen: 24
158.233.246.0/24 maxlen: 24
158.233.243.0/24 maxlen: 24
158.233.245.0/24 maxlen: 24
158.233.244.0/24 maxlen: 24
158.233.250.0/24 maxlen: 24
158.233.251.0/24 maxlen: 24
158.233.247.0/24 maxlen: 24
158.233.249.0/24 maxlen: 24
158.233.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:5a:ec:39:6c:7c:d4:85:0a:c2:a2:f7:61:93:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Jan 2 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=929cbc9355908eacb933b829514332235c9133bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:15:dc:9d:f5:5c:97:18:4f:f4:45:d7:b4:22:
c8:43:0b:35:b6:d3:a6:66:ea:06:3e:a6:bb:27:28:
9e:71:3a:27:0c:b6:26:46:bf:8f:94:6e:e9:51:da:
3d:0e:6b:e6:35:7e:13:09:3a:2f:8d:0e:f8:0c:fb:
5e:bc:bf:4e:c9:1e:6e:9c:fb:6a:54:e2:ef:65:fd:
78:d8:35:ec:f1:47:c4:97:62:86:17:7e:9d:b5:f5:
aa:47:47:f2:38:60:d2:e1:4c:1a:2f:e6:72:7b:ab:
73:af:8c:71:08:21:90:4e:a5:1f:52:9b:c1:46:25:
b1:0a:15:9c:06:fd:d7:a8:80:a9:2f:b4:ae:16:e9:
9e:bd:17:ef:1c:ca:ba:ff:ec:00:ff:00:18:2f:7b:
7d:0d:14:1b:03:ec:bd:70:6e:b9:1c:6d:28:04:d7:
3b:03:a0:47:15:af:97:e2:d4:0f:e1:19:33:bc:4f:
3b:fb:54:b3:6c:8c:d0:84:59:31:dd:ff:02:6c:13:
d7:27:53:73:fb:8a:b7:b8:f0:78:17:2c:db:17:fa:
48:8d:09:77:ed:f8:02:df:3a:c7:d6:5c:59:08:2b:
4c:bf:dd:60:77:7e:f9:7a:3c:16:88:86:54:25:97:
f4:fe:ef:bc:e9:e3:10:ae:16:41:21:31:a8:e6:5b:
ce:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9C:BC:93:55:90:8E:AC:B9:33:B8:29:51:43:32:23:5C:91:33:BB
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/kpy8k1WQjqy5M7gpUUMyI1yRM7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.228.0/23
158.233.242.0-158.233.251.255
Signature Algorithm: sha256WithRSAEncryption
8f:bb:49:cb:82:3f:3c:98:96:d5:78:70:7f:c0:54:2f:18:81:
6f:1f:22:56:1d:0f:7f:45:0e:31:2b:44:2e:a4:fe:f2:fe:61:
00:7f:8c:6a:2a:f9:ef:86:3d:82:89:7b:c2:72:9d:e9:3c:2d:
c9:ff:1e:8f:02:ac:cb:33:0d:35:f1:dc:5a:c6:23:3d:5c:be:
68:92:b7:8f:c6:fe:7d:55:ea:ca:3b:a4:ff:d0:b4:b6:8f:20:
e8:33:01:56:eb:6b:6d:f2:9f:0f:7f:21:1c:d2:43:45:17:68:
27:02:ec:86:d8:8a:5d:88:fe:95:75:af:b8:ac:9c:cf:e0:1e:
24:d5:66:92:bf:1c:3a:d0:ea:59:42:b1:f1:22:81:60:d5:31:
36:da:45:ad:24:d0:ff:15:9c:d1:79:c4:2b:e9:b4:df:3b:72:
e2:bf:d9:d0:5b:69:4c:47:0c:a3:6c:f7:7a:21:c4:4b:15:10:
fd:4f:bf:92:36:02:27:9b:e5:94:08:5d:a9:d3:99:ff:0f:e9:
4a:b6:45:58:c7:d3:f1:2e:f6:6f:63:90:5c:cb:fc:87:43:b4:
9f:b1:58:34:f1:6d:22:ff:96:e6:a8:9f:a4:28:56:25:c0:f3:
11:fa:63:1f:38:ee:97:2d:7b:51:03:55:f9:32:af:f5:1a:9c:
90:da:30:73
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVxlVrsOWx81IUKwqL3YZM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjMwMTAyMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjljYmM5MzU1OTA4ZWFjYjkzM2I4Mjk1MTQzMzIyMzVjOTEzM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhXcnfVclxhP9EXXtCLIQws1ttOm
ZuoGPqa7JyiecTonDLYmRr+PlG7pUdo9DmvmNX4TCTovjQ74DPtevL9OyR5unPtq
VOLvZf142DXs8UfEl2KGF36dtfWqR0fyOGDS4UwaL+Zye6tzr4xxCCGQTqUfUpvB
RiWxChWcBv3XqICpL7SuFumevRfvHMq6/+wA/wAYL3t9DRQbA+y9cG65HG0oBNc7
A6BHFa+X4tQP4RkzvE87+1SzbIzQhFkx3f8CbBPXJ1Nz+4q3uPB4FyzbF/pIjQl3
7fgC3zrH1lxZCCtMv91gd375ejwWiIZUJZf0/u+86eMQrhZBITGo5lvOvQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJKcvJNVkI6suTO4KVFDMiNckTO7MB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEva3B5OGsxV1FqcXk1TTdncFVVTXlJMXlSTTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBnunkMAwD
BAGe6fIDBAKe6fgwDQYJKoZIhvcNAQELBQADggEBAI+7ScuCPzyYltV4cH/AVC8Y
gW8fIlYdD39FDjErRC6k/vL+YQB/jGoq+e+GPYKJe8Jynek8Lcn/Ho8CrMszDTXx
3FrGIz1cvmiSt4/G/n1V6so7pP/QtLaPIOgzAVbra23ynw9/IRzSQ0UXaCcC7IbY
il2I/pV1r7isnM/gHiTVZpK/HDrQ6llCsfEigWDVMTbaRa0k0P8VnNF5xCvptN87
cuK/2dBbaUxHDKNs93ohxEsVEP1Pv5I2Aieb5ZQIXanTmf8P6Uq2RVjH0/Eu9m9j
kFzL/IdDtJ+xWDTxbSL/luaon6QoViXA8xH6Yx847pcte1EDVfkyr/UanJDaMHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:14 2024 by rpki-client on console-fra.rpki-client.org