Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/KDB00paa-abtmEksMztWJVKSdsM.roa
File: KDB00paa-abtmEksMztWJVKSdsM.roa (raw, json)
Hash identifier: TeCZ2ggxAygU631IjH5HK3cn0QWHfupUy+rV53qwWHI=
Subject key identifier: 28:30:74:D2:96:9A:F9:A6:ED:98:49:2C:33:3B:56:25:52:92:76:C3
Certificate issuer: /CN=afd23cc55aeeaf337edb73eae25b59097a27784c
Certificate serial: 0185708C9D5F08333A00239BA89E31113505
Authority key identifier: AF:D2:3C:C5:5A:EE:AF:33:7E:DB:73:EA:E2:5B:59:09:7A:27:78:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r9I8xVrurzN-23Pq4ltZCXoneEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/KDB00paa-abtmEksMztWJVKSdsM.roa
Signing time: Mon 02 Jan 2023 03:35:41 +0000
ROA not before: Mon 02 Jan 2023 03:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25358
IP address blocks: 185.25.40.0/22 maxlen: 22
109.70.168.0/21 maxlen: 21
193.189.104.0/23 maxlen: 23
195.140.148.0/22 maxlen: 22
2a00:14e8::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 18 Oct 2023 18:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:9d:5f:08:33:3a:00:23:9b:a8:9e:31:11:35:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afd23cc55aeeaf337edb73eae25b59097a27784c
Validity
Not Before: Jan 2 03:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=283074d2969af9a6ed98492c333b5625529276c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:77:48:c3:2d:95:f5:e2:0d:1c:31:4d:45:a2:
35:5c:f1:66:d5:31:45:eb:be:29:7d:42:89:9b:3a:
dc:28:52:84:b9:40:e2:4a:e7:32:88:78:e3:af:af:
fc:ee:7a:a5:7f:82:26:60:19:58:7b:c5:fc:e5:fd:
8b:7f:03:1d:0e:59:50:5d:39:e2:67:52:10:69:53:
99:3a:01:86:b4:53:6f:1a:60:e5:06:12:2e:15:fc:
cc:a5:0d:32:89:62:6b:d9:20:6e:a8:e9:7d:1f:25:
60:1c:0e:6b:ec:17:b2:54:81:7f:04:60:bc:68:f1:
be:22:31:17:56:fc:b5:36:19:fd:2d:58:c5:dc:36:
b3:76:4a:aa:3f:f9:88:e2:c2:28:9a:2b:51:d6:0a:
5f:d8:7a:79:7c:e8:92:74:01:af:70:4b:04:ed:af:
72:39:1c:c4:04:31:d5:82:3e:4b:94:d2:d3:71:9c:
1d:fb:f8:e8:41:e6:18:bb:ec:73:d4:ab:93:e5:e4:
e7:02:3f:7a:53:59:e3:8a:e7:79:68:88:ab:27:46:
de:3c:2c:ad:2e:96:85:2b:0a:3c:a0:fd:32:b8:b8:
b8:05:ae:a4:5a:d5:87:72:71:8a:b5:6a:83:ae:32:
58:4d:a8:87:55:a5:d8:be:ac:db:ac:c4:b5:08:09:
56:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:30:74:D2:96:9A:F9:A6:ED:98:49:2C:33:3B:56:25:52:92:76:C3
X509v3 Authority Key Identifier:
keyid:AF:D2:3C:C5:5A:EE:AF:33:7E:DB:73:EA:E2:5B:59:09:7A:27:78:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r9I8xVrurzN-23Pq4ltZCXoneEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/KDB00paa-abtmEksMztWJVKSdsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.168.0/21
185.25.40.0/22
193.189.104.0/23
195.140.148.0/22
IPv6:
2a00:14e8::/29
Signature Algorithm: sha256WithRSAEncryption
5f:16:e5:06:5d:6b:44:b4:f4:40:6e:75:51:d3:2c:0d:cc:d9:
77:15:e1:d6:51:8e:69:a2:51:53:58:7a:90:4e:5b:5a:34:3c:
4d:4c:9f:2f:bb:b4:b4:39:99:d5:7d:3a:64:2d:22:9b:01:e5:
fb:81:b2:cb:03:26:1a:3f:ba:f6:0a:4d:3f:80:f7:03:60:c8:
c6:82:4e:31:61:b8:05:af:3d:46:99:3d:20:a4:49:98:22:8f:
70:ca:c8:14:15:cd:67:ee:88:6d:bc:99:ef:e4:14:53:62:9b:
32:ba:fd:40:d8:3e:40:4b:dd:34:5c:f4:cd:2a:2b:e5:4c:49:
47:a0:ed:fa:54:30:7d:45:b3:ee:ae:eb:7f:6c:ac:a4:03:23:
fe:f3:85:83:e9:5a:2c:e4:39:b9:11:7f:a6:8b:92:dd:d0:b3:
c0:d8:e9:bb:02:d1:c6:0d:c9:7c:62:fb:55:cb:a8:8f:07:71:
38:56:7c:83:55:6c:65:3c:b6:11:c3:97:f0:59:d8:b8:0f:e5:
86:b2:68:43:23:4a:d8:ef:6d:cd:ee:d9:37:89:61:b8:e7:08:
b5:c2:9e:1c:a8:22:2f:bf:cf:42:23:68:b0:31:cd:49:96:b4:
15:89:6e:d0:8a:98:b2:51:e6:ba:e7:3f:fb:9c:9a:ee:65:18:
e1:d6:3a:2a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwjJ1fCDM6ACObqJ4xETUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZDIzY2M1NWFlZWFmMzM3ZWRiNzNlYWUyNWI1OTA5N2Ey
Nzc4NGMwHhcNMjMwMTAyMDMzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMwNzRkMjk2OWFmOWE2ZWQ5ODQ5MmMzMzNiNTYyNTUyOTI3NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHdIwy2V9eINHDFNRaI1XPFm1TFF
674pfUKJmzrcKFKEuUDiSucyiHjjr6/87nqlf4ImYBlYe8X85f2LfwMdDllQXTni
Z1IQaVOZOgGGtFNvGmDlBhIuFfzMpQ0yiWJr2SBuqOl9HyVgHA5r7BeyVIF/BGC8
aPG+IjEXVvy1Nhn9LVjF3DazdkqqP/mI4sIomitR1gpf2Hp5fOiSdAGvcEsE7a9y
ORzEBDHVgj5LlNLTcZwd+/joQeYYu+xz1KuT5eTnAj96U1njiud5aIirJ0bePCyt
LpaFKwo8oP0yuLi4Ba6kWtWHcnGKtWqDrjJYTaiHVaXYvqzbrMS1CAlWvQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCgwdNKWmvmm7ZhJLDM7ViVSknbDMB8GA1UdIwQY
MBaAFK/SPMVa7q8zfttz6uJbWQl6J3hMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjlJOHhWcnVyek4tMjNQcTRsdFpDWG9uZUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81M2Y0NTgtNzYxYS00MzgyLTgyN2Mt
NDk0ZjA4YzIxNDk3LzEvS0RCMDBwYWEtYWJ0bUVrc016dFdKVktTZHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy81M2Y0NTgtNzYxYS00MzgyLTgyN2MtNDk0ZjA4YzIxNDk3
LzEvcjlJOHhWcnVyek4tMjNQcTRsdFpDWG9uZUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDbUaoAwQC
uRkoAwQBwb1oAwQCw4yUMA0EAgACMAcDBQMqABToMA0GCSqGSIb3DQEBCwUAA4IB
AQBfFuUGXWtEtPRAbnVR0ywNzNl3FeHWUY5polFTWHqQTltaNDxNTJ8vu7S0OZnV
fTpkLSKbAeX7gbLLAyYaP7r2Ck0/gPcDYMjGgk4xYbgFrz1GmT0gpEmYIo9wysgU
Fc1n7ohtvJnv5BRTYpsyuv1A2D5AS900XPTNKivlTElHoO36VDB9RbPurut/bKyk
AyP+84WD6Vos5Dm5EX+mi5Ld0LPA2Om7AtHGDcl8YvtVy6iPB3E4VnyDVWxlPLYR
w5fwWdi4D+WGsmhDI0rY723N7tk3iWG45wi1wp4cqCIvv89CI2iwMc1JlrQViW7Q
ipiyUea65z/7nJruZRjh1joq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:15 2024 by rpki-client on console-fra.rpki-client.org