Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/KPnk84kQgBTLBG7uw_xmn-N7N9U.roa
File: KPnk84kQgBTLBG7uw_xmn-N7N9U.roa (raw, json)
Hash identifier: Ro1pfyCTSYZP+opM6uFHwgTy8pxotlrmDhyFwmR3xO0=
Subject key identifier: 28:F9:E4:F3:89:10:80:14:CB:04:6E:EE:C3:FC:66:9F:E3:7B:37:D5
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 01887B7B8419DA29C7950818C68EBAF57ECB
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/KPnk84kQgBTLBG7uw_xmn-N7N9U.roa
Signing time: Fri 02 Jun 2023 09:41:12 +0000
ROA not before: Fri 02 Jun 2023 09:41:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.75.69.0/24 maxlen: 24
103.75.68.0/24 maxlen: 24
88.218.42.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:7b:84:19:da:29:c7:95:08:18:c6:8e:ba:f5:7e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jun 2 09:41:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f9e4f389108014cb046eeec3fc669fe37b37d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0e:8b:18:38:08:e9:6d:01:d5:32:2a:d0:a2:
8a:2d:ee:ae:f8:e4:49:82:f0:16:35:04:72:4a:63:
2b:f5:b7:8c:91:7b:b7:f2:fd:c4:d4:bf:3b:a2:f8:
51:37:c2:82:d1:c6:4c:1b:51:f0:01:e5:73:15:fb:
64:2d:4f:a5:7d:3a:09:27:77:dc:20:a3:22:b9:10:
df:31:97:00:f1:af:db:1b:a4:dd:09:d0:ad:00:75:
b1:0d:f1:a7:93:f5:77:29:52:70:ff:17:51:29:14:
a2:a9:ce:5e:95:63:12:0f:06:d6:fa:09:d6:f1:75:
5c:5e:4a:7e:29:bf:83:ee:c4:77:19:cc:ae:09:83:
3b:80:50:e8:fd:34:98:00:a3:52:55:ef:20:59:54:
1f:27:4d:06:d7:50:e5:4d:94:d3:8f:6c:02:fe:09:
f3:16:e6:65:9e:bf:b2:14:ea:1c:e9:ae:48:0c:9f:
77:b6:45:ac:03:6d:ee:39:22:31:a9:19:a3:aa:05:
09:64:e4:f8:43:2a:a1:f9:e6:b6:1b:36:47:98:b3:
7d:50:39:8e:34:87:30:d4:1c:8f:da:ef:26:bc:82:
04:ae:29:3d:30:7b:45:c2:fa:ca:bc:3d:81:a8:a1:
b5:ae:91:ea:09:a6:fb:38:8d:2e:d0:66:6e:c0:bb:
0a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F9:E4:F3:89:10:80:14:CB:04:6E:EE:C3:FC:66:9F:E3:7B:37:D5
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/KPnk84kQgBTLBG7uw_xmn-N7N9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.42.0/24
103.75.68.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:01:10:ba:5b:e4:5a:a6:d8:cc:cc:93:7d:0c:f9:43:6b:f3:
10:28:fe:b2:32:31:b3:e9:b5:78:40:e3:cf:67:4f:4e:23:6a:
08:bf:41:1f:41:32:31:44:62:a1:57:91:01:de:9b:a2:63:c4:
17:1f:7e:63:b8:b8:b5:11:d4:3b:29:b1:52:9f:bb:58:8a:91:
9f:cd:ac:c9:a9:f9:dc:bd:05:9f:8e:a4:d7:31:63:fe:0d:bb:
2b:bc:ea:08:1a:10:f7:7f:4c:a3:c2:a3:6c:45:29:b6:dd:8d:
68:f8:e2:50:ea:69:11:30:6b:80:da:f6:19:5e:cf:38:63:ac:
8b:7c:24:94:eb:ce:12:53:10:eb:bb:6e:48:53:b3:2d:8f:0b:
53:4c:21:da:a2:b6:c3:56:2e:2b:90:24:c9:ea:0e:44:33:63:
b0:f0:b8:64:2d:c0:b8:a8:55:52:49:aa:ea:b5:86:ac:7f:0f:
8a:6f:a6:32:8f:a0:74:b1:f3:d0:81:3d:03:b6:f6:aa:de:16:
89:6d:72:db:fd:40:51:81:ee:55:a5:5c:21:f7:17:83:64:a1:
ce:fb:15:88:81:14:8c:0a:96:85:94:64:b1:50:b2:16:80:fe:
fc:3c:4f:89:42:56:fe:5f:9f:fe:c6:67:78:fa:6d:72:53:ec:
63:f8:13:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh7e4QZ2inHlQgYxo669X7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwNjAyMDk0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY5ZTRmMzg5MTA4MDE0Y2IwNDZlZWVjM2ZjNjY5ZmUzN2IzN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ6LGDgI6W0B1TIq0KKKLe6u+ORJ
gvAWNQRySmMr9beMkXu38v3E1L87ovhRN8KC0cZMG1HwAeVzFftkLU+lfToJJ3fc
IKMiuRDfMZcA8a/bG6TdCdCtAHWxDfGnk/V3KVJw/xdRKRSiqc5elWMSDwbW+gnW
8XVcXkp+Kb+D7sR3GcyuCYM7gFDo/TSYAKNSVe8gWVQfJ00G11DlTZTTj2wC/gnz
FuZlnr+yFOoc6a5IDJ93tkWsA23uOSIxqRmjqgUJZOT4Qyqh+ea2GzZHmLN9UDmO
NIcw1ByP2u8mvIIErik9MHtFwvrKvD2BqKG1rpHqCab7OI0u0GZuwLsKOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCj55POJEIAUywRu7sP8Zp/jezfVMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvS1Buazg0a1FnQlRMQkc3dXdfeG1uLU43TjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNoqAwQB
Z0tEMA0GCSqGSIb3DQEBCwUAA4IBAQCLARC6W+RaptjMzJN9DPlDa/MQKP6yMjGz
6bV4QOPPZ09OI2oIv0EfQTIxRGKhV5EB3puiY8QXH35juLi1EdQ7KbFSn7tYipGf
zazJqfncvQWfjqTXMWP+DbsrvOoIGhD3f0yjwqNsRSm23Y1o+OJQ6mkRMGuA2vYZ
Xs84Y6yLfCSU684SUxDru25IU7MtjwtTTCHaorbDVi4rkCTJ6g5EM2Ow8LhkLcC4
qFVSSarqtYasfw+Kb6Yyj6B0sfPQgT0Dtvaq3haJbXLb/UBRge5VpVwh9xeDZKHO
+xWIgRSMCpaFlGSxULIWgP78PE+JQlb+X5/+xmd4+m1yU+xj+BNv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:50 2023 by rpki-client on console-fra.rpki-client.org