Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/KfGJ5prQKp2vrk7i8UU-CJLsUeg.roa
File: KfGJ5prQKp2vrk7i8UU-CJLsUeg.roa (raw, json)
Hash identifier: Fki2eK/PHdZcKgZ9/EgaRjmM09XtLPxzJ5Ymih6/Vj0=
Subject key identifier: 29:F1:89:E6:9A:D0:2A:9D:AF:AE:4E:E2:F1:45:3E:08:92:EC:51:E8
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0191B1B5DFB4DB4B411DBC3B8CA45F340850
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/KfGJ5prQKp2vrk7i8UU-CJLsUeg.roa
Signing time: Mon 02 Sep 2024 07:49:32 +0000
ROA not before: Mon 02 Sep 2024 07:49:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 213.137.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 10:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:b5:df:b4:db:4b:41:1d:bc:3b:8c:a4:5f:34:08:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Sep 2 07:49:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29f189e69ad02a9dafae4ee2f1453e0892ec51e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4c:18:50:4f:1c:31:2c:21:d0:7e:e1:32:66:
2a:a6:2e:00:10:d9:01:39:cb:8b:f7:a5:e5:75:b1:
1d:25:5a:47:6e:28:7a:3a:d2:b0:9b:eb:f1:df:31:
35:f8:bd:e7:3a:17:be:2f:9a:b7:4a:23:25:ab:eb:
b2:77:8f:bb:49:ce:1e:32:de:1a:10:08:fb:85:04:
f7:a7:ba:df:91:d6:03:19:a2:06:3e:c6:5c:3c:89:
a0:d4:bb:c5:ad:88:0b:c7:9e:68:62:8d:2c:b6:3b:
77:42:00:64:0c:01:8c:94:7f:fc:2a:c9:91:3a:b1:
ef:1d:dc:8a:a2:75:16:93:bb:a0:f1:1a:55:d2:9c:
6b:62:1e:43:f9:24:79:92:34:33:9f:53:68:5d:e8:
d3:20:77:57:f8:22:54:26:66:f1:5a:a2:76:84:04:
79:d3:18:58:d6:9b:63:d7:9d:2e:18:07:13:2f:a3:
7d:60:60:b2:83:17:21:ed:38:2a:65:03:00:41:dc:
bb:43:4f:08:6b:db:2f:a2:02:e7:20:af:2f:b7:8c:
70:21:d4:ac:2a:5e:29:fe:9c:05:87:e6:08:d1:02:
3c:73:53:a4:a2:4f:f3:6c:19:c8:69:ac:9a:ac:60:
04:f2:4f:fd:c9:ee:6f:09:eb:d4:81:36:75:4b:5b:
68:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F1:89:E6:9A:D0:2A:9D:AF:AE:4E:E2:F1:45:3E:08:92:EC:51:E8
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/KfGJ5prQKp2vrk7i8UU-CJLsUeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.90.0/24
Signature Algorithm: sha256WithRSAEncryption
45:24:28:c7:df:52:74:cd:d3:37:3e:e6:9a:82:6a:ee:07:5d:
1e:6c:4e:05:d2:d1:1b:1e:43:20:a7:30:7e:c8:63:53:01:6c:
09:db:e8:42:5a:a1:25:31:ec:8f:80:9b:7c:87:76:e4:8a:fa:
87:33:ed:0f:1d:31:c7:3e:06:25:72:c1:c8:2c:54:09:3b:8e:
10:31:a7:2d:b3:0a:ab:28:a3:aa:b9:98:c7:ed:6b:dc:61:bb:
0e:1c:e3:8b:eb:67:fc:16:71:c6:12:87:b2:97:ce:95:2b:83:
c2:2a:4f:36:d4:63:cb:ec:83:d4:91:8c:a7:dc:c7:80:a2:54:
f4:3a:6c:8a:2c:49:5b:5a:7a:d2:4a:28:cb:55:54:d4:46:ea:
b2:32:7f:19:f5:32:a4:d3:5d:2b:8f:d5:5a:2e:86:ba:d8:89:
2e:8b:14:57:3b:bb:20:1c:54:10:e6:12:fb:e4:ae:0b:52:fa:
f6:e1:8e:c7:21:4b:c4:d0:8d:9c:28:72:a4:25:21:55:44:e1:
ac:3c:c4:8b:7e:d1:5d:f0:2a:24:4a:1c:bd:8a:3a:80:e6:80:
8e:e6:a8:d9:ba:70:40:3c:56:eb:52:08:85:a0:64:14:ca:f0:
58:96:10:05:9c:89:d9:59:e6:dc:78:e9:a1:04:04:16:aa:d8:
33:1d:9d:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGxtd+020tBHbw7jKRfNAhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjQwOTAyMDc0OTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYxODllNjlhZDAyYTlkYWZhZTRlZTJmMTQ1M2UwODkyZWM1MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0wYUE8cMSwh0H7hMmYqpi4AENkB
OcuL96XldbEdJVpHbih6OtKwm+vx3zE1+L3nOhe+L5q3SiMlq+uyd4+7Sc4eMt4a
EAj7hQT3p7rfkdYDGaIGPsZcPImg1LvFrYgLx55oYo0stjt3QgBkDAGMlH/8KsmR
OrHvHdyKonUWk7ug8RpV0pxrYh5D+SR5kjQzn1NoXejTIHdX+CJUJmbxWqJ2hAR5
0xhY1ptj150uGAcTL6N9YGCygxch7TgqZQMAQdy7Q08Ia9svogLnIK8vt4xwIdSs
Kl4p/pwFh+YI0QI8c1Okok/zbBnIaayarGAE8k/9ye5vCevUgTZ1S1tosQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnxieaa0Cqdr65O4vFFPgiS7FHoMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvS2ZHSjVwclFLcDJ2cms3aThVVS1DSkxzVWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YlaMA0G
CSqGSIb3DQEBCwUAA4IBAQBFJCjH31J0zdM3PuaagmruB10ebE4F0tEbHkMgpzB+
yGNTAWwJ2+hCWqElMeyPgJt8h3bkivqHM+0PHTHHPgYlcsHILFQJO44QMactswqr
KKOquZjH7WvcYbsOHOOL62f8FnHGEoeyl86VK4PCKk821GPL7IPUkYyn3MeAolT0
OmyKLElbWnrSSijLVVTURuqyMn8Z9TKk010rj9VaLoa62IkuixRXO7sgHFQQ5hL7
5K4LUvr24Y7HIUvE0I2cKHKkJSFVROGsPMSLftFd8CokShy9ijqA5oCO5qjZunBA
PFbrUgiFoGQUyvBYlhAFnInZWebceOmhBAQWqtgzHZ0Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:29 2025 by rpki-client