Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/6f2886-2ff7-40b0-9673-75b684f890b4/1/KruGtkwlngWI56NUAUODuIshwDc.roa
File: KruGtkwlngWI56NUAUODuIshwDc.roa (raw, json)
Hash identifier: XgpCr3LT0Kd228wpuGUGIgYe8RN/jzmwk/imcX9+OTo=
Subject key identifier: 2A:BB:86:B6:4C:25:9E:05:88:E7:A3:54:01:43:83:B8:8B:21:C0:37
Certificate issuer: /CN=e9accfd21abd7fe3fa0d6bb31df4820bfb5a4188
Certificate serial: 0187B32B71BBFC511FB09F7FCA2E4222F185
Authority key identifier: E9:AC:CF:D2:1A:BD:7F:E3:FA:0D:6B:B3:1D:F4:82:0B:FB:5A:41:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6azP0hq9f-P6DWuzHfSCC_taQYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/6f2886-2ff7-40b0-9673-75b684f890b4/1/KruGtkwlngWI56NUAUODuIshwDc.roa
Signing time: Mon 24 Apr 2023 12:09:41 +0000
ROA not before: Mon 24 Apr 2023 12:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21232
IP address blocks: 194.147.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:2b:71:bb:fc:51:1f:b0:9f:7f:ca:2e:42:22:f1:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9accfd21abd7fe3fa0d6bb31df4820bfb5a4188
Validity
Not Before: Apr 24 12:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2abb86b64c259e0588e7a354014383b88b21c037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:17:be:c5:72:1c:89:36:e1:07:1c:3a:5a:06:
a7:ba:1e:11:78:a7:7a:8f:cd:95:7d:db:d4:0c:b4:
44:10:31:4f:36:0a:c5:ba:9b:39:44:ac:92:5f:ee:
5f:cf:7b:bd:0b:8c:bf:6c:2d:e4:6e:ee:f7:b1:6d:
56:63:fd:fb:46:71:24:c5:59:c5:a8:4c:16:26:e4:
82:2b:b9:6d:d4:02:98:6e:74:52:66:cc:d6:df:72:
ea:82:cb:46:99:73:52:5e:ff:4b:e9:f7:22:23:f5:
c6:1a:66:d0:93:1b:4d:15:26:67:1e:b9:ce:9c:b1:
98:05:28:6e:69:1c:d2:6a:29:3f:8d:9f:a8:51:0e:
a5:35:41:3c:c6:2f:31:8e:44:11:d4:18:0b:97:de:
05:07:d8:aa:67:f2:ef:89:31:25:01:14:1c:85:7f:
8e:d8:f3:c0:55:53:44:03:4d:77:57:9c:49:6d:77:
e8:58:cb:d3:af:30:4c:2b:47:8d:7e:96:10:07:f5:
d8:ae:c9:c7:3a:86:d4:01:85:d3:bd:b3:8c:2f:74:
d7:fa:18:d5:8e:bc:db:d3:cc:1a:49:cd:c1:b2:63:
97:a7:bf:36:db:1e:45:fb:bf:35:f1:81:72:7a:47:
dd:cb:fd:1e:1e:88:74:8e:2a:e2:b3:17:dd:7e:ff:
54:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BB:86:B6:4C:25:9E:05:88:E7:A3:54:01:43:83:B8:8B:21:C0:37
X509v3 Authority Key Identifier:
keyid:E9:AC:CF:D2:1A:BD:7F:E3:FA:0D:6B:B3:1D:F4:82:0B:FB:5A:41:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6azP0hq9f-P6DWuzHfSCC_taQYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6f2886-2ff7-40b0-9673-75b684f890b4/1/KruGtkwlngWI56NUAUODuIshwDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6f2886-2ff7-40b0-9673-75b684f890b4/1/6azP0hq9f-P6DWuzHfSCC_taQYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.113.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d9:19:99:ba:56:33:66:6a:1d:da:ae:cb:d4:ad:93:4e:73:
79:0d:bf:a3:9b:03:b6:a9:ab:6c:54:e2:d7:98:71:26:16:92:
4b:e2:24:24:5d:71:f4:1e:8a:3f:62:72:a3:f9:20:10:54:aa:
95:d1:33:b8:6d:1b:49:d5:50:13:6d:b1:41:23:69:d0:8e:eb:
d0:98:f4:f6:d5:f3:8f:c6:bb:7b:93:ad:17:93:21:33:42:95:
03:4f:fd:1c:53:03:4e:20:fb:6c:d2:aa:50:01:e2:b6:9c:d9:
a8:f0:65:3a:a6:87:85:ab:60:50:00:00:e8:7b:f9:35:81:4c:
2d:d6:8d:a9:18:18:ef:ee:d4:49:3f:a8:00:75:d8:1b:b4:33:
ea:1f:cc:eb:c1:92:cb:58:64:c3:a1:47:45:e6:6b:04:4d:80:
c1:ce:d8:3c:db:03:8d:78:af:54:92:04:bc:2a:da:95:91:3a:
50:39:ec:a6:bf:52:ad:74:d0:2c:72:f3:19:bc:a4:a7:e3:42:
9e:80:b1:11:56:06:19:90:46:45:5e:8f:ad:40:66:30:b0:3b:
64:30:46:6b:5b:e4:77:de:bb:c2:e8:fe:83:6f:46:9e:52:2c:
75:e6:c4:2f:7c:4e:a8:b1:a3:13:46:7a:d1:6a:f1:09:8f:6e:
37:fb:20:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYezK3G7/FEfsJ9/yi5CIvGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWNjZmQyMWFiZDdmZTNmYTBkNmJiMzFkZjQ4MjBiZmI1
YTQxODgwHhcNMjMwNDI0MTIwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJiODZiNjRjMjU5ZTA1ODhlN2EzNTQwMTQzODNiODhiMjFjMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohe+xXIciTbhBxw6Wganuh4ReKd6
j82VfdvUDLREEDFPNgrFups5RKySX+5fz3u9C4y/bC3kbu73sW1WY/37RnEkxVnF
qEwWJuSCK7lt1AKYbnRSZszW33LqgstGmXNSXv9L6fciI/XGGmbQkxtNFSZnHrnO
nLGYBShuaRzSaik/jZ+oUQ6lNUE8xi8xjkQR1BgLl94FB9iqZ/LviTElARQchX+O
2PPAVVNEA013V5xJbXfoWMvTrzBMK0eNfpYQB/XYrsnHOobUAYXTvbOML3TX+hjV
jrzb08waSc3BsmOXp7822x5F+7818YFyekfdy/0eHoh0jirisxfdfv9UmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq7hrZMJZ4FiOejVAFDg7iLIcA3MB8GA1UdIwQY
MBaAFOmsz9IavX/j+g1rsx30ggv7WkGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmF6UDBocTlmLVA2RFd1ekhmU0NDX3RhUVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC82ZjI4ODYtMmZmNy00MGIwLTk2NzMt
NzViNjg0Zjg5MGI0LzEvS3J1R3Rrd2xuZ1dJNTZOVUFVT0R1SXNod0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC82ZjI4ODYtMmZmNy00MGIwLTk2NzMtNzViNjg0Zjg5MGI0
LzEvNmF6UDBocTlmLVA2RFd1ekhmU0NDX3RhUVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpNxMA0G
CSqGSIb3DQEBCwUAA4IBAQCK2RmZulYzZmod2q7L1K2TTnN5Db+jmwO2qatsVOLX
mHEmFpJL4iQkXXH0Hoo/YnKj+SAQVKqV0TO4bRtJ1VATbbFBI2nQjuvQmPT21fOP
xrt7k60XkyEzQpUDT/0cUwNOIPts0qpQAeK2nNmo8GU6poeFq2BQAADoe/k1gUwt
1o2pGBjv7tRJP6gAddgbtDPqH8zrwZLLWGTDoUdF5msETYDBztg82wONeK9UkgS8
KtqVkTpQOeymv1KtdNAscvMZvKSn40KegLERVgYZkEZFXo+tQGYwsDtkMEZrW+R3
3rvC6P6Db0aeUix15sQvfE6osaMTRnrRavEJj243+yCd
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:53 2024 by rpki-client on console-fra.rpki-client.org