Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/KfIGUX9a6YJIxGbkl2-XbZl0vRw.roa
File: KfIGUX9a6YJIxGbkl2-XbZl0vRw.roa (raw, json)
Hash identifier: 1AvAsjjyN1o24wnTywHiqMd2ageXtIzQXcMr99ZIEm0=
Subject key identifier: 29:F2:06:51:7F:5A:E9:82:48:C4:66:E4:97:6F:97:6D:99:74:BD:1C
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018E1A45BAA1BCC7CE1F937DCD3F02CFBF28
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/KfIGUX9a6YJIxGbkl2-XbZl0vRw.roa
Signing time: Thu 07 Mar 2024 18:56:01 +0000
ROA not before: Thu 07 Mar 2024 18:56:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 185.143.72.0/24 maxlen: 24
212.80.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Apr 2024 15:56:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:45:ba:a1:bc:c7:ce:1f:93:7d:cd:3f:02:cf:bf:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Mar 7 18:56:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29f206517f5ae98248c466e4976f976d9974bd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:84:ed:a0:e0:7b:94:d3:ca:c3:d3:1e:f9:
bf:a9:50:7b:43:7a:11:f4:49:7f:c9:aa:f2:82:e6:
77:ed:14:94:6f:8c:d6:92:34:03:32:bb:d9:7d:30:
ab:fa:1f:82:81:af:3c:88:1a:00:a1:5a:70:e7:48:
1b:36:b8:8e:0b:35:2f:d4:83:ee:7a:1e:5a:d3:7a:
1d:8f:b8:63:cc:92:59:77:31:dd:45:6d:50:42:d7:
e5:98:e9:af:27:91:b6:ea:e3:45:27:69:db:eb:d1:
bf:ef:81:fe:85:a8:a3:a9:90:a6:4d:9e:e8:8b:bf:
6d:42:a0:aa:d5:c5:c8:aa:4e:d3:b9:1a:a5:c5:bb:
ed:5e:72:a2:fd:45:d3:72:32:84:74:ef:9b:aa:8b:
1c:57:e8:a3:87:23:17:66:b0:ba:c4:29:36:fc:4c:
22:0e:47:04:b0:f6:06:05:92:02:c5:00:4b:ee:71:
b8:39:a9:63:96:56:93:e9:08:8d:1a:34:5a:b0:a7:
9f:48:ba:6f:97:8a:b0:32:6d:7c:3a:b0:0d:f2:c4:
5b:90:6e:5f:d4:f1:f1:1c:0a:f0:13:ef:f8:41:e2:
b1:10:a2:97:fe:e0:d7:d1:5c:34:c2:4d:7a:f0:38:
2a:2c:ae:0d:44:25:42:95:22:7b:a9:c2:1f:51:2b:
65:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F2:06:51:7F:5A:E9:82:48:C4:66:E4:97:6F:97:6D:99:74:BD:1C
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/KfIGUX9a6YJIxGbkl2-XbZl0vRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.72.0/24
212.80.0.0/24
Signature Algorithm: sha256WithRSAEncryption
37:aa:40:58:e3:59:c1:c7:47:da:71:a5:a0:e6:48:be:ac:fb:
51:d3:5e:f7:3a:5b:08:62:f7:c7:74:09:2e:79:22:e4:e2:0a:
ed:20:ed:15:66:cf:e3:4d:64:c1:5b:1b:3b:b4:c3:75:7a:44:
f3:b0:01:c7:dc:dc:35:18:a7:28:a2:4c:d3:31:03:40:23:8c:
ed:ee:21:c2:88:0a:61:46:97:f8:ab:7d:eb:df:93:0f:fc:0a:
48:a7:54:c7:3d:3d:a7:1d:b8:9e:c3:b5:85:dc:48:c0:c7:d5:
83:c3:09:1a:d6:ff:af:53:8c:ba:26:9e:3f:77:07:9f:ce:c4:
47:fe:6a:8b:58:98:55:de:77:79:b9:25:be:ae:85:fc:db:33:
90:13:60:b4:91:6b:7e:ce:ba:60:1d:05:ee:26:b4:f6:a6:b6:
45:d7:45:58:3c:6d:ea:5a:cf:ea:6f:77:d9:c3:27:08:83:d7:
a5:00:77:36:26:90:3b:21:8a:36:4e:a6:28:0f:ea:ce:2b:a7:
98:6b:5c:eb:14:40:ee:36:64:5a:6c:58:a7:06:34:b6:b9:17:
da:d5:91:d8:7a:46:1a:3e:54:76:4d:0a:3b:bd:3e:11:38:ff:
9a:7e:c4:74:c1:9d:cc:d6:d5:ec:1b:d4:4d:3f:bc:2f:f2:0d:
81:f6:10:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4aRbqhvMfOH5N9zT8Cz78oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMzA3MTg1NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYyMDY1MTdmNWFlOTgyNDhjNDY2ZTQ5NzZmOTc2ZDk5NzRiZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgCE7aDge5TTysPTHvm/qVB7Q3oR
9El/yaryguZ37RSUb4zWkjQDMrvZfTCr+h+Cga88iBoAoVpw50gbNriOCzUv1IPu
eh5a03odj7hjzJJZdzHdRW1QQtflmOmvJ5G26uNFJ2nb69G/74H+haijqZCmTZ7o
i79tQqCq1cXIqk7TuRqlxbvtXnKi/UXTcjKEdO+bqoscV+ijhyMXZrC6xCk2/Ewi
DkcEsPYGBZICxQBL7nG4OaljllaT6QiNGjRasKefSLpvl4qwMm18OrAN8sRbkG5f
1PHxHArwE+/4QeKxEKKX/uDX0Vw0wk168DgqLK4NRCVClSJ7qcIfUStlMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnyBlF/WumCSMRm5Jdvl22ZdL0cMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvS2ZJR1VYOWE2WUpJeEdia2wyLVhiWmwwdlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuY9IAwQA
1FAAMA0GCSqGSIb3DQEBCwUAA4IBAQA3qkBY41nBx0facaWg5ki+rPtR0173OlsI
YvfHdAkueSLk4grtIO0VZs/jTWTBWxs7tMN1ekTzsAHH3Nw1GKcookzTMQNAI4zt
7iHCiAphRpf4q33r35MP/ApIp1THPT2nHbiew7WF3EjAx9WDwwka1v+vU4y6Jp4/
dwefzsRH/mqLWJhV3nd5uSW+roX82zOQE2C0kWt+zrpgHQXuJrT2prZF10VYPG3q
Ws/qb3fZwycIg9elAHc2JpA7IYo2TqYoD+rOK6eYa1zrFEDuNmRabFinBjS2uRfa
1ZHYekYaPlR2TQo7vT4ROP+afsR0wZ3M1tXsG9RNP7wv8g2B9hB/
-----END CERTIFICATE-----
Generated at Sat Apr 20 18:00:35 2024 by rpki-client on console-fra.rpki-client.org