Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/kv0SyLAHLht1Hb4hPazWS0alrmk.roa
File: kv0SyLAHLht1Hb4hPazWS0alrmk.roa (raw, json)
Hash identifier: v7TzIfDfWaK+fqSB09BlcbSWwK7zaW7HXdd03CkffZk=
Subject key identifier: 92:FD:12:C8:B0:07:2E:1B:75:1D:BE:21:3D:AC:D6:4B:46:A5:AE:69
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018D87CE872D3C126D99CB72BA202CBBC49B
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/kv0SyLAHLht1Hb4hPazWS0alrmk.roa
Signing time: Thu 08 Feb 2024 08:21:15 +0000
ROA not before: Thu 08 Feb 2024 08:21:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201021
IP address blocks: 46.38.141.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 13:25:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:ce:87:2d:3c:12:6d:99:cb:72:ba:20:2c:bb:c4:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 8 08:21:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92fd12c8b0072e1b751dbe213dacd64b46a5ae69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:13:e0:0d:bf:6a:10:d6:39:1a:cf:fd:73:
dc:ad:dc:5e:cf:4e:90:b7:b9:99:1c:74:1d:32:5a:
91:c2:09:6b:b8:b8:02:fd:d5:18:e6:ba:bf:ae:09:
b7:c2:c2:46:0c:a9:26:72:b6:a2:e3:bf:9f:13:0f:
71:f4:15:64:b4:cb:67:a1:4b:92:a3:83:58:65:92:
5c:96:93:2b:10:85:55:11:74:37:9c:7b:33:8f:03:
3a:5f:a1:92:d9:9a:b9:65:b3:c1:71:c2:db:18:ec:
71:16:b9:f4:b1:f6:8e:69:98:23:df:8c:63:37:62:
3f:55:6e:ea:ee:fd:f0:bd:f1:a3:2d:3e:cc:6e:36:
eb:cb:02:f3:95:b7:21:39:2b:b5:0c:79:90:0e:e5:
c9:3e:d9:2a:81:7c:30:da:6f:2d:89:ec:65:40:7e:
97:61:e3:33:98:5b:da:e4:e6:4c:d1:32:b3:7d:ad:
4c:eb:74:68:45:c6:b1:4f:9e:ee:3f:67:dc:ce:21:
aa:2e:55:43:ab:f5:35:60:1f:9b:5e:c8:11:05:9f:
12:6c:82:c3:c0:22:57:21:e9:f8:0d:6b:30:d5:43:
48:bc:6f:83:4a:39:49:dd:f9:b7:72:d8:f8:fa:45:
87:be:3d:af:22:cb:69:c5:84:78:9f:c3:da:c2:38:
06:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FD:12:C8:B0:07:2E:1B:75:1D:BE:21:3D:AC:D6:4B:46:A5:AE:69
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/kv0SyLAHLht1Hb4hPazWS0alrmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.141.0/24
185.143.74.0/23
212.16.85.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:9b:61:b7:f1:0b:a8:05:a0:be:ef:0e:54:d4:ff:ac:f7:32:
c9:4a:90:d3:c4:ef:df:4d:99:e8:24:62:ea:a5:c7:a4:13:da:
32:3d:4c:89:c5:b6:3a:52:eb:20:21:7b:87:78:9a:55:33:99:
c7:63:08:1f:c0:20:39:17:39:c5:16:15:e8:c0:86:9e:10:a1:
c9:30:c4:69:0c:a1:2b:35:60:0c:bb:ee:e6:b1:10:18:c9:97:
1a:29:11:ea:61:66:21:ba:31:1c:1c:4d:c0:56:3e:38:17:23:
f4:53:bc:82:49:5e:7e:c3:a0:ba:71:fb:84:9a:9d:7a:ff:71:
70:9e:f5:d1:6d:51:ff:9a:44:a1:c9:d4:bb:66:4e:c3:8c:ca:
e7:fd:9c:2a:51:31:57:c8:ca:7c:79:f0:56:19:eb:96:fb:4e:
97:d3:d3:6a:42:df:6e:89:4f:f6:cb:ee:c3:a5:87:af:ad:1b:
d6:fd:89:16:11:61:6f:c2:04:19:d3:18:9a:c7:bb:18:c3:a3:
f5:fc:c6:14:4e:44:72:bd:3b:de:95:0e:13:07:04:ad:e8:df:
85:6f:65:b6:fb:55:df:a5:84:1c:3e:fb:6c:f1:2d:08:db:72:
1f:ce:37:7a:03:60:96:29:0c:7e:ae:84:d5:67:ec:9d:54:af:
24:b4:34:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2HzoctPBJtmctyuiAsu8SbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA4MDgyMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZkMTJjOGIwMDcyZTFiNzUxZGJlMjEzZGFjZDY0YjQ2YTVhZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8gT4A2/ahDWORrP/XPcrdxez06Q
t7mZHHQdMlqRwglruLgC/dUY5rq/rgm3wsJGDKkmcrai47+fEw9x9BVktMtnoUuS
o4NYZZJclpMrEIVVEXQ3nHszjwM6X6GS2Zq5ZbPBccLbGOxxFrn0sfaOaZgj34xj
N2I/VW7q7v3wvfGjLT7MbjbrywLzlbchOSu1DHmQDuXJPtkqgXww2m8tiexlQH6X
YeMzmFva5OZM0TKzfa1M63RoRcaxT57uP2fcziGqLlVDq/U1YB+bXsgRBZ8SbILD
wCJXIen4DWsw1UNIvG+DSjlJ3fm3ctj4+kWHvj2vIstpxYR4n8PawjgGPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJL9EsiwBy4bdR2+IT2s1ktGpa5pMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEva3YwU3lMQUhMaHQxSGI0aFBheldTMGFscm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiaNAwQB
uY9KAwQA1BBVMA0GCSqGSIb3DQEBCwUAA4IBAQC0m2G38QuoBaC+7w5U1P+s9zLJ
SpDTxO/fTZnoJGLqpcekE9oyPUyJxbY6UusgIXuHeJpVM5nHYwgfwCA5FznFFhXo
wIaeEKHJMMRpDKErNWAMu+7msRAYyZcaKRHqYWYhujEcHE3AVj44FyP0U7yCSV5+
w6C6cfuEmp16/3FwnvXRbVH/mkShydS7Zk7DjMrn/ZwqUTFXyMp8efBWGeuW+06X
09NqQt9uiU/2y+7DpYevrRvW/YkWEWFvwgQZ0xiax7sYw6P1/MYUTkRyvTvelQ4T
BwSt6N+Fb2W2+1XfpYQcPvts8S0I23Ifzjd6A2CWKQx+roTVZ+ydVK8ktDSl
-----END CERTIFICATE-----
Generated at Thu Feb 8 16:50:26 2024 by rpki-client on console-ams.rpki-client.org