Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/K2u4WthHDkXdeqAjqYT0YznTCRI.roa
File: K2u4WthHDkXdeqAjqYT0YznTCRI.roa (raw, json)
Hash identifier: i9t63c4aJ1zUYhE+rFuH+ZZLlylBZlZgK4DIfHlDNi0=
Subject key identifier: 2B:6B:B8:5A:D8:47:0E:45:DD:7A:A0:23:A9:84:F4:63:39:D3:09:12
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018C899B7E7992F459077197C7097E45E8AF
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/K2u4WthHDkXdeqAjqYT0YznTCRI.roa
Signing time: Wed 20 Dec 2023 23:41:58 +0000
ROA not before: Wed 20 Dec 2023 23:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.22.144.0/24 maxlen: 24
171.22.147.0/24 maxlen: 24
91.103.120.0/21 maxlen: 24
185.235.71.0/24 maxlen: 24
95.111.128.0/20 maxlen: 20
95.111.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 27 Dec 2023 17:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:89:9b:7e:79:92:f4:59:07:71:97:c7:09:7e:45:e8:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 20 23:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b6bb85ad8470e45dd7aa023a984f46339d30912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ad:b0:52:8c:a8:27:1e:17:87:9b:17:e3:d5:
7d:16:db:b7:b5:ba:0f:3b:84:9c:ef:57:94:ef:4d:
32:45:62:01:70:06:ed:8a:49:1c:38:00:a4:12:c1:
78:86:94:c2:e1:e2:5f:d7:d9:20:a8:1d:05:e2:59:
30:48:ca:0f:6e:b1:86:39:2b:73:39:33:fd:c1:bd:
82:2d:ef:42:b6:dd:4d:76:4f:b4:df:43:f1:a3:ef:
2a:ef:1b:e0:13:e5:bc:54:e4:79:55:a9:e2:bd:34:
21:c6:a9:b7:ac:22:fd:15:57:00:cb:8f:aa:e4:99:
a8:05:0b:f0:44:c4:33:e1:46:14:23:63:5b:20:3c:
0e:02:bd:1f:2b:de:93:f3:8e:f7:c6:51:7f:a9:3b:
98:05:60:bc:37:ba:01:35:42:49:60:62:5b:4c:8f:
6a:ac:8b:1b:27:c1:2c:5c:07:95:94:63:c1:82:da:
3d:cc:9c:fd:43:67:a3:99:eb:b0:d2:99:c1:c8:1e:
95:94:c4:f4:51:29:b1:ca:97:f7:f8:7d:69:2a:ba:
6b:5b:56:bf:d3:ca:69:9f:7e:4a:69:b4:8b:cc:c1:
5a:57:90:2b:45:2e:21:10:e5:19:79:2c:e1:dd:b7:
14:74:90:8e:69:7e:33:db:ca:71:05:2f:c0:a0:d8:
dc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6B:B8:5A:D8:47:0E:45:DD:7A:A0:23:A9:84:F4:63:39:D3:09:12
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/K2u4WthHDkXdeqAjqYT0YznTCRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/19
171.22.144.0/24
171.22.147.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
85:46:f4:90:59:74:bc:65:33:30:5b:3b:b2:1e:b6:d0:be:09:
e8:06:00:c9:ee:20:8a:68:f3:e4:e8:cc:d3:c8:e3:19:8e:f0:
cf:50:cd:e4:35:80:c8:76:85:37:17:12:5f:ff:25:cb:67:d9:
dc:5d:11:cb:ea:1c:06:5c:5e:9c:9c:b2:3a:89:15:9d:61:13:
95:52:8c:b9:47:72:20:07:31:11:42:ec:5e:b2:bd:69:0c:ac:
5e:32:a8:98:bf:45:2b:29:5d:ad:f1:29:c1:f3:e4:c1:16:6a:
fb:13:bd:a0:88:98:7f:6f:86:ae:e3:b1:64:df:03:fd:cd:5b:
a3:a7:22:52:1b:53:78:8b:ba:91:3f:e9:06:9e:1e:a9:42:6a:
4e:f6:b6:c7:f9:4a:49:67:62:d8:52:cd:0a:3b:08:53:9a:65:
88:1d:7a:db:86:67:6a:be:fa:d6:56:9d:96:86:d2:4c:33:7e:
75:77:df:72:92:16:66:93:96:75:79:06:32:c3:6d:7c:22:f7:
41:ca:de:d3:53:00:73:5c:29:b1:ad:57:56:c3:ca:9e:07:b9:
ec:70:b4:80:ea:0c:97:99:2e:c9:eb:51:b0:10:aa:bf:73:d9:
7f:01:0a:18:44:f0:93:ae:a4:63:24:ce:88:f4:14:71:7d:2b:
7b:c6:db:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyJm355kvRZB3GXxwl+ReivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMxMjIwMjM0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZiYjg1YWQ4NDcwZTQ1ZGQ3YWEwMjNhOTg0ZjQ2MzM5ZDMwOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj62wUoyoJx4Xh5sX49V9Ftu3tboP
O4Sc71eU700yRWIBcAbtikkcOACkEsF4hpTC4eJf19kgqB0F4lkwSMoPbrGGOStz
OTP9wb2CLe9Ctt1Ndk+030Pxo+8q7xvgE+W8VOR5VanivTQhxqm3rCL9FVcAy4+q
5JmoBQvwRMQz4UYUI2NbIDwOAr0fK96T8473xlF/qTuYBWC8N7oBNUJJYGJbTI9q
rIsbJ8EsXAeVlGPBgto9zJz9Q2ejmeuw0pnByB6VlMT0USmxypf3+H1pKrprW1a/
08ppn35KabSLzMFaV5ArRS4hEOUZeSzh3bcUdJCOaX4z28pxBS/AoNjcKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCtruFrYRw5F3XqgI6mE9GM50wkSMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvSzJ1NFd0aEhEa1hkZXFBanFZVDBZem5UQ1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDW2d4AwQF
X2+AAwQAqxaQAwQAqxaTAwQAuetHMA0GCSqGSIb3DQEBCwUAA4IBAQCFRvSQWXS8
ZTMwWzuyHrbQvgnoBgDJ7iCKaPPk6MzTyOMZjvDPUM3kNYDIdoU3FxJf/yXLZ9nc
XRHL6hwGXF6cnLI6iRWdYROVUoy5R3IgBzERQuxesr1pDKxeMqiYv0UrKV2t8SnB
8+TBFmr7E72giJh/b4au47Fk3wP9zVujpyJSG1N4i7qRP+kGnh6pQmpO9rbH+UpJ
Z2LYUs0KOwhTmmWIHXrbhmdqvvrWVp2WhtJMM351d99ykhZmk5Z1eQYyw218IvdB
yt7TUwBzXCmxrVdWw8qeB7nscLSA6gyXmS7J61GwEKq/c9l/AQoYRPCTrqRjJM6I
9BRxfSt7xtus
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org