Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/kWUiRK-xG6jC7kNqq4_0apGlUY4.roa
File: kWUiRK-xG6jC7kNqq4_0apGlUY4.roa (raw, json)
Hash identifier: 6cWs3f6wbCREq3epVFnuQ6Mc82MeIB3lN8gnMWTht7k=
Subject key identifier: 91:65:22:44:AF:B1:1B:A8:C2:EE:43:6A:AB:8F:F4:6A:91:A5:51:8E
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018CAC4872850B4CB4BD7834D8496D5CE248
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/kWUiRK-xG6jC7kNqq4_0apGlUY4.roa
Signing time: Wed 27 Dec 2023 17:17:58 +0000
ROA not before: Wed 27 Dec 2023 17:17:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.22.144.0/24 maxlen: 24
91.103.120.0/21 maxlen: 24
185.235.71.0/24 maxlen: 24
95.111.128.0/20 maxlen: 20
95.111.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ac:48:72:85:0b:4c:b4:bd:78:34:d8:49:6d:5c:e2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 27 17:17:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91652244afb11ba8c2ee436aab8ff46a91a5518e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:70:5a:3a:6a:6a:74:13:b5:ff:41:e2:97:5b:
df:49:9e:57:de:9b:e5:ef:7f:64:2d:7e:87:89:4f:
e9:87:e5:00:50:9a:23:e2:a1:b9:a6:b9:64:02:f2:
7c:69:63:5f:a4:12:d4:76:1f:e6:8f:1b:f0:41:b3:
75:e3:8f:9b:49:b6:a8:f2:9c:76:6c:f2:0c:94:92:
15:c5:b2:70:fc:f4:7c:f7:dd:42:5b:da:0f:1d:e6:
18:fa:9d:63:c1:31:11:87:44:02:4d:35:2a:7c:06:
54:2b:c7:e0:bd:75:47:41:84:b2:c9:d6:90:58:9c:
37:a9:11:2c:b8:35:d6:6f:f4:1b:74:f3:a9:56:29:
2a:e5:0d:2c:00:32:6b:b2:ed:77:1b:b7:c8:ab:09:
c0:ca:be:d8:bf:0d:d9:15:ba:4e:4b:75:45:98:ba:
93:02:32:95:88:47:27:aa:35:86:79:6e:84:17:81:
c3:73:ac:ae:7e:97:a9:04:04:03:70:8b:d5:17:73:
83:57:c3:a5:a7:6f:b7:9e:f9:59:d7:5e:d2:fc:57:
7f:85:9c:58:b3:17:d7:54:50:0f:39:88:a2:3b:ae:
86:3c:0e:92:7c:5b:d6:34:59:c6:98:d9:75:1d:59:
d6:07:94:5a:b8:06:8d:e8:40:76:1a:cb:a8:8e:17:
bf:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:65:22:44:AF:B1:1B:A8:C2:EE:43:6A:AB:8F:F4:6A:91:A5:51:8E
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/kWUiRK-xG6jC7kNqq4_0apGlUY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/19
171.22.144.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
48:fc:bc:da:45:ba:e4:ec:a9:49:52:10:04:c9:76:1f:36:6f:
bb:69:c1:17:3f:67:b6:07:48:5d:66:05:98:a0:61:e3:bd:25:
31:77:52:27:f2:f3:c1:84:e1:b7:a7:88:3c:a2:d4:b8:76:6f:
68:5b:bc:5d:c0:5b:02:78:e9:09:62:f4:dd:6b:e2:1f:b9:f0:
89:59:13:7a:7f:79:4c:b6:56:d7:6d:55:c7:e0:ba:8b:00:5a:
a1:f4:28:73:ec:91:9d:fe:0a:bd:ce:c5:c9:b6:77:87:2e:68:
92:3e:65:bd:ff:d5:0f:2a:d1:a5:7e:98:2f:9f:f5:8f:2a:2f:
20:4a:25:ed:cd:9a:9e:0b:47:45:89:dc:24:aa:6c:c8:42:1e:
59:51:9f:2b:16:f0:3a:6e:d3:19:0d:83:3a:8f:3a:6b:94:81:
e3:f1:3f:e7:c7:3d:4f:d3:31:4d:d6:49:9d:a9:30:6e:ab:32:
23:82:ab:e1:cd:e4:2d:02:f6:30:b7:b6:81:cb:d4:c5:25:86:
59:07:74:d5:c2:95:a6:ae:61:03:f5:6f:82:5c:2b:7a:a7:f5:
30:17:4d:f7:48:d3:0f:e6:f0:88:c7:45:c1:cf:5c:79:64:87:
50:90:d0:81:ec:0e:f3:5b:69:41:e2:3f:a1:49:8c:6a:55:f4:
21:4e:90:a5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYysSHKFC0y0vXg02EltXOJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMxMjI3MTcxNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY1MjI0NGFmYjExYmE4YzJlZTQzNmFhYjhmZjQ2YTkxYTU1MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXBaOmpqdBO1/0Hil1vfSZ5X3pvl
739kLX6HiU/ph+UAUJoj4qG5prlkAvJ8aWNfpBLUdh/mjxvwQbN144+bSbao8px2
bPIMlJIVxbJw/PR8991CW9oPHeYY+p1jwTERh0QCTTUqfAZUK8fgvXVHQYSyydaQ
WJw3qREsuDXWb/QbdPOpVikq5Q0sADJrsu13G7fIqwnAyr7Yvw3ZFbpOS3VFmLqT
AjKViEcnqjWGeW6EF4HDc6yufpepBAQDcIvVF3ODV8Olp2+3nvlZ117S/Fd/hZxY
sxfXVFAPOYiiO66GPA6SfFvWNFnGmNl1HVnWB5RauAaN6EB2Gsuojhe/IwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJFlIkSvsRuowu5DaquP9GqRpVGOMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEva1dVaVJLLXhHNmpDN2tOcXE0XzBhcEdsVVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW2d4AwQF
X2+AAwQAqxaQAwQAuetHMA0GCSqGSIb3DQEBCwUAA4IBAQBI/LzaRbrk7KlJUhAE
yXYfNm+7acEXP2e2B0hdZgWYoGHjvSUxd1In8vPBhOG3p4g8otS4dm9oW7xdwFsC
eOkJYvTda+IfufCJWRN6f3lMtlbXbVXH4LqLAFqh9Chz7JGd/gq9zsXJtneHLmiS
PmW9/9UPKtGlfpgvn/WPKi8gSiXtzZqeC0dFidwkqmzIQh5ZUZ8rFvA6btMZDYM6
jzprlIHj8T/nxz1P0zFN1kmdqTBuqzIjgqvhzeQtAvYwt7aBy9TFJYZZB3TVwpWm
rmED9W+CXCt6p/UwF033SNMP5vCIx0XBz1x5ZIdQkNCB7A7zW2lB4j+hSYxqVfQh
TpCl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org