Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/KCldVy5fji35msOQrlK9rgZkf04.roa
File: KCldVy5fji35msOQrlK9rgZkf04.roa (raw, json)
Hash identifier: at5Rz4Fq1lTfvaW1Aui+vQNVIWI+MDDk86QQ7UDVkIo=
Subject key identifier: 28:29:5D:57:2E:5F:8E:2D:F9:9A:C3:90:AE:52:BD:AE:06:64:7F:4E
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 018ACD867B59047566EB99A8587DE9075205
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/KCldVy5fji35msOQrlK9rgZkf04.roa
Signing time: Mon 25 Sep 2023 18:07:37 +0000
ROA not before: Mon 25 Sep 2023 18:07:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133499
IP address blocks: 94.139.40.0/21 maxlen: 32
185.101.68.0/22 maxlen: 32
121.91.176.0/20 maxlen: 32
119.13.224.0/20 maxlen: 32
212.70.4.0/22 maxlen: 32
212.70.0.0/23 maxlen: 32
212.70.16.0/20 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:86:7b:59:04:75:66:eb:99:a8:58:7d:e9:07:52:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Sep 25 18:07:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28295d572e5f8e2df99ac390ae52bdae06647f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:31:96:99:0f:f5:e9:fb:4c:1d:21:1d:e0:
8d:9a:16:97:66:c7:f4:39:5b:3e:f3:c6:d5:25:d4:
ea:dd:7e:9d:fb:5b:f9:b8:72:fd:a7:6b:57:7a:b1:
b9:59:7a:05:bd:ab:f7:66:07:48:81:13:16:5a:60:
2b:8e:4e:5e:3b:78:3e:dc:83:b9:17:31:f3:f3:cf:
85:d8:93:82:47:ff:bb:f8:4f:4a:13:49:c5:29:1e:
6c:71:35:79:65:62:b4:53:35:2c:86:f3:b9:6e:30:
9f:e9:67:7d:61:58:f0:8d:be:31:fc:3a:20:96:b0:
a8:9d:10:c3:29:00:0c:1a:22:24:b0:86:11:23:f4:
27:9c:0f:d3:64:d8:2d:1f:a7:5d:04:0b:16:eb:d9:
2b:bf:16:60:97:4c:0b:d5:35:a4:5d:f6:06:c4:ea:
2b:f9:ae:ad:08:b7:51:dc:e0:87:33:e2:d3:07:27:
fd:a8:dd:3d:b5:40:75:79:7e:d4:cc:8e:c9:52:a9:
4c:66:b9:24:3c:b0:a8:be:04:dd:13:c9:68:4c:b7:
cd:5c:b5:21:18:49:d9:4b:97:55:f3:03:a4:b0:cc:
cc:33:cd:b8:dc:97:a1:6f:1f:3f:52:15:e3:db:9c:
41:46:29:53:88:e0:de:e2:4d:eb:ab:4b:2d:43:e0:
a7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:29:5D:57:2E:5F:8E:2D:F9:9A:C3:90:AE:52:BD:AE:06:64:7F:4E
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/KCldVy5fji35msOQrlK9rgZkf04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.40.0/21
119.13.224.0/20
121.91.176.0/20
185.101.68.0/22
212.70.0.0/23
212.70.4.0/22
212.70.16.0/20
Signature Algorithm: sha256WithRSAEncryption
68:21:89:22:f1:28:3d:c7:ee:52:db:ea:76:2c:dc:3d:b4:6d:
a5:de:c7:c9:83:bf:91:e0:23:d1:67:c0:b9:93:26:9e:ef:e0:
18:5d:56:51:a0:f2:20:ab:40:51:c7:c9:f3:c4:6d:87:dd:18:
07:af:91:b2:17:50:78:5f:6d:5d:f2:11:f3:d1:36:ca:a8:60:
27:e7:09:33:e8:fc:28:42:d8:7f:c2:59:2f:eb:ce:59:2a:d0:
ca:ef:8b:4a:a0:13:33:cc:35:49:5d:55:fa:a6:0b:28:68:f8:
70:22:52:c8:b7:89:6b:2b:81:8a:19:e5:74:6d:6f:14:6a:3d:
7c:41:06:86:3f:dd:0d:8a:99:6c:48:87:9d:05:1e:0b:1a:81:
d5:30:d0:b8:80:5c:52:a7:b1:92:f1:08:e0:ab:dc:19:70:7a:
81:15:7d:87:d3:d6:67:c4:e0:a6:50:36:a0:ca:b5:ae:7d:75:
4a:c6:ac:9b:aa:50:e4:cf:d7:c9:c7:a9:87:9e:a2:2c:60:98:
e2:40:9c:78:f5:cd:3d:e6:34:05:72:46:77:58:77:41:5f:14:
11:f4:8c:cb:0c:5a:a7:15:8a:10:f6:d1:e2:c9:80:11:99:88:
19:2f:d6:68:2f:4d:56:73:59:a1:07:85:da:54:4b:2b:20:49:
6b:ae:b3:7b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrNhntZBHVm65moWH3pB1IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwOTI1MTgwNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI5NWQ1NzJlNWY4ZTJkZjk5YWMzOTBhZTUyYmRhZTA2NjQ3ZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLExlpkP9en7TB0hHeCNmhaXZsf0
OVs+88bVJdTq3X6d+1v5uHL9p2tXerG5WXoFvav3ZgdIgRMWWmArjk5eO3g+3IO5
FzHz88+F2JOCR/+7+E9KE0nFKR5scTV5ZWK0UzUshvO5bjCf6Wd9YVjwjb4x/Dog
lrConRDDKQAMGiIksIYRI/QnnA/TZNgtH6ddBAsW69krvxZgl0wL1TWkXfYGxOor
+a6tCLdR3OCHM+LTByf9qN09tUB1eX7UzI7JUqlMZrkkPLCovgTdE8loTLfNXLUh
GEnZS5dV8wOksMzMM8243Jehbx8/UhXj25xBRilTiODe4k3rq0stQ+CnKwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCgpXVcuX44t+ZrDkK5Sva4GZH9OMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvS0NsZFZ5NWZqaTM1bXNPUXJsSzlyZ1prZjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDXosoAwQE
dw3gAwQEeVuwAwQCuWVEAwQB1EYAAwQC1EYEAwQE1EYQMA0GCSqGSIb3DQEBCwUA
A4IBAQBoIYki8Sg9x+5S2+p2LNw9tG2l3sfJg7+R4CPRZ8C5kyae7+AYXVZRoPIg
q0BRx8nzxG2H3RgHr5GyF1B4X21d8hHz0TbKqGAn5wkz6PwoQth/wlkv685ZKtDK
74tKoBMzzDVJXVX6pgsoaPhwIlLIt4lrK4GKGeV0bW8Uaj18QQaGP90NiplsSIed
BR4LGoHVMNC4gFxSp7GS8Qjgq9wZcHqBFX2H09ZnxOCmUDagyrWufXVKxqybqlDk
z9fJx6mHnqIsYJjiQJx49c095jQFckZ3WHdBXxQR9IzLDFqnFYoQ9tHiyYARmYgZ
L9ZoL01Wc1mhB4XaVEsrIElrrrN7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:45 2024 by rpki-client on console-ams.rpki-client.org