Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KVDdxwZo4nENIvL3zHIDSYPijUQ.roa
File: KVDdxwZo4nENIvL3zHIDSYPijUQ.roa (raw, json)
Hash identifier: 4O80MLidi1l7BwCRySBnfT0Ok0b+cg2VtGrjD9mqx/Y=
Subject key identifier: 29:50:DD:C7:06:68:E2:71:0D:22:F2:F7:CC:72:03:49:83:E2:8D:44
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01887C14683230A467A72E3857044A240866
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KVDdxwZo4nENIvL3zHIDSYPijUQ.roa
Signing time: Fri 02 Jun 2023 12:28:12 +0000
ROA not before: Fri 02 Jun 2023 12:28:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 81.21.8.0/24 maxlen: 24
81.21.9.0/24 maxlen: 24
81.21.10.0/24 maxlen: 24
81.21.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Jun 2023 12:28:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:14:68:32:30:a4:67:a7:2e:38:57:04:4a:24:08:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jun 2 12:28:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2950ddc70668e2710d22f2f7cc72034983e28d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cf:38:38:ca:eb:14:71:f1:bc:0e:b9:23:35:
13:d4:fe:f8:74:f7:8c:04:f5:84:0b:b2:10:19:f9:
e6:c7:fb:81:1a:9f:42:dc:7b:e6:28:34:fb:21:f8:
98:97:f2:73:69:5e:f7:eb:01:c5:34:3e:e1:03:fe:
6a:cd:34:8f:14:d0:77:0e:f6:6c:a3:37:78:08:f3:
90:55:ec:cd:ec:e8:92:9b:10:3e:71:89:3c:30:1b:
d1:5a:4c:a5:47:4b:bc:49:13:1f:ad:17:b8:09:6d:
65:6e:50:24:3e:78:0b:b9:ee:95:e4:da:4c:c0:10:
ae:a9:e0:7e:26:4e:76:fa:f0:1f:c7:dc:31:3d:b1:
c1:66:2c:4c:ba:24:28:7d:8f:24:e8:2e:f4:71:fc:
aa:46:0b:67:67:93:d4:3b:b5:dc:d0:1a:8a:2b:0a:
48:21:95:86:69:46:c4:7a:ef:6d:68:e4:11:71:a9:
69:ce:cd:06:11:c6:9b:03:50:72:6b:cb:99:59:15:
6a:7c:b2:c7:99:c6:49:cf:3d:a2:f9:e7:e1:62:b6:
b9:f7:db:ee:d6:99:5d:47:4c:57:fb:0c:a8:47:fd:
97:48:1b:ae:49:7e:4a:67:de:ca:09:2f:12:d0:66:
8c:cf:43:3d:2f:cf:41:09:49:04:e4:9d:9d:4c:09:
5c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:50:DD:C7:06:68:E2:71:0D:22:F2:F7:CC:72:03:49:83:E2:8D:44
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KVDdxwZo4nENIvL3zHIDSYPijUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.8.0/22
Signature Algorithm: sha256WithRSAEncryption
22:ff:92:b2:bc:37:8f:21:8b:06:5c:ab:f6:51:6d:b8:72:f1:
34:a0:dc:7b:00:5c:8f:c7:7d:b3:73:e6:bd:9e:f2:11:5e:e0:
a4:c9:47:ae:81:7f:00:c7:b7:21:98:7b:6b:f4:08:cc:8a:e6:
be:40:05:52:46:ba:fd:61:8c:15:9e:33:41:7a:39:e9:9a:df:
90:c8:c9:2c:cb:3d:a2:62:de:a4:7e:06:1d:20:6f:3c:49:38:
90:1c:ed:7f:f3:31:cd:8d:ed:92:2d:79:33:34:07:99:43:f4:
34:f1:ae:e7:cf:58:98:cc:6e:4e:10:85:c4:ce:f1:c4:dd:f7:
5e:58:53:12:19:a9:72:88:ce:d2:15:7a:64:54:41:2a:ea:dc:
d1:81:fb:c0:8a:07:58:bc:1c:e0:b8:b3:10:49:ce:51:29:93:
c1:43:52:74:1a:77:91:85:b7:9c:f3:5c:0c:b5:7c:5b:82:3c:
87:90:59:ac:1b:f1:ed:9f:47:2a:46:dc:bb:cb:28:a0:40:8d:
6b:56:70:34:f1:a6:9a:a3:eb:be:e6:31:35:44:4b:3f:11:8f:
e1:62:7a:45:26:ae:96:b3:ff:47:2b:18:d6:48:80:b6:0e:c4:
a9:fc:fa:0f:08:ae:3a:ec:4e:a0:c6:9d:3b:9a:64:62:db:00:
f1:b2:85:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh8FGgyMKRnpy44VwRKJAhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNjAyMTIyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTUwZGRjNzA2NjhlMjcxMGQyMmYyZjdjYzcyMDM0OTgzZTI4ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys84OMrrFHHxvA65IzUT1P74dPeM
BPWEC7IQGfnmx/uBGp9C3HvmKDT7IfiYl/JzaV736wHFND7hA/5qzTSPFNB3DvZs
ozd4CPOQVezN7OiSmxA+cYk8MBvRWkylR0u8SRMfrRe4CW1lblAkPngLue6V5NpM
wBCuqeB+Jk52+vAfx9wxPbHBZixMuiQofY8k6C70cfyqRgtnZ5PUO7Xc0BqKKwpI
IZWGaUbEeu9taOQRcalpzs0GEcabA1Bya8uZWRVqfLLHmcZJzz2i+efhYra599vu
1pldR0xX+wyoR/2XSBuuSX5KZ97KCS8S0GaMz0M9L89BCUkE5J2dTAlc1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClQ3ccGaOJxDSLy98xyA0mD4o1EMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvS1ZEZHh3Wm80bkVOSXZMM3pISURTWVBpalVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCURUIMA0G
CSqGSIb3DQEBCwUAA4IBAQAi/5KyvDePIYsGXKv2UW24cvE0oNx7AFyPx32zc+a9
nvIRXuCkyUeugX8Ax7chmHtr9AjMiua+QAVSRrr9YYwVnjNBejnpmt+QyMksyz2i
Yt6kfgYdIG88STiQHO1/8zHNje2SLXkzNAeZQ/Q08a7nz1iYzG5OEIXEzvHE3fde
WFMSGalyiM7SFXpkVEEq6tzRgfvAigdYvBzguLMQSc5RKZPBQ1J0GneRhbec81wM
tXxbgjyHkFmsG/Htn0cqRty7yyigQI1rVnA08aaao+u+5jE1REs/EY/hYnpFJq6W
s/9HKxjWSIC2DsSp/PoPCK467E6gxp07mmRi2wDxsoU3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org