Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/KtSRqnbflHF-bjR0U62k9O0nWlc.roa
File: KtSRqnbflHF-bjR0U62k9O0nWlc.roa (raw, json)
Hash identifier: XodDHV7TQPlY6BL2dnYiiktxnvL5yMXPtG1OYfGBdik=
Subject key identifier: 2A:D4:91:AA:76:DF:94:71:7E:6E:34:74:53:AD:A4:F4:ED:27:5A:57
Certificate issuer: /CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Certificate serial: 0188E82A65770E7D8FA4BFB910357E65DB6A
Authority key identifier: 79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/KtSRqnbflHF-bjR0U62k9O0nWlc.roa
Signing time: Fri 23 Jun 2023 12:11:12 +0000
ROA not before: Fri 23 Jun 2023 12:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15623
IP address blocks: 185.157.0.0/23 maxlen: 23
185.157.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:2a:65:77:0e:7d:8f:a4:bf:b9:10:35:7e:65:db:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Validity
Not Before: Jun 23 12:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ad491aa76df94717e6e347453ada4f4ed275a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:e3:3c:89:49:b5:0e:f5:c2:5f:73:63:c9:
67:a0:2e:12:35:3e:ad:a1:40:a5:25:08:c3:25:9e:
ae:03:99:87:c4:03:4b:c0:ea:20:71:c1:6b:c8:e2:
7b:e7:62:71:47:aa:7b:36:91:01:bd:ad:96:94:38:
4f:9a:ef:af:fe:5d:79:10:fb:e1:55:8c:6d:a4:45:
ef:a4:0b:4b:97:cd:90:88:d0:5c:e3:76:7d:65:b9:
2b:1a:e8:6c:a2:00:0c:e8:a9:a1:99:e9:e9:a5:25:
6d:d6:fa:dd:1b:a7:cd:33:cd:07:98:72:bc:29:34:
3b:e1:17:fd:e7:b8:b4:d8:c7:30:a8:2d:15:0a:23:
14:a1:7c:f2:81:95:d5:cd:a3:b4:96:61:e0:cb:91:
ba:1d:f8:ee:a6:97:cf:27:3a:02:91:03:6f:d0:48:
c1:20:10:32:ad:d2:b0:15:90:18:0a:83:10:5a:d5:
e9:09:1e:99:be:81:f1:55:ab:63:33:e0:a7:71:21:
7b:1b:8a:ab:46:3d:8c:e3:c0:01:44:53:25:44:aa:
a2:49:64:1f:13:79:db:3d:03:33:bd:c8:47:66:96:
c4:db:8e:63:2f:0f:f7:71:17:e8:7e:d8:24:be:56:
67:9e:54:0e:eb:48:b0:2e:b0:01:f8:f2:ed:42:76:
79:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D4:91:AA:76:DF:94:71:7E:6E:34:74:53:AD:A4:F4:ED:27:5A:57
X509v3 Authority Key Identifier:
keyid:79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/KtSRqnbflHF-bjR0U62k9O0nWlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/ebt3Saveb12k6xxu0cV2gWF4RrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.0.0-185.157.2.255
Signature Algorithm: sha256WithRSAEncryption
5d:4a:3b:b1:23:57:bc:63:55:a4:bf:4e:ef:32:34:95:96:20:
7f:23:90:52:5d:9f:03:c7:84:96:1e:3b:18:7e:ec:5e:00:00:
2c:99:24:d1:0b:44:f4:2e:25:18:8b:e6:7b:e5:c3:8d:25:c6:
9e:40:58:5e:6c:03:70:f1:d5:a6:52:af:ed:d5:6d:c3:ed:5d:
5c:c6:93:82:8f:da:94:ed:99:71:af:a1:e9:cb:94:14:78:a7:
62:aa:6b:2b:f3:76:a7:46:12:28:85:49:dd:45:62:5b:e3:2a:
26:b5:07:a5:e3:86:f4:cb:3f:07:ef:e1:2c:77:0b:d8:16:84:
00:f5:86:fe:43:ad:10:78:a7:c1:3f:22:76:21:63:aa:76:31:
21:8f:75:38:37:6e:17:ff:db:77:d6:98:cc:34:3a:a6:6b:ad:
90:de:8a:1d:5d:2e:c7:a7:93:7f:90:cb:5f:3e:d1:fc:12:c5:
aa:b5:5d:5b:4c:dc:0d:0c:60:01:e1:a5:3b:1c:22:af:66:aa:
99:83:84:c6:31:eb:4e:75:ad:c2:81:7e:5c:70:27:20:6c:5d:
b2:d5:bd:6a:89:2b:dd:05:6d:59:a1:22:bc:84:7d:82:9c:e2:
00:61:65:00:4f:8b:77:45:69:34:54:11:4b:0b:95:2b:f3:52:
d6:27:9d:7f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYjoKmV3Dn2PpL+5EDV+ZdtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YmI3NzQ5YWJkZTZmNWRhNGViMWM2ZWQxYzU3NjgxNjE3
ODQ2YjAwHhcNMjMwNjIzMTIxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQ0OTFhYTc2ZGY5NDcxN2U2ZTM0NzQ1M2FkYTRmNGVkMjc1YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2DjPIlJtQ71wl9zY8lnoC4SNT6t
oUClJQjDJZ6uA5mHxANLwOogccFryOJ752JxR6p7NpEBva2WlDhPmu+v/l15EPvh
VYxtpEXvpAtLl82QiNBc43Z9ZbkrGuhsogAM6KmhmenppSVt1vrdG6fNM80HmHK8
KTQ74Rf957i02McwqC0VCiMUoXzygZXVzaO0lmHgy5G6HfjuppfPJzoCkQNv0EjB
IBAyrdKwFZAYCoMQWtXpCR6ZvoHxVatjM+CncSF7G4qrRj2M48ABRFMlRKqiSWQf
E3nbPQMzvchHZpbE245jLw/3cRfoftgkvlZnnlQO60iwLrAB+PLtQnZ5AQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFCrUkap235Rxfm40dFOtpPTtJ1pXMB8GA1UdIwQY
MBaAFHm7d0mr3m9dpOscbtHFdoFheEawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEt
NDgyNWUxOGQ3MzAxLzEvS3RTUnFuYmZsSEYtYmpSMFU2Mms5TzBuV2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEtNDgyNWUxOGQ3MzAx
LzEvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwC5nQME
ALmdAjANBgkqhkiG9w0BAQsFAAOCAQEAXUo7sSNXvGNVpL9O7zI0lZYgfyOQUl2f
A8eElh47GH7sXgAALJkk0QtE9C4lGIvme+XDjSXGnkBYXmwDcPHVplKv7dVtw+1d
XMaTgo/alO2Zca+h6cuUFHinYqprK/N2p0YSKIVJ3UViW+MqJrUHpeOG9Ms/B+/h
LHcL2BaEAPWG/kOtEHinwT8idiFjqnYxIY91ODduF//bd9aYzDQ6pmutkN6KHV0u
x6eTf5DLXz7R/BLFqrVdW0zcDQxgAeGlOxwir2aqmYOExjHrTnWtwoF+XHAnIGxd
stW9aokr3QVtWaEivIR9gpziAGFlAE+Ld0VpNFQRSwuVK/NS1iedfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:05 2024 by rpki-client on console-fra.rpki-client.org