Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KSUscirbaZydNegOnkephqXNGwE.roa
File: KSUscirbaZydNegOnkephqXNGwE.roa (raw, json)
Hash identifier: PKrcwH8vruCDVRZNbskPadLhI1Rrk8C6eOW7ojgfRsA=
Subject key identifier: 29:25:2C:72:2A:DB:69:9C:9D:35:E8:0E:9E:47:A9:86:A5:CD:1B:01
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AD6DDAF7A7C9EA55CA7006B5472C47480
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KSUscirbaZydNegOnkephqXNGwE.roa
Signing time: Wed 27 Sep 2023 13:39:27 +0000
ROA not before: Wed 27 Sep 2023 13:39:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 94.198.171.0/24 maxlen: 24
93.90.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 08:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:dd:af:7a:7c:9e:a5:5c:a7:00:6b:54:72:c4:74:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 27 13:39:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29252c722adb699c9d35e80e9e47a986a5cd1b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d1:52:b9:fe:95:d2:54:5d:a2:d1:cc:89:f0:
0f:f6:f2:3d:7d:6b:02:97:c0:37:84:9b:e6:5a:0c:
c3:a8:02:a7:41:be:7b:c1:5a:dc:a3:76:22:56:18:
51:71:76:32:f3:3c:73:50:ac:04:e7:cf:7a:42:c2:
e0:4d:ff:22:cb:d4:cc:74:cd:87:54:cc:2c:8e:47:
2a:4f:d9:73:ff:01:c8:13:44:0e:42:3f:3d:a9:f0:
a2:2d:7b:3b:f2:9b:bf:20:89:3a:c7:03:cb:c5:61:
7b:c5:33:da:dd:a2:63:d0:5a:6f:5c:ec:54:c6:da:
4e:74:97:ea:a1:b3:fc:2e:f2:0a:ed:d5:84:f8:c1:
6b:2e:70:ea:f8:d6:46:d0:54:2c:90:d5:fc:6a:29:
a7:3b:92:77:f2:57:d0:57:03:63:a7:04:5b:ea:1f:
dc:86:c6:47:80:35:d0:3b:6d:59:c8:6d:35:ad:0c:
77:9c:51:17:74:9a:bc:b5:c0:62:ab:ae:ad:02:53:
b1:f0:8c:43:58:5b:1b:38:3b:1d:b9:e3:f1:f2:4f:
6a:2d:76:74:fe:64:bd:1f:66:2c:a3:96:69:5c:f8:
69:5e:c3:be:7c:82:d6:08:7f:0c:52:a8:2f:b7:92:
48:f7:45:39:86:7f:fa:99:c2:d0:04:48:bb:d9:90:
06:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:25:2C:72:2A:DB:69:9C:9D:35:E8:0E:9E:47:A9:86:A5:CD:1B:01
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KSUscirbaZydNegOnkephqXNGwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.74.0/24
94.198.171.0/24
Signature Algorithm: sha256WithRSAEncryption
34:5b:db:96:d9:72:29:ae:db:a0:a7:89:c9:0f:c8:42:2c:92:
c6:4b:46:a3:cc:25:b4:f6:8c:4c:55:b4:7f:d4:53:2f:08:61:
06:2b:b2:3a:4e:d9:8c:06:94:fe:bd:ca:14:b7:45:04:64:ca:
eb:59:6b:37:67:d3:29:82:97:20:08:23:af:2b:49:d4:77:b2:
a6:2a:7c:f5:6c:39:f4:87:df:9f:58:8f:3b:be:da:d2:1b:3e:
35:4a:0a:fd:ab:ad:25:ac:1d:3c:a8:06:2f:11:c8:61:40:3e:
45:84:ab:20:45:17:d8:63:93:17:27:94:7e:21:99:56:bf:3a:
f3:6f:84:6f:62:53:0c:1a:27:b0:86:55:b5:b9:1e:56:9e:51:
18:44:c3:e4:0c:62:bc:fd:1c:2d:5f:a2:80:c8:c2:38:6c:4a:
58:25:01:78:8d:d4:ee:b1:48:92:14:6c:9f:2f:28:8a:3e:11:
17:f8:c0:79:4a:32:38:57:04:67:3f:68:31:cd:0c:52:9f:47:
9e:ac:1c:62:cc:69:3e:40:c8:71:92:ef:ff:0f:a6:6a:9e:0e:
ff:c2:fe:f2:c4:9d:14:0f:14:d1:ee:17:b1:a1:1c:f6:ce:89:
6b:5b:68:d7:d1:c6:9d:2d:6c:05:fa:a9:bd:9c:d6:50:03:d0:
e2:7f:a2:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrW3a96fJ6lXKcAa1RyxHSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTI3MTMzOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTI1MmM3MjJhZGI2OTljOWQzNWU4MGU5ZTQ3YTk4NmE1Y2QxYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntFSuf6V0lRdotHMifAP9vI9fWsC
l8A3hJvmWgzDqAKnQb57wVrco3YiVhhRcXYy8zxzUKwE5896QsLgTf8iy9TMdM2H
VMwsjkcqT9lz/wHIE0QOQj89qfCiLXs78pu/IIk6xwPLxWF7xTPa3aJj0FpvXOxU
xtpOdJfqobP8LvIK7dWE+MFrLnDq+NZG0FQskNX8aimnO5J38lfQVwNjpwRb6h/c
hsZHgDXQO21ZyG01rQx3nFEXdJq8tcBiq66tAlOx8IxDWFsbODsduePx8k9qLXZ0
/mS9H2Yso5ZpXPhpXsO+fILWCH8MUqgvt5JI90U5hn/6mcLQBEi72ZAGUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCklLHIq22mcnTXoDp5HqYalzRsBMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvS1NVc2NpcmJhWnlkTmVnT25rZXBocVhOR3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXVpKAwQA
XsarMA0GCSqGSIb3DQEBCwUAA4IBAQA0W9uW2XIprtugp4nJD8hCLJLGS0ajzCW0
9oxMVbR/1FMvCGEGK7I6TtmMBpT+vcoUt0UEZMrrWWs3Z9MpgpcgCCOvK0nUd7Km
Knz1bDn0h9+fWI87vtrSGz41Sgr9q60lrB08qAYvEchhQD5FhKsgRRfYY5MXJ5R+
IZlWvzrzb4RvYlMMGiewhlW1uR5WnlEYRMPkDGK8/RwtX6KAyMI4bEpYJQF4jdTu
sUiSFGyfLyiKPhEX+MB5SjI4VwRnP2gxzQxSn0eerBxizGk+QMhxku//D6Zqng7/
wv7yxJ0UDxTR7hexoRz2zolrW2jX0cadLWwF+qm9nNZQA9Dif6Jt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org