Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KVVH3RN-PL0dpEg8in69I-bl8NY.roa
File: KVVH3RN-PL0dpEg8in69I-bl8NY.roa (raw, json)
Hash identifier: tCNeA5k3XnAy+1BETNWfCMQsEbz269u2wafKn+fQg5o=
Subject key identifier: 29:55:47:DD:13:7E:3C:BD:1D:A4:48:3C:8A:7E:BD:23:E6:E5:F0:D6
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A8E4A25E097FA083DB6082BB8FB3D149F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KVVH3RN-PL0dpEg8in69I-bl8NY.roa
Signing time: Wed 13 Sep 2023 11:25:38 +0000
ROA not before: Wed 13 Sep 2023 11:25:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 176.126.174.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
93.90.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Sep 2023 15:55:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:4a:25:e0:97:fa:08:3d:b6:08:2b:b8:fb:3d:14:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 13 11:25:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=295547dd137e3cbd1da4483c8a7ebd23e6e5f0d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cc:77:04:d6:43:69:3e:6c:60:0d:98:2a:70:
b7:90:11:8e:f5:e0:e2:a4:a1:7c:2a:32:c2:0c:60:
c0:ee:7b:1c:fb:81:0e:20:8e:58:b9:6c:c2:44:f5:
1b:66:29:e7:e3:26:52:c2:fa:25:2a:e8:24:8c:7f:
98:dc:89:45:cd:d8:10:e6:2c:86:d0:b7:dd:5c:0c:
c7:c7:d4:8f:8b:13:41:35:ac:f8:79:e5:e7:ae:c4:
b0:96:c5:fe:d9:23:5f:70:67:7f:83:f1:b4:ce:89:
c5:61:88:ce:e5:e2:03:6f:7f:0c:92:3c:35:77:7e:
c1:c8:6a:8f:b3:ea:eb:8a:85:27:54:05:49:c1:bb:
63:d5:b0:54:fd:10:23:f8:0b:84:04:18:ea:3a:a7:
2f:b3:22:a8:28:a9:06:2b:7a:ef:a3:39:fb:46:15:
04:22:44:75:80:c0:0e:5e:11:1c:39:e8:9a:a6:b0:
ca:b4:ab:d4:27:7b:31:f2:c8:1a:2f:47:bc:92:b1:
07:8b:be:4c:74:93:2f:89:62:d0:c0:eb:0d:05:d6:
59:c0:42:88:be:fd:0d:5d:ba:42:2d:7f:c4:54:fc:
e1:d1:92:62:ea:f7:13:17:85:da:06:67:68:42:5e:
37:40:5b:f7:0e:92:84:d0:97:b7:4e:05:f8:31:5c:
d5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:55:47:DD:13:7E:3C:BD:1D:A4:48:3C:8A:7E:BD:23:E6:E5:F0:D6
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KVVH3RN-PL0dpEg8in69I-bl8NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
89.47.55.0/24
93.90.75.0/24
176.126.174.0/24
Signature Algorithm: sha256WithRSAEncryption
11:ce:bb:f5:dd:da:e8:e2:3d:67:90:75:cd:eb:11:91:d6:0a:
7d:11:f2:2a:87:22:80:6d:7d:e0:80:4b:c3:3c:6d:43:2b:0b:
d1:ce:da:00:57:e0:c8:dc:a7:58:b6:60:1f:32:bc:cf:d9:b9:
02:90:7a:bd:c3:e9:61:d3:2e:00:90:69:24:0c:f5:44:04:da:
69:4f:7d:58:ce:e2:5f:96:a0:f5:32:f0:17:a5:5f:a5:4e:c6:
94:9f:a0:68:cb:c7:06:17:1f:89:d5:80:2b:c7:95:dd:c7:88:
da:be:3b:0b:a6:2c:12:7f:d3:bb:99:76:28:4e:39:ac:ab:47:
d1:30:e8:97:53:f2:9d:39:da:54:98:ca:ed:4e:a1:4e:af:69:
69:6a:de:ce:3a:ff:bb:4f:f6:4d:33:48:68:8a:fb:a4:14:f1:
6d:9d:6c:d2:e8:68:52:91:1d:3d:eb:40:65:c4:1a:e2:11:b6:
ce:fd:94:54:c8:ac:e4:07:f3:a3:28:b7:ea:f0:d9:e7:cb:39:
c8:ea:df:27:88:82:da:d7:82:9b:43:6e:cb:a6:65:4e:fe:86:
a2:dc:4d:1a:6b:1e:08:66:70:85:3f:1e:59:b6:8b:12:9d:83:
27:4a:f3:39:e7:91:b4:24:cb:2f:54:f7:2f:8e:8b:fc:4c:99:
bb:a8:59:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqOSiXgl/oIPbYIK7j7PRSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTEzMTEyNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU1NDdkZDEzN2UzY2JkMWRhNDQ4M2M4YTdlYmQyM2U2ZTVmMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusx3BNZDaT5sYA2YKnC3kBGO9eDi
pKF8KjLCDGDA7nsc+4EOII5YuWzCRPUbZinn4yZSwvolKugkjH+Y3IlFzdgQ5iyG
0LfdXAzHx9SPixNBNaz4eeXnrsSwlsX+2SNfcGd/g/G0zonFYYjO5eIDb38Mkjw1
d37ByGqPs+rrioUnVAVJwbtj1bBU/RAj+AuEBBjqOqcvsyKoKKkGK3rvozn7RhUE
IkR1gMAOXhEcOeiaprDKtKvUJ3sx8sgaL0e8krEHi75MdJMviWLQwOsNBdZZwEKI
vv0NXbpCLX/EVPzh0ZJi6vcTF4XaBmdoQl43QFv3DpKE0Je3TgX4MVzVlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFClVR90Tfjy9HaRIPIp+vSPm5fDWMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvS1ZWSDNSTi1QTDBkcEVnOGluNjlJLWJsOE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPsCYAwQA
WS83AwQAXVpLAwQAsH6uMA0GCSqGSIb3DQEBCwUAA4IBAQARzrv13dro4j1nkHXN
6xGR1gp9EfIqhyKAbX3ggEvDPG1DKwvRztoAV+DI3KdYtmAfMrzP2bkCkHq9w+lh
0y4AkGkkDPVEBNppT31YzuJflqD1MvAXpV+lTsaUn6Boy8cGFx+J1YArx5Xdx4ja
vjsLpiwSf9O7mXYoTjmsq0fRMOiXU/KdOdpUmMrtTqFOr2lpat7OOv+7T/ZNM0ho
ivukFPFtnWzS6GhSkR0960BlxBriEbbO/ZRUyKzkB/OjKLfq8NnnyznI6t8niILa
14KbQ27LpmVO/oai3E0aax4IZnCFPx5ZtosSnYMnSvM555G0JMsvVPcvjov8TJm7
qFlL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org