Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/knsBCPRAJiiLv82cnXxGZgvHzRU.roa
File: knsBCPRAJiiLv82cnXxGZgvHzRU.roa (raw, json)
Hash identifier: /iUfBWaTs8fo+xorriymx7SkP3M7AFm4+pTNC3iufa0=
Subject key identifier: 92:7B:01:08:F4:40:26:28:8B:BF:CD:9C:9D:7C:46:66:0B:C7:CD:15
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0187FAC3CF540029A7978D68ABC5A36CCCBA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/knsBCPRAJiiLv82cnXxGZgvHzRU.roa
Signing time: Mon 08 May 2023 09:49:09 +0000
ROA not before: Mon 08 May 2023 09:49:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 37.156.5.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
89.39.125.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Jun 2023 12:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:c3:cf:54:00:29:a7:97:8d:68:ab:c5:a3:6c:cc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 8 09:49:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=927b0108f44026288bbfcd9c9d7c46660bc7cd15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:d5:a6:5f:4b:07:93:31:7c:95:1d:de:a4:
6b:5c:cf:3c:d4:14:46:3c:40:91:06:ea:bb:50:69:
d7:9f:50:1f:53:c9:ef:85:08:a6:c3:95:36:d4:7e:
c3:30:13:6d:1f:f1:81:fd:9b:d4:51:0e:c6:61:30:
72:82:89:5f:71:da:91:57:88:91:83:16:da:58:86:
13:70:98:74:1c:df:8f:33:63:b6:53:3c:1d:0a:ca:
32:d5:1d:da:8d:c1:8b:91:a2:eb:5a:ec:89:14:6b:
8d:15:68:2e:17:b1:43:c4:94:95:47:a5:1d:f2:d9:
1b:f0:b3:67:08:b5:4f:f7:98:c2:b3:94:1e:5e:1f:
dd:e6:ba:93:b6:93:2f:a1:f0:88:ba:6f:de:5f:81:
66:79:c3:0f:91:2c:7c:51:e2:c2:e0:68:74:2a:a6:
0e:d9:2a:db:e5:8c:60:26:f9:7f:60:8f:87:38:5e:
34:17:69:f1:17:75:ee:04:8e:b3:96:14:be:65:7d:
18:94:b1:5b:8b:74:72:71:ef:70:c6:6a:dc:73:68:
8a:cb:0e:13:85:25:44:47:4a:03:3c:0b:57:50:ca:
f8:b0:eb:e7:68:59:a1:8e:e9:41:22:7a:c1:69:34:
dc:0f:94:80:9b:06:56:79:82:a5:4e:0c:0f:29:bf:
c3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7B:01:08:F4:40:26:28:8B:BF:CD:9C:9D:7C:46:66:0B:C7:CD:15
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/knsBCPRAJiiLv82cnXxGZgvHzRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.5.0/24
89.39.125.0/24
89.40.215.0/24
89.46.42.0/24
188.215.31.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ba:2f:fd:a6:02:6f:3d:a1:44:fa:e1:b5:3e:e9:b3:7b:7a:
50:71:56:03:f3:e3:09:fc:37:05:7b:6c:37:0f:47:ea:c1:b5:
d8:48:9e:9f:12:96:f5:b2:8d:00:83:25:24:35:5e:88:bb:1e:
86:4e:c0:6f:73:f2:bb:5a:af:7d:58:8f:5d:37:bf:8d:6e:0c:
d5:80:45:d0:cd:aa:38:8c:bf:9e:5f:e9:a1:b1:f9:8e:7e:44:
7d:85:62:3e:69:2c:b9:8a:a8:2e:39:62:d2:2b:16:25:7f:fb:
f5:d9:b5:88:4f:29:3e:65:52:f0:ab:6e:49:4e:c3:b1:0b:e6:
60:b6:73:2f:ff:d3:d5:30:e4:04:1e:67:92:bd:48:62:18:ed:
b4:84:bb:2e:7f:b1:71:9e:08:80:83:dc:70:5b:77:49:3a:9c:
d1:f8:d4:8d:24:e5:fe:0c:63:b9:78:a4:47:e4:50:dc:6c:9b:
01:af:c9:d6:cf:da:a0:a4:70:b6:94:3c:8b:ed:90:54:5e:80:
f3:b4:83:2b:4e:da:e6:36:95:6d:06:6f:28:41:77:37:f7:24:
c9:a1:a9:d8:6e:ea:87:21:13:40:0c:05:50:7c:13:d9:c6:e9:
d1:cc:3a:f9:c4:67:37:cf:85:61:96:7c:95:25:38:03:a2:ec:
54:55:be:88
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYf6w89UACmnl41oq8WjbMy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNTA4MDk0OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdiMDEwOGY0NDAyNjI4OGJiZmNkOWM5ZDdjNDY2NjBiYzdjZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7TVpl9LB5MxfJUd3qRrXM881BRG
PECRBuq7UGnXn1AfU8nvhQimw5U21H7DMBNtH/GB/ZvUUQ7GYTBygolfcdqRV4iR
gxbaWIYTcJh0HN+PM2O2UzwdCsoy1R3ajcGLkaLrWuyJFGuNFWguF7FDxJSVR6Ud
8tkb8LNnCLVP95jCs5QeXh/d5rqTtpMvofCIum/eX4FmecMPkSx8UeLC4Gh0KqYO
2Srb5YxgJvl/YI+HOF40F2nxF3XuBI6zlhS+ZX0YlLFbi3Ryce9wxmrcc2iKyw4T
hSVER0oDPAtXUMr4sOvnaFmhjulBInrBaTTcD5SAmwZWeYKlTgwPKb/DmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJJ7AQj0QCYoi7/NnJ18RmYLx80VMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEva25zQkNQUkFKaWlMdjgyY25YeEdaZ3ZIelJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJZwFAwQA
WSd9AwQAWSjXAwQAWS4qAwQAvNcfMA0GCSqGSIb3DQEBCwUAA4IBAQA1ui/9pgJv
PaFE+uG1Pumze3pQcVYD8+MJ/DcFe2w3D0fqwbXYSJ6fEpb1so0AgyUkNV6Iux6G
TsBvc/K7Wq99WI9dN7+NbgzVgEXQzao4jL+eX+mhsfmOfkR9hWI+aSy5iqguOWLS
KxYlf/v12bWITyk+ZVLwq25JTsOxC+ZgtnMv/9PVMOQEHmeSvUhiGO20hLsuf7Fx
ngiAg9xwW3dJOpzR+NSNJOX+DGO5eKRH5FDcbJsBr8nWz9qgpHC2lDyL7ZBUXoDz
tIMrTtrmNpVtBm8oQXc39yTJoanYbuqHIRNADAVQfBPZxunRzDr5xGc3z4VhlnyV
JTgDouxUVb6I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org