Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/KkvBhfyD_Q-Swc7UzHkmET78DDY.roa
File: KkvBhfyD_Q-Swc7UzHkmET78DDY.roa (raw, json)
Hash identifier: 4rFa/axNb+IB+X0UE4kIktisf2Jawg8IfutUhi1WVzM=
Subject key identifier: 2A:4B:C1:85:FC:83:FD:0F:92:C1:CE:D4:CC:79:26:11:3E:FC:0C:36
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 01856E26645DE71F5A848CB49ACB95309A69
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/KkvBhfyD_Q-Swc7UzHkmET78DDY.roa
Signing time: Sun 01 Jan 2023 16:24:47 +0000
ROA not before: Sun 01 Jan 2023 16:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47694
IP address blocks: 176.124.0.0/19 maxlen: 19
178.217.160.0/21 maxlen: 21
91.211.16.0/22 maxlen: 22
91.211.19.0/24 maxlen: 24
81.163.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 23 May 2023 07:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:64:5d:e7:1f:5a:84:8c:b4:9a:cb:95:30:9a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 16:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a4bc185fc83fd0f92c1ced4cc7926113efc0c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c0:ab:1e:bc:b2:f0:af:93:68:85:27:f6:46:
4a:74:6c:f1:45:f2:d6:6c:6c:15:62:5b:9e:75:29:
0c:60:58:f3:33:52:32:5b:ef:b3:f2:95:c1:0d:2b:
67:1e:f8:47:e4:62:27:f0:ca:fa:d4:3b:31:51:9f:
d4:5b:6c:9f:11:6f:4b:b5:cd:e5:76:df:f8:c3:05:
88:4a:e9:10:0d:95:5a:c6:de:77:de:39:64:96:ba:
e4:6d:d8:d3:32:91:16:e1:a8:99:cc:cc:95:41:fe:
6e:57:8b:31:ce:4b:73:7d:9a:0f:a4:af:1f:9e:fe:
40:d9:93:4c:c9:ab:c8:5a:53:09:b3:89:22:55:e7:
11:50:81:26:ed:9a:34:2c:3a:93:26:83:ab:19:88:
bc:2f:18:cf:7e:56:7b:f1:4a:6f:20:b3:9f:8d:91:
98:6e:30:d6:8c:13:ac:85:7b:7a:45:0a:43:c0:2f:
07:3b:62:61:8c:4a:42:9e:3f:a4:ec:ce:d6:70:9c:
03:07:7e:22:9c:7d:07:cf:00:6a:60:f1:80:b5:df:
9e:88:7d:e6:92:5a:de:cf:88:dd:d2:8e:1d:b1:b0:
ec:a5:87:34:75:2e:e9:30:78:2e:5f:75:ce:c0:4f:
10:50:93:a4:b7:d3:de:d0:a8:67:45:bf:e7:c1:73:
67:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4B:C1:85:FC:83:FD:0F:92:C1:CE:D4:CC:79:26:11:3E:FC:0C:36
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/KkvBhfyD_Q-Swc7UzHkmET78DDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.128.0/19
91.211.16.0/22
176.124.0.0/19
178.217.160.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:a6:96:6e:da:14:10:8b:0f:9d:21:ab:78:ee:1f:9c:f4:23:
7e:bf:8e:28:f2:70:d3:f9:f3:91:52:b1:ae:d9:86:8b:2e:49:
e1:24:ec:a1:43:55:0c:d8:e2:6d:a4:0a:c5:40:aa:8a:b5:2e:
7c:88:01:aa:aa:ec:33:f6:8e:ef:53:d2:ca:56:ad:a0:1c:c9:
b2:e7:d1:ce:8e:0d:85:cd:41:de:8c:04:3e:f3:e1:ec:21:82:
42:c4:c1:a0:65:53:11:c2:c1:3f:4b:76:7b:81:f0:b1:01:93:
87:21:32:1f:56:b7:a2:d7:9e:c2:8d:04:17:74:20:0b:50:17:
7d:47:5a:d0:d0:61:a6:83:6e:00:b8:19:82:e6:81:e7:8c:e2:
11:46:f6:0a:1b:7e:a9:16:dc:44:9b:f3:ae:9f:7b:3c:75:e7:
a9:4d:2b:53:49:0b:04:dc:43:55:de:da:78:cc:62:c9:0b:66:
00:aa:c5:f0:7f:6c:52:dc:76:30:30:ed:92:5d:a6:0f:93:9f:
eb:5b:8c:56:b3:1d:cb:62:84:c0:d0:67:b7:22:65:bb:49:5a:
70:89:53:9f:d3:e4:13:f2:1d:96:d4:92:97:60:e3:f3:27:84:
b1:ca:c0:fe:07:9d:d3:c6:c8:0d:94:78:c0:20:87:7c:b6:95:
87:82:8a:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuJmRd5x9ahIy0msuVMJppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMwMTAxMTYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRiYzE4NWZjODNmZDBmOTJjMWNlZDRjYzc5MjYxMTNlZmMwYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcCrHryy8K+TaIUn9kZKdGzxRfLW
bGwVYluedSkMYFjzM1IyW++z8pXBDStnHvhH5GIn8Mr61DsxUZ/UW2yfEW9Ltc3l
dt/4wwWISukQDZVaxt533jlklrrkbdjTMpEW4aiZzMyVQf5uV4sxzktzfZoPpK8f
nv5A2ZNMyavIWlMJs4kiVecRUIEm7Zo0LDqTJoOrGYi8LxjPflZ78UpvILOfjZGY
bjDWjBOshXt6RQpDwC8HO2JhjEpCnj+k7M7WcJwDB34inH0HzwBqYPGAtd+eiH3m
klrez4jd0o4dsbDspYc0dS7pMHguX3XOwE8QUJOkt9Pe0KhnRb/nwXNn/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCpLwYX8g/0PksHO1Mx5JhE+/Aw2MB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvS2t2QmhmeURfUS1Td2M3VXpIa21FVDc4RERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUaOAAwQC
W9MQAwQFsHwAAwQDstmgMA0GCSqGSIb3DQEBCwUAA4IBAQAuppZu2hQQiw+dIat4
7h+c9CN+v44o8nDT+fORUrGu2YaLLknhJOyhQ1UM2OJtpArFQKqKtS58iAGqquwz
9o7vU9LKVq2gHMmy59HOjg2FzUHejAQ+8+HsIYJCxMGgZVMRwsE/S3Z7gfCxAZOH
ITIfVrei157CjQQXdCALUBd9R1rQ0GGmg24AuBmC5oHnjOIRRvYKG36pFtxEm/Ou
n3s8deepTStTSQsE3ENV3tp4zGLJC2YAqsXwf2xS3HYwMO2SXaYPk5/rW4xWsx3L
YoTA0Ge3ImW7SVpwiVOf0+QT8h2W1JKXYOPzJ4SxysD+B53TxsgNlHjAIId8tpWH
gopP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:29 2024 by rpki-client on console-fra.rpki-client.org