Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/knzxDFa8xrqCn8uqKAVGYCiYIow.roa
File: knzxDFa8xrqCn8uqKAVGYCiYIow.roa (raw, json)
Hash identifier: JYlYhW0yUtDtE2g9o4BmAi4JlG1qf1ItEZGXzyC9xxQ=
Subject key identifier: 92:7C:F1:0C:56:BC:C6:BA:82:9F:CB:AA:28:05:46:60:28:98:22:8C
Certificate issuer: /CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Certificate serial: 018C8BB054AA3C111BF2164A782DF3309CF8
Authority key identifier: 8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/knzxDFa8xrqCn8uqKAVGYCiYIow.roa
Signing time: Thu 21 Dec 2023 09:23:58 +0000
ROA not before: Thu 21 Dec 2023 09:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28859
IP address blocks: 212.94.32.0/20 maxlen: 20
212.94.56.0/21 maxlen: 21
2a02:368::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:b0:54:aa:3c:11:1b:f2:16:4a:78:2d:f3:30:9c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Validity
Not Before: Dec 21 09:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=927cf10c56bcc6ba829fcbaa280546602898228c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:18:7d:58:65:08:7e:4c:4d:6b:2a:37:19:a4:
d9:62:e7:18:aa:a5:65:0c:8e:b4:ca:d1:c7:6e:6a:
c7:5f:7e:a0:23:de:02:20:22:88:ce:01:f8:23:89:
2f:f8:34:2e:34:f1:13:65:41:03:c8:ba:35:27:4d:
76:80:f2:31:69:3e:06:19:2b:9b:87:d7:54:42:79:
aa:d9:12:bc:35:5a:e0:f6:68:0d:1c:47:3e:58:54:
cb:af:c7:f4:7a:df:ce:df:83:21:b6:3a:95:0b:1f:
f7:98:63:ce:b5:e8:1c:74:0d:23:05:a2:27:d3:57:
15:23:da:95:5f:ef:2b:33:a6:38:2a:67:f2:71:0a:
fc:10:62:59:5d:c9:39:a3:67:0d:14:e2:02:1d:77:
c3:f3:45:cd:51:6a:ef:ea:e2:ed:22:52:8b:68:69:
c3:6f:52:dc:6a:33:c4:3d:30:a3:a0:73:79:87:61:
e0:3f:d1:51:29:45:68:bc:e2:0d:70:ab:4f:f9:1a:
8b:b7:e3:82:d1:9b:c0:24:fa:9e:aa:d6:74:48:2c:
3e:8c:9d:f5:8f:c6:11:35:df:b4:85:ab:d7:75:c8:
9e:1c:cb:3b:55:e8:7a:4d:f4:1d:b2:b1:92:40:56:
f4:91:25:f0:2a:a5:92:03:30:8e:a4:62:9b:e0:64:
fa:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7C:F1:0C:56:BC:C6:BA:82:9F:CB:AA:28:05:46:60:28:98:22:8C
X509v3 Authority Key Identifier:
keyid:8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/knzxDFa8xrqCn8uqKAVGYCiYIow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/i9rBinrVAbp-oTVnkJ8X5PcydBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.94.32.0/20
212.94.56.0/21
IPv6:
2a02:368::/32
Signature Algorithm: sha256WithRSAEncryption
4c:17:a2:bb:82:61:39:0e:7f:21:21:84:72:40:61:cf:a4:55:
f8:1a:fc:78:0c:6b:1d:33:d8:dc:63:0e:0d:91:4f:93:e9:56:
1c:99:99:43:7f:41:0c:e0:7d:27:b1:76:41:fd:40:6c:7e:9f:
ae:1f:5c:2b:3b:49:33:89:38:0a:c1:9e:aa:be:8a:4e:dd:ce:
cd:61:52:52:df:1e:59:b5:d1:9c:ac:46:b1:f2:d6:7d:c5:1c:
e0:59:ca:c2:ce:8f:9e:57:14:6c:3e:1f:b9:f3:d8:ec:3d:ff:
e1:89:ec:09:b8:ee:55:16:77:90:ab:c1:9b:cf:50:00:09:c9:
eb:9f:88:2a:da:89:a8:cf:36:a3:1b:35:b3:50:33:42:58:ad:
d3:70:39:f6:87:35:c0:cd:6b:c5:3a:d2:9f:51:c4:53:c7:69:
ef:b5:c6:30:7b:99:4d:95:99:02:05:f7:62:85:b3:c8:e8:57:
56:96:b5:00:59:80:11:ab:53:20:90:82:27:6e:42:b9:bf:15:
ad:42:80:c9:ca:ec:bb:e3:39:b7:8a:21:a8:54:a2:f1:b6:0f:
80:66:c8:a7:59:df:26:c1:92:58:76:8c:16:5e:b9:85:56:86:
2c:7d:d6:19:fb:12:20:d2:1f:90:15:10:74:3a:4c:1d:64:cc:
fb:5e:93:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYyLsFSqPBEb8hZKeC3zMJz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGFjMThhN2FkNTAxYmE3ZWExMzU2NzkwOWYxN2U0Zjcz
Mjc0MTMwHhcNMjMxMjIxMDkyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdjZjEwYzU2YmNjNmJhODI5ZmNiYWEyODA1NDY2MDI4OTgyMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxh9WGUIfkxNayo3GaTZYucYqqVl
DI60ytHHbmrHX36gI94CICKIzgH4I4kv+DQuNPETZUEDyLo1J012gPIxaT4GGSub
h9dUQnmq2RK8NVrg9mgNHEc+WFTLr8f0et/O34MhtjqVCx/3mGPOtegcdA0jBaIn
01cVI9qVX+8rM6Y4KmfycQr8EGJZXck5o2cNFOICHXfD80XNUWrv6uLtIlKLaGnD
b1LcajPEPTCjoHN5h2HgP9FRKUVovOINcKtP+RqLt+OC0ZvAJPqeqtZ0SCw+jJ31
j8YRNd+0havXdcieHMs7Veh6TfQdsrGSQFb0kSXwKqWSAzCOpGKb4GT6JQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJJ88QxWvMa6gp/LqigFRmAomCKMMB8GA1UdIwQY
MBaAFIvawYp61QG6fqE1Z5CfF+T3MnQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzkt
YzNjYzVkZTFlY2U5LzEva256eERGYTh4cnFDbjh1cUtBVkdZQ2lZSW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzktYzNjYzVkZTFlY2U5
LzEvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQE1F4gAwQD
1F44MA0EAgACMAcDBQAqAgNoMA0GCSqGSIb3DQEBCwUAA4IBAQBMF6K7gmE5Dn8h
IYRyQGHPpFX4Gvx4DGsdM9jcYw4NkU+T6VYcmZlDf0EM4H0nsXZB/UBsfp+uH1wr
O0kziTgKwZ6qvopO3c7NYVJS3x5ZtdGcrEax8tZ9xRzgWcrCzo+eVxRsPh+589js
Pf/hiewJuO5VFneQq8Gbz1AACcnrn4gq2omozzajGzWzUDNCWK3TcDn2hzXAzWvF
OtKfUcRTx2nvtcYwe5lNlZkCBfdihbPI6FdWlrUAWYARq1MgkIInbkK5vxWtQoDJ
yuy74zm3iiGoVKLxtg+AZsinWd8mwZJYdowWXrmFVoYsfdYZ+xIg0h+QFRB0Okwd
ZMz7XpO0
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:11 2024 by rpki-client on console-fra.rpki-client.org