Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/kRXqOJe3bxcgjSssZxhqB7SMkO4.roa
File: kRXqOJe3bxcgjSssZxhqB7SMkO4.roa (raw, json)
Hash identifier: OceEFG6n0Knp7E+AjS26EFYXHlUgUHBkp/PnrmYNSxM=
Subject key identifier: 91:15:EA:38:97:B7:6F:17:20:8D:2B:2C:67:18:6A:07:B4:8C:90:EE
Certificate issuer: /CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Certificate serial: 018C860F6939CE8F82953A335C8D0CE5CDFC
Authority key identifier: D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/kRXqOJe3bxcgjSssZxhqB7SMkO4.roa
Signing time: Wed 20 Dec 2023 07:10:06 +0000
ROA not before: Wed 20 Dec 2023 07:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49724
IP address blocks: 91.215.220.0/24 maxlen: 24
91.215.220.0/22 maxlen: 22
91.215.222.0/23 maxlen: 23
91.215.221.0/24 maxlen: 24
188.0.160.0/20 maxlen: 20
188.0.162.0/24 maxlen: 24
188.0.160.0/19 maxlen: 19
188.0.169.0/24 maxlen: 24
188.0.166.0/23 maxlen: 23
188.0.175.0/24 maxlen: 24
188.0.176.0/21 maxlen: 21
188.0.178.0/24 maxlen: 24
188.0.183.0/24 maxlen: 24
188.0.180.0/24 maxlen: 24
188.0.186.0/24 maxlen: 24
188.0.184.0/22 maxlen: 22
188.0.189.0/24 maxlen: 24
188.0.190.0/23 maxlen: 23
188.0.188.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:0f:69:39:ce:8f:82:95:3a:33:5c:8d:0c:e5:cd:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Validity
Not Before: Dec 20 07:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9115ea3897b76f17208d2b2c67186a07b48c90ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0b:19:b6:3e:0d:0d:39:96:24:3a:c8:38:2e:
4f:24:c0:77:fc:c9:69:1c:23:6d:19:12:5e:ee:e1:
f0:24:13:ea:69:67:8f:99:8d:b2:78:d3:31:52:af:
ab:05:80:2e:3a:74:f7:ac:41:97:32:4b:6d:0a:8b:
55:cf:f1:ab:07:ab:9b:76:2d:b1:d9:53:9a:a6:90:
b8:25:fc:ee:6c:53:b2:f5:a8:f1:52:7a:66:e7:c9:
38:04:69:7c:93:d6:55:42:45:de:ea:2c:95:7f:f8:
32:28:9c:92:e1:46:ef:ac:43:ee:21:97:9c:03:22:
c5:bd:04:68:90:0a:35:7d:93:df:26:40:75:27:ea:
01:8a:a6:ac:3e:e1:a5:fe:79:8d:9b:26:05:66:d8:
cc:19:93:a7:cd:c6:80:68:a8:47:2f:66:67:58:29:
16:77:20:40:e6:90:dd:2d:f6:a7:09:44:66:58:fc:
dc:af:d1:3a:d5:80:e4:3a:1d:61:73:c4:c5:57:82:
9c:d9:32:43:1c:33:d2:f6:75:88:c2:9c:e9:d6:59:
89:15:c3:ab:4f:af:5f:f9:ef:f2:90:ca:ac:5f:07:
f2:61:51:04:6f:6b:53:96:3a:5b:57:0b:f0:1e:48:
3e:14:ea:20:0f:a0:d2:c7:e2:6a:2a:73:8a:57:32:
e4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:15:EA:38:97:B7:6F:17:20:8D:2B:2C:67:18:6A:07:B4:8C:90:EE
X509v3 Authority Key Identifier:
keyid:D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/kRXqOJe3bxcgjSssZxhqB7SMkO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.220.0/22
188.0.160.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:ef:4e:37:37:2d:4d:1f:ce:17:6b:c5:9e:13:8e:6c:0d:24:
27:cf:b8:14:36:d5:58:00:bc:f9:8e:fd:7a:f0:3d:0a:e0:04:
ca:aa:f0:0a:b3:77:eb:36:b1:a5:66:d3:ab:5b:6d:18:7e:04:
bc:eb:7b:6c:ad:61:ba:6c:5b:23:97:d4:5d:d1:28:ad:04:46:
76:6b:b7:2e:3d:4b:8c:88:90:e5:a0:dd:c5:a1:7d:fe:b6:03:
55:0a:c5:d8:ae:71:e3:2f:71:3e:76:51:a4:2d:c5:9d:e8:4d:
98:9e:bf:74:a2:42:9d:b2:d4:00:d7:99:b0:d7:c2:bb:29:d9:
2c:50:53:b4:dc:17:bf:e0:77:f3:4c:00:78:a9:46:be:30:42:
9a:41:ae:ba:f1:d4:21:ab:e4:76:15:5e:3a:1d:57:13:d7:23:
54:ec:0a:61:82:4a:ba:a4:af:bd:ab:bc:9b:52:fa:d7:bc:13:
3b:ea:e2:fe:8b:2a:9e:45:c6:85:db:c1:69:1f:b1:7f:f6:87:
24:02:52:2e:b8:66:db:c0:bb:bd:9f:25:20:95:82:eb:ec:6f:
64:13:00:36:a9:c5:fb:66:05:d2:9c:fc:43:62:2d:05:02:77:
fa:7d:db:20:13:c7:89:cc:0a:60:a5:e5:51:54:bb:75:42:65:
56:7d:1e:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyGD2k5zo+ClTozXI0M5c38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZDM4ZjQ1OTcwNTFiNmMwZGRmMWJiODY2YWU0ZTk0NzAz
ZTE1NWUwHhcNMjMxMjIwMDcxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE1ZWEzODk3Yjc2ZjE3MjA4ZDJiMmM2NzE4NmEwN2I0OGM5MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgsZtj4NDTmWJDrIOC5PJMB3/Mlp
HCNtGRJe7uHwJBPqaWePmY2yeNMxUq+rBYAuOnT3rEGXMkttCotVz/GrB6ubdi2x
2VOappC4JfzubFOy9ajxUnpm58k4BGl8k9ZVQkXe6iyVf/gyKJyS4UbvrEPuIZec
AyLFvQRokAo1fZPfJkB1J+oBiqasPuGl/nmNmyYFZtjMGZOnzcaAaKhHL2ZnWCkW
dyBA5pDdLfanCURmWPzcr9E61YDkOh1hc8TFV4Kc2TJDHDPS9nWIwpzp1lmJFcOr
T69f+e/ykMqsXwfyYVEEb2tTljpbVwvwHkg+FOogD6DSx+JqKnOKVzLkLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJEV6jiXt28XII0rLGcYage0jJDuMB8GA1UdIwQY
MBaAFNLTj0WXBRtsDd8buGauTpRwPhVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHRPUFJaY0ZHMndOM3h1NFpxNU9sSEEtRlY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZTdkNzctODljOC00NTJjLWE5YmYt
YmM1Zjg5N2M3MjRhLzEva1JYcU9KZTNieGNnalNzc1p4aHFCN1NNa080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZTdkNzctODljOC00NTJjLWE5YmYtYmM1Zjg5N2M3MjRh
LzEvMHRPUFJaY0ZHMndOM3h1NFpxNU9sSEEtRlY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9fcAwQF
vACgMA0GCSqGSIb3DQEBCwUAA4IBAQCM7043Ny1NH84Xa8WeE45sDSQnz7gUNtVY
ALz5jv168D0K4ATKqvAKs3frNrGlZtOrW20YfgS863tsrWG6bFsjl9Rd0SitBEZ2
a7cuPUuMiJDloN3FoX3+tgNVCsXYrnHjL3E+dlGkLcWd6E2Ynr90okKdstQA15mw
18K7KdksUFO03Be/4HfzTAB4qUa+MEKaQa668dQhq+R2FV46HVcT1yNU7Aphgkq6
pK+9q7ybUvrXvBM76uL+iyqeRcaF28FpH7F/9ockAlIuuGbbwLu9nyUglYLr7G9k
EwA2qcX7ZgXSnPxDYi0FAnf6fdsgE8eJzApgpeVRVLt1QmVWfR6n
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:27 2024 by rpki-client on console-ams.rpki-client.org