Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/kD4Lbr4kRevdd-uKkfTy47cOPLQ.roa
File: kD4Lbr4kRevdd-uKkfTy47cOPLQ.roa (raw, json)
Hash identifier: WmPuOQ5UcdBwWg8vB5qxqu1iAl7x54iKXBImxibMyAc=
Subject key identifier: 90:3E:0B:6E:BE:24:45:EB:DD:77:EB:8A:91:F4:F2:E3:B7:0E:3C:B4
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01887753AC24856923A680A5A9630EB70D12
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/kD4Lbr4kRevdd-uKkfTy47cOPLQ.roa
Signing time: Thu 01 Jun 2023 14:19:12 +0000
ROA not before: Thu 01 Jun 2023 14:19:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 82.97.240.0/20 maxlen: 24
178.236.36.0/22 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:53:ac:24:85:69:23:a6:80:a5:a9:63:0e:b7:0d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 1 14:19:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=903e0b6ebe2445ebdd77eb8a91f4f2e3b70e3cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:87:ac:fe:5b:ee:fd:90:d5:a2:8c:03:d7:87:
42:f7:8f:6b:84:98:1a:27:71:6c:ad:59:be:e6:80:
42:00:7f:73:f3:4c:97:18:36:a8:15:ed:83:2c:94:
96:6d:4b:e7:3d:22:8e:75:a2:c9:56:4c:20:f9:16:
1e:e6:68:76:fe:62:25:57:25:83:a6:6f:f9:2e:43:
a6:e8:14:04:2d:e1:7b:69:44:14:5a:45:f3:bc:02:
2e:32:90:96:bc:7b:58:d0:64:b7:09:2d:ad:f8:0a:
b0:ad:03:ad:b1:51:51:de:d3:f7:b0:a0:64:e5:6c:
ed:16:22:1f:69:a7:d4:9f:2f:59:e1:e5:fa:5b:4c:
ca:15:4e:01:36:d2:a0:05:f7:7f:24:fa:07:9b:5f:
81:31:a0:3d:50:3a:f5:66:6b:af:7b:f1:2d:bd:ad:
7a:cb:27:ee:b7:6d:67:c2:17:2a:55:17:a6:65:1a:
01:4a:2e:43:99:f0:29:0f:19:0e:95:e1:34:b5:5e:
ce:2c:64:9a:df:8c:2d:2f:3f:2b:b8:5a:f6:bb:85:
db:cf:52:ce:d8:eb:8e:f7:10:f7:1e:02:db:17:0a:
b3:78:e1:0e:70:1f:ad:76:14:ca:7f:c0:4f:b9:e0:
01:f7:bd:ee:26:58:6f:ad:d5:4a:0f:a2:97:ac:2c:
68:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3E:0B:6E:BE:24:45:EB:DD:77:EB:8A:91:F4:F2:E3:B7:0E:3C:B4
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/kD4Lbr4kRevdd-uKkfTy47cOPLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.240.0/20
178.236.36.0/22
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
02:17:7c:71:92:8b:66:90:24:3c:b1:bc:63:8a:bc:6d:7e:5f:
5a:ab:25:57:c8:86:ad:ed:6b:e6:4a:cf:b2:a3:83:fd:bc:c2:
ea:65:9e:63:40:8a:03:6b:19:0e:83:d8:3f:6b:63:b2:03:73:
1c:19:c9:e6:14:d2:b4:1e:0e:5e:5e:03:9e:b8:b0:82:2a:85:
3e:f2:43:e6:58:01:02:52:70:ee:0f:42:18:61:40:9a:03:8e:
77:e3:fd:22:76:61:93:b8:c9:dd:c5:c3:33:01:eb:ba:68:bc:
21:3a:4c:33:42:d2:a8:8d:13:d8:46:bd:7c:3c:df:2b:bf:ef:
ff:6e:55:32:fd:6c:1f:33:36:84:f9:15:1b:9f:e0:01:60:c2:
19:e4:d4:7e:ed:bf:87:f4:d7:dc:8b:65:e6:a4:4d:34:f6:3c:
0c:45:5c:c4:89:47:db:6c:9d:4a:7f:0e:b4:5f:09:4f:30:31:
9a:3d:53:f3:fd:b8:58:14:b7:c5:e1:9a:1f:4c:b4:a1:ff:8e:
38:42:40:6c:e9:ec:72:20:77:b7:27:e8:a7:56:32:61:1a:56:
70:f5:2c:f8:f0:c5:f4:0e:96:10:6c:cd:b4:1a:b6:a3:ad:20:
2c:d6:99:44:ff:45:1c:11:9a:82:fb:90:af:c6:b8:bf:72:8f:
6e:a9:ac:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh3U6wkhWkjpoClqWMOtw0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNjAxMTQxOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNlMGI2ZWJlMjQ0NWViZGQ3N2ViOGE5MWY0ZjJlM2I3MGUzY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYes/lvu/ZDVoowD14dC949rhJga
J3FsrVm+5oBCAH9z80yXGDaoFe2DLJSWbUvnPSKOdaLJVkwg+RYe5mh2/mIlVyWD
pm/5LkOm6BQELeF7aUQUWkXzvAIuMpCWvHtY0GS3CS2t+AqwrQOtsVFR3tP3sKBk
5WztFiIfaafUny9Z4eX6W0zKFU4BNtKgBfd/JPoHm1+BMaA9UDr1Zmuve/Etva16
yyfut21nwhcqVRemZRoBSi5DmfApDxkOleE0tV7OLGSa34wtLz8ruFr2u4Xbz1LO
2OuO9xD3HgLbFwqzeOEOcB+tdhTKf8BPueAB973uJlhvrdVKD6KXrCxouwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJA+C26+JEXr3XfripH08uO3Djy0MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEva0Q0TGJyNGtSZXZkZC11S2tmVHk0N2NPUExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUmHwAwQC
suwkAwQC1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQACF3xxkotmkCQ8sbxjirxtfl9a
qyVXyIat7WvmSs+yo4P9vMLqZZ5jQIoDaxkOg9g/a2OyA3McGcnmFNK0Hg5eXgOe
uLCCKoU+8kPmWAECUnDuD0IYYUCaA4534/0idmGTuMndxcMzAeu6aLwhOkwzQtKo
jRPYRr18PN8rv+//blUy/WwfMzaE+RUbn+ABYMIZ5NR+7b+H9Nfci2XmpE009jwM
RVzEiUfbbJ1Kfw60XwlPMDGaPVPz/bhYFLfF4ZofTLSh/444QkBs6exyIHe3J+in
VjJhGlZw9Sz48MX0DpYQbM20GrajrSAs1plE/0UcEZqC+5Cvxri/co9uqaz1
-----END CERTIFICATE-----
Generated at Tue Aug 29 11:16:40 2023 by rpki-client on console-fra.rpki-client.org