Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/KFQwEGSyIiNRR4DiFx8GHhp0lHw.roa
File: KFQwEGSyIiNRR4DiFx8GHhp0lHw.roa (raw, json)
Hash identifier: 05ltsNG7/3ueAn665Y1GKqYZ3AiTcDTUNafuMHqoYIA=
Subject key identifier: 28:54:30:10:64:B2:22:23:51:47:80:E2:17:1F:06:1E:1A:74:94:7C
Certificate issuer: /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial: 01856E01D5470B17AB794A929C4F32BF96F9
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/KFQwEGSyIiNRR4DiFx8GHhp0lHw.roa
Signing time: Sun 01 Jan 2023 15:44:51 +0000
ROA not before: Sun 01 Jan 2023 15:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.66.203.0/24 maxlen: 24
185.66.202.0/24 maxlen: 24
185.237.4.0/24 maxlen: 24
185.237.5.0/24 maxlen: 24
185.237.6.0/24 maxlen: 24
185.237.7.0/24 maxlen: 24
82.115.214.0/24 maxlen: 24
2a07:e3c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:d5:47:0b:17:ab:79:4a:92:9c:4f:32:bf:96:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Validity
Not Before: Jan 1 15:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2854301064b22223514780e2171f061e1a74947c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7a:fb:9b:64:46:4a:a2:2e:16:42:52:41:fc:
65:2d:e1:15:c6:98:bd:4c:9c:02:22:45:2d:d0:31:
cc:d5:3f:ac:29:a0:4c:10:25:eb:5e:a9:4d:a1:ee:
13:0e:12:87:aa:0d:9d:c1:24:75:44:e4:f9:96:a4:
04:04:71:30:85:5c:ba:c8:ff:02:89:2a:1c:60:4a:
53:ce:9f:6a:ee:23:3f:fd:c0:b5:5c:30:2d:a9:f4:
9e:e6:d7:16:eb:db:9d:84:a0:08:8d:a0:0b:30:6c:
3f:47:66:35:9e:20:2a:2f:80:61:83:28:73:8b:75:
87:5c:aa:98:87:26:08:c2:e2:2e:f3:a1:99:bc:51:
58:e3:b0:5e:95:10:6a:c6:bb:58:99:80:8d:65:52:
b0:f8:f1:ee:55:01:f4:e2:69:a8:dd:3b:6c:1a:45:
51:7e:c6:9f:45:9b:0f:c3:a0:90:aa:c5:84:cf:40:
99:ca:d8:27:3a:6f:d1:7d:89:50:1e:68:0e:4e:19:
73:c7:fa:44:5a:ec:97:9c:31:2e:d6:71:c4:f1:96:
c0:5f:a4:87:67:13:a4:d1:9f:8e:6b:d1:e0:9b:44:
64:db:0b:6d:e8:d3:c4:b5:0b:57:23:2b:28:93:f5:
3e:7b:a9:6a:1d:a8:b1:70:6f:0d:8d:d6:01:61:03:
24:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:54:30:10:64:B2:22:23:51:47:80:E2:17:1F:06:1E:1A:74:94:7C
X509v3 Authority Key Identifier:
keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/KFQwEGSyIiNRR4DiFx8GHhp0lHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.214.0/24
185.66.202.0/23
185.237.4.0/22
IPv6:
2a07:e3c0::/48
Signature Algorithm: sha256WithRSAEncryption
14:6f:6a:ed:50:5e:8b:0a:62:f0:45:52:1f:0f:d7:a0:60:77:
16:ac:ed:70:3e:eb:f6:c9:3a:0f:39:48:38:af:e6:dd:6e:4f:
2f:b1:4d:1c:01:4f:68:27:3a:5e:a2:cc:3f:d3:b5:ad:ec:72:
48:de:29:04:2c:dd:16:fb:fb:1d:3e:1e:c9:d6:01:c2:f3:ad:
b4:6b:0a:b9:0c:2b:ea:eb:b4:2c:59:08:26:67:22:a7:06:70:
f1:51:42:08:bd:f9:39:03:31:af:85:7d:bb:0c:f8:55:64:bd:
05:bc:d6:e4:17:18:73:9b:59:35:6f:28:e0:cf:71:31:ff:74:
80:e6:e1:a7:f6:70:3a:ca:b0:7b:99:43:36:34:b1:59:43:33:
e7:f0:e7:18:1e:d9:62:41:72:bf:be:c0:f3:f1:38:62:b1:56:
25:5c:2e:30:69:4e:92:02:ae:a5:fa:bb:d5:04:69:0a:37:01:
67:63:0f:b9:0b:41:37:3c:fc:67:12:4f:d0:85:94:1f:cd:76:
48:cc:79:4e:9c:45:0c:8f:5c:84:cf:15:6d:e8:2b:19:63:c4:
36:f2:8a:56:75:f2:cf:f8:11:6d:01:fb:9f:36:1d:96:c3:c8:
88:a5:ee:60:82:52:27:14:7e:87:3e:b8:74:3b:58:1a:34:a2:
a8:df:66:4a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVuAdVHCxereUqSnE8yv5b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODAxYmUyMzYzZjIxMWJkMmY1NzgxOGFkZWFmOWMwZGJl
MTRiZGIwHhcNMjMwMTAxMTU0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU0MzAxMDY0YjIyMjIzNTE0NzgwZTIxNzFmMDYxZTFhNzQ5NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnr7m2RGSqIuFkJSQfxlLeEVxpi9
TJwCIkUt0DHM1T+sKaBMECXrXqlNoe4TDhKHqg2dwSR1ROT5lqQEBHEwhVy6yP8C
iSocYEpTzp9q7iM//cC1XDAtqfSe5tcW69udhKAIjaALMGw/R2Y1niAqL4Bhgyhz
i3WHXKqYhyYIwuIu86GZvFFY47BelRBqxrtYmYCNZVKw+PHuVQH04mmo3TtsGkVR
fsafRZsPw6CQqsWEz0CZytgnOm/RfYlQHmgOThlzx/pEWuyXnDEu1nHE8ZbAX6SH
ZxOk0Z+Oa9Hgm0Rk2wtt6NPEtQtXIysok/U+e6lqHaixcG8NjdYBYQMkxwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFChUMBBksiIjUUeA4hcfBh4adJR8MB8GA1UdIwQY
MBaAFKiAG+I2PyEb0vV4GK3q+cDb4UvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMt
ODQyMGFlOWUwNjIyLzEvS0ZRd0VHU3lJaU5SUjREaUZ4OEdIaHAwbEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMtODQyMGFlOWUwNjIy
LzEvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUnPWAwQB
uULKAwQCue0EMA8EAgACMAkDBwAqB+PAAAAwDQYJKoZIhvcNAQELBQADggEBABRv
au1QXosKYvBFUh8P16Bgdxas7XA+6/bJOg85SDiv5t1uTy+xTRwBT2gnOl6izD/T
ta3sckjeKQQs3Rb7+x0+HsnWAcLzrbRrCrkMK+rrtCxZCCZnIqcGcPFRQgi9+TkD
Ma+FfbsM+FVkvQW81uQXGHObWTVvKODPcTH/dIDm4af2cDrKsHuZQzY0sVlDM+fw
5xge2WJBcr++wPPxOGKxViVcLjBpTpICrqX6u9UEaQo3AWdjD7kLQTc8/GcST9CF
lB/NdkjMeU6cRQyPXITPFW3oKxljxDbyilZ18s/4EW0B+582HZbDyIil7mCCUicU
foc+uHQ7WBo0oqjfZko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:45 2024 by rpki-client on console-fra.rpki-client.org