Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/KtLElJuvTJ2aCzRz8mXH1GV2xos.roa
File: KtLElJuvTJ2aCzRz8mXH1GV2xos.roa (raw, json)
Hash identifier: arijLA6x1gL1jrt/Ff/x/iRn4nnl5bwT2zXlOdoMlOo=
Subject key identifier: 2A:D2:C4:94:9B:AF:4C:9D:9A:0B:34:73:F2:65:C7:D4:65:76:C6:8B
Certificate issuer: /CN=cae069b663ee25fd13559101dac1d5032b9fd66e
Certificate serial: 0185703043F88AE95DBFB060A08161142C59
Authority key identifier: CA:E0:69:B6:63:EE:25:FD:13:55:91:01:DA:C1:D5:03:2B:9F:D6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuBptmPuJf0TVZEB2sHVAyuf1m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/KtLElJuvTJ2aCzRz8mXH1GV2xos.roa
Signing time: Mon 02 Jan 2023 01:54:49 +0000
ROA not before: Mon 02 Jan 2023 01:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56346
IP address blocks: 185.131.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:43:f8:8a:e9:5d:bf:b0:60:a0:81:61:14:2c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cae069b663ee25fd13559101dac1d5032b9fd66e
Validity
Not Before: Jan 2 01:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ad2c4949baf4c9d9a0b3473f265c7d46576c68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:47:b0:d9:80:ae:5e:9d:8e:eb:e2:15:a9:bc:
f4:89:c9:f4:70:d5:cb:0c:94:c5:a1:92:1a:a4:e9:
68:62:39:8f:02:8c:cd:28:26:fe:6f:7c:4d:cd:a5:
b2:b5:4d:51:97:a3:49:c7:b3:22:95:39:d3:de:ba:
f4:f6:ad:96:22:66:b5:27:7d:ce:e1:7b:dc:69:52:
9e:16:81:de:e7:84:d3:cd:b6:f5:54:35:00:b5:13:
da:39:0d:58:54:52:32:54:ad:96:86:93:1d:8b:d6:
ac:7a:da:39:3a:f2:d1:39:5b:12:e4:b5:9f:db:8c:
73:88:aa:75:78:1d:fb:32:47:93:d4:f2:22:01:0e:
9e:e7:88:0f:ec:89:d7:97:c9:c1:6c:e5:5a:02:aa:
a4:d2:89:a3:77:8c:3c:eb:d7:32:ec:77:26:a8:2d:
0a:f1:fd:46:d1:53:8d:5e:d8:a9:32:5d:21:06:ee:
f9:86:f5:aa:41:82:df:0a:39:ec:5b:3f:fd:92:b0:
51:2c:26:fa:ae:75:ed:77:98:07:63:ca:3d:54:7a:
5f:76:da:f2:1f:a1:2b:30:8f:08:5a:25:7a:10:ee:
b5:b2:5e:f4:09:42:48:b2:16:59:48:d2:aa:c7:aa:
e9:be:37:41:8c:38:5d:08:5f:f4:24:e8:ad:24:2c:
ba:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D2:C4:94:9B:AF:4C:9D:9A:0B:34:73:F2:65:C7:D4:65:76:C6:8B
X509v3 Authority Key Identifier:
keyid:CA:E0:69:B6:63:EE:25:FD:13:55:91:01:DA:C1:D5:03:2B:9F:D6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuBptmPuJf0TVZEB2sHVAyuf1m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/KtLElJuvTJ2aCzRz8mXH1GV2xos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/yuBptmPuJf0TVZEB2sHVAyuf1m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.252.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:35:f4:84:22:27:71:bd:42:73:4d:26:5e:cd:01:4a:bb:ce:
ee:14:d7:a7:cf:66:0d:1a:af:f8:78:8d:cd:00:58:f6:c7:9e:
37:09:78:13:1d:63:8a:1b:18:96:16:e8:80:1d:56:29:5f:b5:
b3:d9:65:e6:a9:c4:22:e0:d8:22:d2:3f:f7:0d:85:4a:de:34:
e5:16:a9:9d:da:7b:03:1a:0d:e2:c8:07:a9:30:9b:37:ee:7a:
b8:d2:70:8e:be:42:fa:bb:33:c7:1a:36:70:9f:4e:b6:fa:80:
60:15:c1:a1:19:23:29:62:6d:fe:04:04:e2:95:fe:1a:c3:f2:
b8:d3:26:1b:43:90:31:45:07:f5:ba:82:9e:62:f8:ff:ba:2b:
2f:3e:9c:0a:44:43:36:8c:45:5e:60:cb:85:89:94:53:f3:03:
4d:48:0a:6b:c4:b8:7f:dd:a9:0f:3d:5a:9f:a1:8a:cd:23:29:
9c:94:6c:30:6f:e9:92:d5:28:80:a4:eb:21:5e:0d:b3:5b:2f:
1a:99:75:88:36:a1:4a:71:3c:d8:6a:75:45:c6:27:98:84:e9:
28:06:84:84:87:09:58:93:56:ff:fb:77:a2:65:9b:62:33:29:
49:37:0d:62:75:74:79:72:4e:c5:86:82:c2:1e:92:ed:9e:5f:
6d:96:d7:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMEP4iuldv7BgoIFhFCxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTA2OWI2NjNlZTI1ZmQxMzU1OTEwMWRhYzFkNTAzMmI5
ZmQ2NmUwHhcNMjMwMTAyMDE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQyYzQ5NDliYWY0YzlkOWEwYjM0NzNmMjY1YzdkNDY1NzZjNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Eew2YCuXp2O6+IVqbz0icn0cNXL
DJTFoZIapOloYjmPAozNKCb+b3xNzaWytU1Rl6NJx7MilTnT3rr09q2WIma1J33O
4XvcaVKeFoHe54TTzbb1VDUAtRPaOQ1YVFIyVK2WhpMdi9aseto5OvLROVsS5LWf
24xziKp1eB37MkeT1PIiAQ6e54gP7InXl8nBbOVaAqqk0omjd4w869cy7HcmqC0K
8f1G0VONXtipMl0hBu75hvWqQYLfCjnsWz/9krBRLCb6rnXtd5gHY8o9VHpfdtry
H6ErMI8IWiV6EO61sl70CUJIshZZSNKqx6rpvjdBjDhdCF/0JOitJCy6FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrSxJSbr0ydmgs0c/Jlx9RldsaLMB8GA1UdIwQY
MBaAFMrgabZj7iX9E1WRAdrB1QMrn9ZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVCcHRtUHVKZjBUVlpFQjJzSFZBeXVmMW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lNWY1ZjgtMWNhMS00MjM0LTlhM2Mt
ZWNjZWVlZTExMGE0LzEvS3RMRWxKdXZUSjJhQ3pSejhtWEgxR1YyeG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lNWY1ZjgtMWNhMS00MjM0LTlhM2MtZWNjZWVlZTExMGE0
LzEveXVCcHRtUHVKZjBUVlpFQjJzSFZBeXVmMW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYP8MA0G
CSqGSIb3DQEBCwUAA4IBAQDNNfSEIidxvUJzTSZezQFKu87uFNenz2YNGq/4eI3N
AFj2x543CXgTHWOKGxiWFuiAHVYpX7Wz2WXmqcQi4Ngi0j/3DYVK3jTlFqmd2nsD
Gg3iyAepMJs37nq40nCOvkL6uzPHGjZwn062+oBgFcGhGSMpYm3+BATilf4aw/K4
0yYbQ5AxRQf1uoKeYvj/uisvPpwKREM2jEVeYMuFiZRT8wNNSAprxLh/3akPPVqf
oYrNIymclGwwb+mS1SiApOshXg2zWy8amXWINqFKcTzYanVFxieYhOkoBoSEhwlY
k1b/+3eiZZtiMylJNw1idXR5ck7FhoLCHpLtnl9tltda
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:50 2024 by rpki-client on console-fra.rpki-client.org