Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/KRgJ2PpKx3yE6JyJ6kkj289qYh0.roa
File: KRgJ2PpKx3yE6JyJ6kkj289qYh0.roa (raw, json)
Hash identifier: LDBNwNSbUb3VoKwXdfBju5LOqykW/JQsQkc0G7ylbUw=
Subject key identifier: 29:18:09:D8:FA:4A:C7:7C:84:E8:9C:89:EA:49:23:DB:CF:6A:62:1D
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018CC64B36E85ADCF65A6C63C8AB695CD81C
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/KRgJ2PpKx3yE6JyJ6kkj289qYh0.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3549
IP address blocks: 151.244.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 08 Apr 2024 06:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:36:e8:5a:dc:f6:5a:6c:63:c8:ab:69:5c:d8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=291809d8fa4ac77c84e89c89ea4923dbcf6a621d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cd:88:69:f6:a8:31:b4:e5:9b:af:9e:69:25:
31:66:ab:e4:bc:08:74:62:e9:d8:10:0c:d8:12:b2:
c1:42:cc:9a:4d:57:54:af:df:c8:78:2f:18:d9:2b:
df:ef:b9:ee:9b:3f:ad:51:8a:aa:fd:3a:a3:c1:73:
52:6b:3e:c6:8c:b8:b5:bb:7b:aa:36:db:1d:29:46:
5a:82:af:a0:21:b0:b2:0b:cd:ef:0a:ca:cb:6f:fb:
9f:46:97:c8:51:e8:e9:0c:30:91:67:c7:00:4f:74:
58:d7:11:02:01:f2:59:f1:5e:ad:4d:77:43:da:30:
7f:c5:4c:a7:ab:7e:ff:a6:4e:f8:e7:24:b7:67:ab:
f0:3a:2e:cd:20:f3:7b:60:35:72:c1:10:43:14:da:
f5:cc:32:90:6b:ad:73:9e:80:70:50:ff:77:13:29:
e7:ad:11:6e:f0:ce:db:27:6a:93:4b:dd:5f:85:f2:
81:c7:02:73:7a:d7:7c:f9:d2:44:59:fe:98:fa:ca:
99:51:16:d2:02:d5:a6:f2:20:eb:19:61:a8:8d:58:
43:29:96:eb:ed:d9:1f:c5:a0:1e:6b:f3:bd:e8:10:
b0:72:02:74:a4:ed:74:dc:a8:3f:da:3b:82:39:bc:
dc:d5:ea:e4:07:63:16:ff:c9:50:4d:b2:d8:36:71:
ca:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:18:09:D8:FA:4A:C7:7C:84:E8:9C:89:EA:49:23:DB:CF:6A:62:1D
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/KRgJ2PpKx3yE6JyJ6kkj289qYh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.144.0/22
Signature Algorithm: sha256WithRSAEncryption
90:f2:e1:1c:3d:de:0c:29:98:93:8d:23:9f:81:71:46:81:f0:
37:f5:0d:9a:87:a0:d8:75:84:ec:c2:95:14:de:d5:de:6b:22:
41:45:e2:4a:57:63:cc:c5:0b:83:86:5e:0d:e0:14:5d:0a:0d:
f6:67:33:df:cc:de:00:24:cf:52:35:39:a4:56:04:e4:c7:96:
9d:42:79:ec:7b:c3:05:1c:05:03:ec:7c:cd:8a:c2:6a:c4:c7:
f6:0d:18:76:5b:6b:01:9b:92:d4:e8:10:69:9e:e3:84:eb:d7:
6b:62:f8:b0:7d:48:a2:47:d2:14:16:1a:73:9f:5a:ba:ce:92:
41:87:3c:d6:5c:a6:85:ee:6b:ca:b7:79:3f:4a:da:eb:c2:ef:
5c:9b:66:a8:c6:6b:26:0f:98:26:8f:7e:02:46:8a:a1:04:91:
9b:45:e5:7f:cc:68:b0:49:29:08:97:55:36:d1:9f:45:c0:0b:
ab:da:43:07:a9:6f:25:79:7a:89:f6:a3:58:fe:f5:8a:e3:f0:
ff:fd:b8:ca:51:01:dc:52:86:aa:6e:24:b1:df:8f:2c:10:82:
0e:8b:58:7b:f4:e7:92:3a:ff:af:4e:1f:4a:c7:a5:94:34:05:
82:a9:2f:de:7b:2d:c7:79:c2:c8:cd:e6:4c:2a:81:ff:f5:04:
86:c5:f6:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSzboWtz2WmxjyKtpXNgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTE4MDlkOGZhNGFjNzdjODRlODljODllYTQ5MjNkYmNmNmE2MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr82IafaoMbTlm6+eaSUxZqvkvAh0
YunYEAzYErLBQsyaTVdUr9/IeC8Y2Svf77numz+tUYqq/TqjwXNSaz7GjLi1u3uq
NtsdKUZagq+gIbCyC83vCsrLb/ufRpfIUejpDDCRZ8cAT3RY1xECAfJZ8V6tTXdD
2jB/xUynq37/pk745yS3Z6vwOi7NIPN7YDVywRBDFNr1zDKQa61znoBwUP93Eynn
rRFu8M7bJ2qTS91fhfKBxwJzetd8+dJEWf6Y+sqZURbSAtWm8iDrGWGojVhDKZbr
7dkfxaAea/O96BCwcgJ0pO103Kg/2juCObzc1erkB2MW/8lQTbLYNnHK8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkYCdj6Ssd8hOiciepJI9vPamIdMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvS1JnSjJQcEt4M3lFNkp5SjZra2oyODlxWWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/SQMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ8uEcPd4MKZiTjSOfgXFGgfA39Q2ah6DYdYTswpUU
3tXeayJBReJKV2PMxQuDhl4N4BRdCg32ZzPfzN4AJM9SNTmkVgTkx5adQnnse8MF
HAUD7HzNisJqxMf2DRh2W2sBm5LU6BBpnuOE69drYviwfUiiR9IUFhpzn1q6zpJB
hzzWXKaF7mvKt3k/Strrwu9cm2aoxmsmD5gmj34CRoqhBJGbReV/zGiwSSkIl1U2
0Z9FwAur2kMHqW8leXqJ9qNY/vWK4/D//bjKUQHcUoaqbiSx348sEIIOi1h79OeS
Ov+vTh9Kx6WUNAWCqS/eey3HecLIzeZMKoH/9QSGxfbW
-----END CERTIFICATE-----
Generated at Mon Apr 8 11:23:21 2024 by rpki-client on console-ams.rpki-client.org