Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/kk54IrgsVBvoQEcYthoHn1wIZf0.roa
File: kk54IrgsVBvoQEcYthoHn1wIZf0.roa (raw, json)
Hash identifier: R8sVaN6oXFCUxOpn0Cw6jSV+gwN+8tIkvHY1SvyibTo=
Subject key identifier: 92:4E:78:22:B8:2C:54:1B:E8:40:47:18:B6:1A:07:9F:5C:08:65:FD
Certificate issuer: /CN=c9633fa6fc66b43639c056d02174f80c2426614b
Certificate serial: 018572CCDA5B983A4F8ACD7841CB594D8138
Authority key identifier: C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/kk54IrgsVBvoQEcYthoHn1wIZf0.roa
Signing time: Mon 02 Jan 2023 14:05:05 +0000
ROA not before: Mon 02 Jan 2023 14:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133530
IP address blocks: 185.166.140.0/24 maxlen: 24
2a0a:ea00::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:da:5b:98:3a:4f:8a:cd:78:41:cb:59:4d:81:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9633fa6fc66b43639c056d02174f80c2426614b
Validity
Not Before: Jan 2 14:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=924e7822b82c541be8404718b61a079f5c0865fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:78:c7:a6:43:ba:0e:01:32:cf:78:0e:b8:bf:
99:e8:69:d3:78:9b:71:93:e7:d6:66:d3:bd:2b:d2:
bf:33:ac:d2:b1:da:94:10:a5:e1:4b:9d:a2:22:23:
e9:aa:97:0f:e2:8a:3f:96:c2:52:d0:90:10:5a:d5:
d2:7b:8e:2a:c0:e4:fa:b2:fa:34:f2:6a:40:d8:d2:
5a:90:2a:f1:5a:bf:a3:df:7f:42:23:cd:81:e7:45:
b5:87:cb:36:9a:7d:b5:11:8d:16:fd:97:3e:36:71:
d0:11:23:be:69:bf:00:bb:22:a6:54:d3:87:7f:35:
5b:ff:98:4c:cb:39:ea:09:20:e6:af:ac:2c:46:62:
77:61:c1:1f:75:d8:5d:c9:cf:d0:1b:e0:c7:02:4f:
c9:89:6e:55:48:ad:54:cc:99:8a:d2:06:e3:e0:23:
14:c3:a2:0e:7d:6b:b0:d1:00:74:ca:67:b8:1e:a4:
5e:d9:8f:86:5b:5a:8e:11:60:ae:75:99:6c:06:42:
6d:3d:ec:28:fe:c9:28:c7:4d:12:9a:43:53:aa:af:
d7:6c:bc:47:f5:2d:d4:b4:6b:ec:a4:23:d7:ea:e9:
86:ac:62:2f:a6:ff:83:3d:6b:35:32:1c:7d:5a:24:
73:fd:e9:1c:1e:86:c3:5e:1f:1c:7f:a6:57:27:23:
ae:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4E:78:22:B8:2C:54:1B:E8:40:47:18:B6:1A:07:9F:5C:08:65:FD
X509v3 Authority Key Identifier:
keyid:C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/kk54IrgsVBvoQEcYthoHn1wIZf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/yWM_pvxmtDY5wFbQIXT4DCQmYUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.140.0/24
IPv6:
2a0a:ea00::/32
Signature Algorithm: sha256WithRSAEncryption
60:18:4e:1a:41:d6:bb:18:8e:03:72:31:7d:80:f1:7a:d9:ce:
46:6d:24:08:78:29:19:9b:a0:7d:fc:ab:c9:c1:80:7f:23:7b:
a2:dd:78:f0:b0:a0:9f:c0:cb:9c:3e:e4:51:84:df:f7:b8:31:
3f:ee:cc:b8:8c:58:e1:3a:bb:0f:cd:98:7a:6e:57:5c:70:42:
4e:b0:34:8f:0e:fd:18:56:91:a1:36:d8:07:f6:aa:9f:80:63:
36:d0:4a:69:5a:49:ff:da:48:91:53:d7:a5:48:64:cf:8a:41:
49:ae:a5:5c:38:8e:43:4d:8d:01:86:67:d0:df:1a:86:ed:09:
8d:75:88:da:4b:04:2a:a5:e2:e8:7b:00:39:3e:1f:30:1c:21:
ea:de:d2:16:b5:b6:27:7b:72:64:b5:3a:45:b8:8f:58:19:f1:
b7:bc:92:06:b5:7b:6f:d7:f7:21:81:39:ad:08:d3:d2:ec:ce:
88:7b:b8:46:a1:29:87:78:a7:5b:95:48:30:89:d7:c1:f9:cb:
dd:5a:ae:61:fd:fb:75:ba:34:21:0c:dd:24:6b:23:f0:bc:1a:
85:b4:2c:e2:f8:92:9e:ad:7c:b2:6f:f2:28:ba:cb:88:87:af:
63:a4:f6:a2:88:ea:01:24:e7:20:39:99:e9:08:63:2c:e5:f8:
0b:65:09:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyzNpbmDpPis14QctZTYE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NjMzZmE2ZmM2NmI0MzYzOWMwNTZkMDIxNzRmODBjMjQy
NjYxNGIwHhcNMjMwMTAyMTQwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRlNzgyMmI4MmM1NDFiZTg0MDQ3MThiNjFhMDc5ZjVjMDg2NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3jHpkO6DgEyz3gOuL+Z6GnTeJtx
k+fWZtO9K9K/M6zSsdqUEKXhS52iIiPpqpcP4oo/lsJS0JAQWtXSe44qwOT6svo0
8mpA2NJakCrxWr+j339CI82B50W1h8s2mn21EY0W/Zc+NnHQESO+ab8AuyKmVNOH
fzVb/5hMyznqCSDmr6wsRmJ3YcEfddhdyc/QG+DHAk/JiW5VSK1UzJmK0gbj4CMU
w6IOfWuw0QB0yme4HqRe2Y+GW1qOEWCudZlsBkJtPewo/skox00SmkNTqq/XbLxH
9S3UtGvspCPX6umGrGIvpv+DPWs1Mhx9WiRz/ekcHobDXh8cf6ZXJyOuqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJJOeCK4LFQb6EBHGLYaB59cCGX9MB8GA1UdIwQY
MBaAFMljP6b8ZrQ2OcBW0CF0+AwkJmFLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVdNX3B2eG10RFk1d0ZiUUlYVDREQ1FtWVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi85Y2IzMjktMGZlOS00ZmZlLWJlNWYt
MDM4YTU0ZTM5MTJmLzEva2s1NElyZ3NWQnZvUUVjWXRob0huMXdJWmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi85Y2IzMjktMGZlOS00ZmZlLWJlNWYtMDM4YTU0ZTM5MTJm
LzEveVdNX3B2eG10RFk1d0ZiUUlYVDREQ1FtWVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaaMMA0E
AgACMAcDBQAqCuoAMA0GCSqGSIb3DQEBCwUAA4IBAQBgGE4aQda7GI4DcjF9gPF6
2c5GbSQIeCkZm6B9/KvJwYB/I3ui3XjwsKCfwMucPuRRhN/3uDE/7sy4jFjhOrsP
zZh6bldccEJOsDSPDv0YVpGhNtgH9qqfgGM20EppWkn/2kiRU9elSGTPikFJrqVc
OI5DTY0BhmfQ3xqG7QmNdYjaSwQqpeLoewA5Ph8wHCHq3tIWtbYne3JktTpFuI9Y
GfG3vJIGtXtv1/chgTmtCNPS7M6Ie7hGoSmHeKdblUgwidfB+cvdWq5h/ft1ujQh
DN0kayPwvBqFtCzi+JKerXyyb/IousuIh69jpPaiiOoBJOcgOZnpCGMs5fgLZQlb
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:42 2024 by rpki-client on console-fra.rpki-client.org