Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/01bf96-81b6-4e4c-ab80-e0bc41078426/1/KS7efW9UPkxnJUmEaqW01BIk880.roa
File: KS7efW9UPkxnJUmEaqW01BIk880.roa (raw, json)
Hash identifier: ZRdLDmDXjFtroXfWnDOAz+yZMTx0OEttGgG0v4ac4cE=
Subject key identifier: 29:2E:DE:7D:6F:54:3E:4C:67:25:49:84:6A:A5:B4:D4:12:24:F3:CD
Certificate issuer: /CN=dc0f9ea04636d7e71418b93091ccd0e57015be49
Certificate serial: 01857079B8031F8BAA8187662F1CDFAAB259
Authority key identifier: DC:0F:9E:A0:46:36:D7:E7:14:18:B9:30:91:CC:D0:E5:70:15:BE:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3A-eoEY21-cUGLkwkczQ5XAVvkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/01bf96-81b6-4e4c-ab80-e0bc41078426/1/KS7efW9UPkxnJUmEaqW01BIk880.roa
Signing time: Mon 02 Jan 2023 03:15:03 +0000
ROA not before: Mon 02 Jan 2023 03:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41026
IP address blocks: 185.56.244.0/22 maxlen: 22
2a02:5660::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:b8:03:1f:8b:aa:81:87:66:2f:1c:df:aa:b2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc0f9ea04636d7e71418b93091ccd0e57015be49
Validity
Not Before: Jan 2 03:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=292ede7d6f543e4c672549846aa5b4d41224f3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:d9:c0:6a:22:16:b3:d3:a3:f6:f4:b1:04:7f:
44:db:cf:79:14:7f:09:d9:6f:69:b0:d3:7d:7d:bc:
17:95:d4:46:69:57:e8:e8:1b:99:51:f1:a3:59:5a:
7b:45:a7:32:e8:52:5e:84:b9:e2:cb:d1:c0:12:cb:
69:43:0d:5b:6e:3e:3d:d7:a1:7b:38:54:89:bc:c0:
d3:55:dc:39:30:56:a8:04:4b:54:a1:01:37:c5:52:
b3:01:02:10:4c:1d:57:a2:ba:9a:57:ca:58:d7:a9:
b8:10:39:c0:98:fa:a8:26:2c:d5:4f:76:1e:85:ac:
71:09:7c:1c:cf:44:82:24:5e:77:80:6a:d7:dc:6c:
60:e7:ed:93:0b:77:2c:78:d9:e5:80:a5:7f:81:df:
30:29:5e:3d:ad:11:59:d3:98:49:c3:23:84:c1:49:
0b:7b:f6:e8:2b:2e:09:c9:61:f1:7a:fb:6f:38:a0:
ec:17:3c:99:61:71:51:3f:93:08:02:ba:ce:89:9a:
f8:71:ff:1f:9c:56:b2:37:0a:36:5b:d7:b4:e8:12:
ac:95:81:c6:67:ba:fc:5e:44:d1:f9:e8:eb:51:8a:
f4:0c:af:9f:8c:14:2a:13:33:12:1b:24:15:6a:40:
4a:4a:53:07:7b:22:aa:69:61:33:74:8a:3f:c0:34:
8e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2E:DE:7D:6F:54:3E:4C:67:25:49:84:6A:A5:B4:D4:12:24:F3:CD
X509v3 Authority Key Identifier:
keyid:DC:0F:9E:A0:46:36:D7:E7:14:18:B9:30:91:CC:D0:E5:70:15:BE:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3A-eoEY21-cUGLkwkczQ5XAVvkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/01bf96-81b6-4e4c-ab80-e0bc41078426/1/KS7efW9UPkxnJUmEaqW01BIk880.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/01bf96-81b6-4e4c-ab80-e0bc41078426/1/3A-eoEY21-cUGLkwkczQ5XAVvkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.244.0/22
IPv6:
2a02:5660::/32
Signature Algorithm: sha256WithRSAEncryption
5c:8f:42:32:07:92:c8:b7:68:ee:6f:29:97:24:3b:ea:7b:27:
05:0e:40:6c:c7:97:ee:bd:4f:f9:4e:0a:40:7c:dd:8f:f7:7c:
d2:a4:42:fb:b4:19:39:17:ca:68:10:73:ef:b9:22:d8:9e:79:
29:3b:fb:73:0c:6c:b9:8d:c7:de:b7:be:49:15:04:4d:a2:86:
3e:ac:b7:9d:e7:13:58:77:b0:17:92:06:c8:56:0b:8c:bb:40:
f7:58:66:f9:19:b6:7a:ec:de:79:06:d6:0e:bf:bd:10:c2:e8:
8e:a0:67:1f:f8:90:fc:e0:fb:15:84:d2:c0:80:6b:e4:49:49:
92:2f:20:53:ae:f8:07:bf:37:92:b9:e2:71:52:23:a4:cf:bd:
d5:22:1d:32:ab:ba:01:4b:85:f5:63:fe:b2:5b:f5:ee:7e:b0:
9b:65:7f:9a:ff:77:f4:1d:0b:49:0d:0e:78:7a:19:e1:c6:31:
34:8a:ea:10:c8:83:99:d7:58:01:ca:b9:4d:54:6b:71:57:a2:
d5:32:01:a1:7b:8a:f2:11:ba:d3:ae:6a:2c:4e:3c:27:d6:9c:
9e:2e:22:2b:5c:b7:5f:5d:5c:e9:3b:4c:42:68:5a:35:79:7c:
a0:b9:35:89:08:54:f3:34:6a:70:03:7c:14:71:ff:c4:a5:15:
54:7b:5f:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwebgDH4uqgYdmLxzfqrJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMGY5ZWEwNDYzNmQ3ZTcxNDE4YjkzMDkxY2NkMGU1NzAx
NWJlNDkwHhcNMjMwMTAyMDMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTJlZGU3ZDZmNTQzZTRjNjcyNTQ5ODQ2YWE1YjRkNDEyMjRmM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/dnAaiIWs9Oj9vSxBH9E2895FH8J
2W9psNN9fbwXldRGaVfo6BuZUfGjWVp7Racy6FJehLniy9HAEstpQw1bbj4916F7
OFSJvMDTVdw5MFaoBEtUoQE3xVKzAQIQTB1XorqaV8pY16m4EDnAmPqoJizVT3Ye
haxxCXwcz0SCJF53gGrX3Gxg5+2TC3cseNnlgKV/gd8wKV49rRFZ05hJwyOEwUkL
e/boKy4JyWHxevtvOKDsFzyZYXFRP5MIArrOiZr4cf8fnFayNwo2W9e06BKslYHG
Z7r8XkTR+ejrUYr0DK+fjBQqEzMSGyQVakBKSlMHeyKqaWEzdIo/wDSODwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCku3n1vVD5MZyVJhGqltNQSJPPNMB8GA1UdIwQY
MBaAFNwPnqBGNtfnFBi5MJHM0OVwFb5JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0EtZW9FWTIxLWNVR0xrd2tjelE1WEFWdmtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wMWJmOTYtODFiNi00ZTRjLWFiODAt
ZTBiYzQxMDc4NDI2LzEvS1M3ZWZXOVVQa3huSlVtRWFxVzAxQklrODgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wMWJmOTYtODFiNi00ZTRjLWFiODAtZTBiYzQxMDc4NDI2
LzEvM0EtZW9FWTIxLWNVR0xrd2tjelE1WEFWdmtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTj0MA0E
AgACMAcDBQAqAlZgMA0GCSqGSIb3DQEBCwUAA4IBAQBcj0IyB5LIt2jubymXJDvq
eycFDkBsx5fuvU/5TgpAfN2P93zSpEL7tBk5F8poEHPvuSLYnnkpO/tzDGy5jcfe
t75JFQRNooY+rLed5xNYd7AXkgbIVguMu0D3WGb5GbZ67N55BtYOv70QwuiOoGcf
+JD84PsVhNLAgGvkSUmSLyBTrvgHvzeSueJxUiOkz73VIh0yq7oBS4X1Y/6yW/Xu
frCbZX+a/3f0HQtJDQ54ehnhxjE0iuoQyIOZ11gByrlNVGtxV6LVMgGhe4ryEbrT
rmosTjwn1pyeLiIrXLdfXVzpO0xCaFo1eXyguTWJCFTzNGpwA3wUcf/EpRVUe19Z
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:04 2024 by rpki-client on console-fra.rpki-client.org