Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/KWA7lEPP3X8BPUegZl6TyPm72aM.roa
File: KWA7lEPP3X8BPUegZl6TyPm72aM.roa (raw, json)
Hash identifier: 1WTDhgn52mwg4d8R+SQLdD+SNVTJWFqF9VJQ+Y/g9QI=
Subject key identifier: 29:60:3B:94:43:CF:DD:7F:01:3D:47:A0:66:5E:93:C8:F9:BB:D9:A3
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018A28868780C14420AC835FF69143E3BA06
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/KWA7lEPP3X8BPUegZl6TyPm72aM.roa
Signing time: Thu 24 Aug 2023 17:10:19 +0000
ROA not before: Thu 24 Aug 2023 17:10:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28920
IP address blocks: 158.120.72.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:86:87:80:c1:44:20:ac:83:5f:f6:91:43:e3:ba:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Aug 24 17:10:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29603b9443cfdd7f013d47a0665e93c8f9bbd9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c2:41:19:9b:6f:88:4d:ce:dd:b1:a5:30:d6:
46:62:a8:d2:b5:25:29:9e:21:88:1e:e7:eb:12:de:
35:12:a2:04:56:38:7c:52:79:f9:c9:30:3b:94:c6:
1c:a0:06:65:aa:8b:f1:61:07:8c:d9:83:91:5c:ff:
5c:9a:7a:2b:ad:e3:09:59:51:be:a5:62:32:5c:53:
50:83:5d:bc:6a:28:13:59:e6:97:56:84:81:2f:5c:
2d:51:95:7c:c9:ab:26:63:aa:50:86:2d:5d:76:3e:
84:7b:00:0c:00:86:39:38:fe:08:d5:03:2c:db:88:
99:b7:d3:34:d4:79:39:58:92:5c:41:8c:2f:48:91:
f7:f1:bb:60:12:31:f1:ae:39:2f:bc:35:e2:98:d2:
50:15:8a:7d:09:fe:ff:a8:3e:5e:7d:8b:9e:8d:53:
94:55:19:ca:e9:61:d7:12:57:5d:db:01:3b:6c:f9:
6a:06:bb:dc:78:be:c4:ee:23:95:56:0e:1c:69:f2:
70:0d:7d:a7:57:5e:fc:dd:1a:38:cf:b8:ef:34:c0:
7e:e7:dc:58:d8:3d:5e:7b:ce:ca:f6:9d:0c:e0:d7:
62:d8:5b:f0:98:e1:09:bc:10:be:e2:fb:80:fd:f1:
98:8b:be:d1:46:c2:44:32:10:ad:6d:f2:89:a5:dd:
33:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:60:3B:94:43:CF:DD:7F:01:3D:47:A0:66:5E:93:C8:F9:BB:D9:A3
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/KWA7lEPP3X8BPUegZl6TyPm72aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.72.0/23
Signature Algorithm: sha256WithRSAEncryption
48:75:e4:75:13:a5:a6:f0:44:62:ec:85:c8:5b:57:90:15:67:
16:ea:a3:27:60:69:4e:db:cf:c5:7a:d5:6a:5b:34:4f:09:17:
7f:b7:e7:83:fe:dc:4b:77:01:05:ff:12:c5:ca:ba:82:8a:71:
ad:c3:ad:ce:02:e8:0d:c7:84:bc:29:5b:74:be:fe:00:71:ca:
29:53:8b:5e:ac:1d:0e:a9:52:9c:48:39:18:5f:2d:9e:64:5c:
2d:83:11:db:1e:f8:62:dc:69:3d:15:a1:83:b0:5d:e7:bf:d1:
87:6c:7c:e8:6a:25:e0:89:96:8b:45:e2:09:e2:bd:0a:97:4b:
a9:9d:ce:e9:75:9f:11:66:d0:71:c0:74:7d:3a:2c:5f:0c:b0:
2b:0b:30:bd:dd:3a:e1:59:0e:fd:bf:56:ac:91:6c:f6:f6:b0:
90:c0:71:78:9b:59:02:86:8b:d4:81:af:96:c0:e6:6c:28:84:
e8:01:21:96:66:da:2e:75:87:7a:ac:f5:46:2a:09:8a:5c:75:
a1:08:c9:06:ed:f6:25:f3:a4:8c:2e:e2:b3:c6:f8:9d:bd:56:
0c:8f:e4:1e:0c:7b:e4:80:b8:fe:e3:99:32:51:3a:5b:53:1d:
64:0b:fb:47:ee:9c:f4:13:95:9e:52:a6:21:45:d6:24:7d:9d:
eb:26:cb:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoohoeAwUQgrINf9pFD47oGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwODI0MTcxMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYwM2I5NDQzY2ZkZDdmMDEzZDQ3YTA2NjVlOTNjOGY5YmJkOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8JBGZtviE3O3bGlMNZGYqjStSUp
niGIHufrEt41EqIEVjh8Unn5yTA7lMYcoAZlqovxYQeM2YORXP9cmnorreMJWVG+
pWIyXFNQg128aigTWeaXVoSBL1wtUZV8yasmY6pQhi1ddj6EewAMAIY5OP4I1QMs
24iZt9M01Hk5WJJcQYwvSJH38btgEjHxrjkvvDXimNJQFYp9Cf7/qD5efYuejVOU
VRnK6WHXEldd2wE7bPlqBrvceL7E7iOVVg4cafJwDX2nV1783Ro4z7jvNMB+59xY
2D1ee87K9p0M4Ndi2FvwmOEJvBC+4vuA/fGYi77RRsJEMhCtbfKJpd0zqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClgO5RDz91/AT1HoGZek8j5u9mjMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvS1dBN2xFUFAzWDhCUFVlZ1psNlR5UG03MmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnnhIMA0G
CSqGSIb3DQEBCwUAA4IBAQBIdeR1E6Wm8ERi7IXIW1eQFWcW6qMnYGlO28/FetVq
WzRPCRd/t+eD/txLdwEF/xLFyrqCinGtw63OAugNx4S8KVt0vv4AccopU4terB0O
qVKcSDkYXy2eZFwtgxHbHvhi3Gk9FaGDsF3nv9GHbHzoaiXgiZaLReIJ4r0Kl0up
nc7pdZ8RZtBxwHR9OixfDLArCzC93TrhWQ79v1askWz29rCQwHF4m1kChovUga+W
wOZsKIToASGWZtoudYd6rPVGKgmKXHWhCMkG7fYl86SMLuKzxvidvVYMj+QeDHvk
gLj+45kyUTpbUx1kC/tH7pz0E5WeUqYhRdYkfZ3rJsv9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org