Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/d5008a-0f42-4557-9feb-3984c213e214/1/kgzIzrLN-tNGoo0Hrl1m5iXBQ_o.roa
File: kgzIzrLN-tNGoo0Hrl1m5iXBQ_o.roa (raw, json)
Hash identifier: JSVTBYxgpyk6/aQpv9/w1gsE84jDO45CQdXwSxhyd3c=
Subject key identifier: 92:0C:C8:CE:B2:CD:FA:D3:46:A2:8D:07:AE:5D:66:E6:25:C1:43:FA
Certificate issuer: /CN=2bbbd639efb113d19688a1acce6945bb6c6a9ac5
Certificate serial: 01856E5D4909FDE0E85BECCADF16B28405F8
Authority key identifier: 2B:BB:D6:39:EF:B1:13:D1:96:88:A1:AC:CE:69:45:BB:6C:6A:9A:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7vWOe-xE9GWiKGszmlFu2xqmsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/d5008a-0f42-4557-9feb-3984c213e214/1/kgzIzrLN-tNGoo0Hrl1m5iXBQ_o.roa
Signing time: Sun 01 Jan 2023 17:24:45 +0000
ROA not before: Sun 01 Jan 2023 17:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.58.192.0/22 maxlen: 24
109.70.244.0/22 maxlen: 24
109.70.240.0/22 maxlen: 24
2a04:e101::/32 maxlen: 32
2a04:e100::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:49:09:fd:e0:e8:5b:ec:ca:df:16:b2:84:05:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbbd639efb113d19688a1acce6945bb6c6a9ac5
Validity
Not Before: Jan 1 17:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=920cc8ceb2cdfad346a28d07ae5d66e625c143fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:90:cd:a3:3e:64:3b:60:1b:09:e2:09:b7:64:
ae:d2:51:f1:62:d5:77:3f:d1:31:75:14:ac:f9:c7:
98:60:41:5d:1e:49:c2:25:8d:a4:66:73:ce:16:1d:
af:5a:c7:da:af:13:c1:99:19:c4:25:62:fe:39:60:
da:fb:67:a5:32:37:b2:cb:31:c2:f1:f7:a1:5c:ca:
fe:36:b0:11:64:8b:d8:58:17:51:b5:4f:e0:a2:cd:
ab:29:18:1d:72:ed:56:1d:f7:9c:30:55:d6:d7:81:
35:45:9a:13:c8:58:69:c2:a3:6e:e1:60:f5:f4:96:
83:50:1b:d9:a6:7c:dc:2d:fe:a7:57:50:6a:99:f9:
3a:a5:d7:cb:2f:27:fa:35:e1:e9:ed:90:50:15:8c:
94:19:cc:e1:f4:a5:81:da:0f:1c:2f:76:1a:e3:41:
d1:e3:e1:b2:71:0f:c7:62:5f:4b:32:ee:63:3a:59:
91:d2:61:dd:31:32:b9:18:10:50:74:01:35:e6:80:
07:78:bc:7a:71:6f:7d:87:c1:8e:d5:7d:6f:d7:75:
3e:59:7e:0e:f2:ec:1e:da:66:83:97:08:b4:0f:f5:
2c:b3:f0:0a:2e:72:6b:e5:04:a3:cb:bd:8a:ab:01:
b9:39:d9:1c:26:e4:44:46:bd:c2:8f:df:d7:a1:d4:
5c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0C:C8:CE:B2:CD:FA:D3:46:A2:8D:07:AE:5D:66:E6:25:C1:43:FA
X509v3 Authority Key Identifier:
keyid:2B:BB:D6:39:EF:B1:13:D1:96:88:A1:AC:CE:69:45:BB:6C:6A:9A:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7vWOe-xE9GWiKGszmlFu2xqmsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/d5008a-0f42-4557-9feb-3984c213e214/1/kgzIzrLN-tNGoo0Hrl1m5iXBQ_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/d5008a-0f42-4557-9feb-3984c213e214/1/K7vWOe-xE9GWiKGszmlFu2xqmsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.240.0/21
185.58.192.0/22
IPv6:
2a04:e100::/31
Signature Algorithm: sha256WithRSAEncryption
41:fc:55:63:d4:be:db:fe:89:b2:ef:c0:54:d7:ae:4a:d1:4c:
13:38:d8:92:3a:29:d3:5b:72:6c:d0:d7:4a:28:9d:88:7e:3c:
ad:77:60:6b:7f:dd:0d:d9:5a:b7:be:4f:f4:15:97:c6:7f:a7:
37:09:e4:ac:f4:79:19:95:49:64:62:aa:28:cb:78:87:b2:23:
95:e1:09:b9:ce:96:69:48:bc:3d:6e:3b:b3:53:c3:19:63:56:
d0:7e:97:86:32:d2:0b:41:b6:1d:2f:f9:6b:46:b2:63:c1:17:
51:86:fc:e2:8f:0a:72:82:6c:72:e6:b1:54:12:22:59:dd:e7:
45:90:17:0d:4a:19:76:35:43:91:b2:79:cb:43:49:d1:93:ec:
a3:be:cc:48:4b:60:9b:1c:ec:8a:24:2d:8c:82:dc:af:22:76:
13:9a:d9:db:af:fd:c3:6b:79:08:3f:00:25:7f:5d:e3:4a:9c:
0f:8d:e5:24:be:c5:fe:98:37:f5:be:cc:03:ce:80:28:57:e0:
a4:3e:84:e2:27:14:ae:d0:3d:f6:f7:be:44:d5:1a:15:27:00:
f6:e3:d5:39:24:c6:77:eb:67:e0:89:a5:fa:bb:68:a2:88:b1:
51:0c:71:e9:cd:91:4f:a5:4f:a6:2f:0c:a1:88:25:f6:03:de:
bb:f6:90:57
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuXUkJ/eDoW+zK3xayhAX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYmJkNjM5ZWZiMTEzZDE5Njg4YTFhY2NlNjk0NWJiNmM2
YTlhYzUwHhcNMjMwMTAxMTcyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBjYzhjZWIyY2RmYWQzNDZhMjhkMDdhZTVkNjZlNjI1YzE0M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJDNoz5kO2AbCeIJt2Su0lHxYtV3
P9ExdRSs+ceYYEFdHknCJY2kZnPOFh2vWsfarxPBmRnEJWL+OWDa+2elMjeyyzHC
8fehXMr+NrARZIvYWBdRtU/gos2rKRgdcu1WHfecMFXW14E1RZoTyFhpwqNu4WD1
9JaDUBvZpnzcLf6nV1Bqmfk6pdfLLyf6NeHp7ZBQFYyUGczh9KWB2g8cL3Ya40HR
4+GycQ/HYl9LMu5jOlmR0mHdMTK5GBBQdAE15oAHeLx6cW99h8GO1X1v13U+WX4O
8uwe2maDlwi0D/Uss/AKLnJr5QSjy72KqwG5OdkcJuRERr3Cj9/XodRc2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJIMyM6yzfrTRqKNB65dZuYlwUP6MB8GA1UdIwQY
MBaAFCu71jnvsRPRloihrM5pRbtsaprFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzd2V09lLXhFOUdXaUtHc3ptbEZ1MnhxbXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9kNTAwOGEtMGY0Mi00NTU3LTlmZWIt
Mzk4NGMyMTNlMjE0LzEva2d6SXpyTE4tdE5Hb28wSHJsMW01aVhCUV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9kNTAwOGEtMGY0Mi00NTU3LTlmZWItMzk4NGMyMTNlMjE0
LzEvSzd2V09lLXhFOUdXaUtHc3ptbEZ1MnhxbXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbUbwAwQC
uTrAMA0EAgACMAcDBQEqBOEAMA0GCSqGSIb3DQEBCwUAA4IBAQBB/FVj1L7b/omy
78BU165K0UwTONiSOinTW3Js0NdKKJ2Ifjytd2Brf90N2Vq3vk/0FZfGf6c3CeSs
9HkZlUlkYqooy3iHsiOV4Qm5zpZpSLw9bjuzU8MZY1bQfpeGMtILQbYdL/lrRrJj
wRdRhvzijwpygmxy5rFUEiJZ3edFkBcNShl2NUORsnnLQ0nRk+yjvsxIS2CbHOyK
JC2MgtyvInYTmtnbr/3Da3kIPwAlf13jSpwPjeUkvsX+mDf1vswDzoAoV+CkPoTi
JxSu0D32975E1RoVJwD249U5JMZ362fgiaX6u2iiiLFRDHHpzZFPpU+mLwyhiCX2
A9679pBX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:31 2024 by rpki-client on console-fra.rpki-client.org