Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa
File: K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa (raw, json)
Hash identifier: LTDZ4NRCchZ+AjqgIijKl8R7lwMJQSQeDLHWE6ZCaqI=
Subject key identifier: 2B:E2:9D:5D:48:6D:BC:14:2C:C8:BB:E8:06:4C:60:0B:D2:C8:CD:9A
Certificate issuer: /CN=e0ebdb69a33e8f3af363ae144f853538e8031b63
Certificate serial: 018784A5598F8F573C9D055EA041A3A9B104
Authority key identifier: E0:EB:DB:69:A3:3E:8F:3A:F3:63:AE:14:4F:85:35:38:E8:03:1B:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4OvbaaM-jzrzY64UT4U1OOgDG2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa
Signing time: Sat 15 Apr 2023 11:20:41 +0000
ROA not before: Sat 15 Apr 2023 11:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31055
IP address blocks: 62.168.192.0/24 maxlen: 24
62.168.194.0/24 maxlen: 24
62.168.193.0/24 maxlen: 24
62.168.199.0/24 maxlen: 24
62.168.198.0/24 maxlen: 24
62.168.197.0/24 maxlen: 24
62.168.196.0/24 maxlen: 24
62.168.195.0/24 maxlen: 24
62.168.206.0/24 maxlen: 24
62.168.205.0/24 maxlen: 24
62.168.204.0/24 maxlen: 24
62.168.203.0/24 maxlen: 24
62.168.202.0/24 maxlen: 24
62.168.201.0/24 maxlen: 24
62.168.200.0/24 maxlen: 24
62.168.207.0/24 maxlen: 24
62.168.213.0/24 maxlen: 24
62.168.212.0/24 maxlen: 24
62.168.211.0/24 maxlen: 24
62.168.210.0/24 maxlen: 24
62.168.209.0/24 maxlen: 24
62.168.208.0/24 maxlen: 24
62.168.219.0/24 maxlen: 24
62.168.218.0/24 maxlen: 24
62.168.217.0/24 maxlen: 24
62.168.216.0/24 maxlen: 24
62.168.215.0/24 maxlen: 24
62.168.214.0/24 maxlen: 24
62.168.221.0/24 maxlen: 24
62.168.220.0/24 maxlen: 24
62.168.223.0/24 maxlen: 24
62.168.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:84:a5:59:8f:8f:57:3c:9d:05:5e:a0:41:a3:a9:b1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0ebdb69a33e8f3af363ae144f853538e8031b63
Validity
Not Before: Apr 15 11:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2be29d5d486dbc142cc8bbe8064c600bd2c8cd9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ae:f7:f5:cf:c0:6c:63:98:77:62:b5:24:8b:
bd:c7:24:06:65:64:6a:d3:a0:3e:f4:d0:c6:eb:23:
ec:aa:2b:ff:e9:e7:f1:93:69:c6:6c:50:8c:59:3d:
f4:b5:66:ef:cb:df:27:6d:29:5c:fa:26:50:76:93:
63:2f:2d:4f:4d:07:15:e8:76:d1:10:f1:a5:f3:18:
da:1c:cf:cf:eb:9a:5e:29:dd:0c:22:01:9f:2d:eb:
c1:50:e9:6c:11:ee:9f:d6:20:83:87:0c:80:0f:f5:
61:68:dc:d9:cb:00:6b:7e:39:a9:42:03:12:e5:b9:
f0:54:cf:b6:01:cd:b3:9b:c2:bd:5f:75:e6:eb:ae:
74:96:13:c8:72:72:1c:b7:47:2b:d4:88:3a:81:70:
15:33:d0:f9:6c:22:79:0f:b6:41:2b:2e:ff:bf:2f:
f4:af:d1:85:bb:22:56:83:26:ca:38:50:ee:b5:5a:
c9:b5:f0:d3:4a:9e:5f:2c:3c:f4:6d:44:bd:6d:7c:
e4:f0:11:f7:28:4d:85:9a:34:43:ed:ca:2c:88:70:
69:40:39:3b:cd:b9:9e:bb:19:56:b3:93:07:31:ed:
a3:c2:12:9f:71:ce:cb:2e:38:63:8e:c4:b9:7b:3c:
cd:46:b7:fb:51:f9:38:c8:67:5e:79:9b:1d:dd:ec:
68:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E2:9D:5D:48:6D:BC:14:2C:C8:BB:E8:06:4C:60:0B:D2:C8:CD:9A
X509v3 Authority Key Identifier:
keyid:E0:EB:DB:69:A3:3E:8F:3A:F3:63:AE:14:4F:85:35:38:E8:03:1B:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4OvbaaM-jzrzY64UT4U1OOgDG2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/K-KdXUhtvBQsyLvoBkxgC9LIzZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/d8c4ba-1c48-480b-bb59-d2310bba0e11/1/4OvbaaM-jzrzY64UT4U1OOgDG2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.168.192.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:88:70:69:9f:08:e0:26:89:75:f7:6d:d5:e5:67:ea:3b:54:
24:0b:d8:1a:36:45:b7:34:28:3b:e7:a7:04:88:15:68:93:e5:
10:95:73:77:96:1c:0b:6c:59:1f:9f:04:80:ae:52:36:aa:3d:
8f:94:fe:cc:7f:a8:14:f0:1b:ba:cd:15:4b:f7:39:0b:9b:dc:
1b:ac:10:50:24:f6:65:9e:04:7b:35:7d:42:24:8b:46:1f:f9:
2b:c5:1c:20:a7:1e:4f:38:cb:0e:60:a8:df:d3:df:ee:f4:78:
15:e3:73:34:64:f6:b5:90:cd:fb:2a:b8:31:ee:f3:d4:8f:70:
2b:77:19:39:ae:09:7f:1d:86:2b:dc:e6:d9:01:e5:9e:0c:c2:
53:81:e6:44:ff:ff:c2:e3:34:49:30:0a:88:e9:5c:cb:83:e3:
2f:ef:74:05:59:e7:92:be:00:c7:2e:c4:62:2d:33:7a:e8:03:
73:59:7c:a4:2f:2a:bf:ac:bb:1d:e7:8c:39:5b:0c:7e:c7:f7:
41:41:fe:c7:7f:ec:03:0c:36:2f:0c:43:82:f5:d6:7a:e7:39:
79:24:2d:c6:bb:af:da:df:00:6f:1c:de:a9:2f:7b:34:2f:d2:
88:a2:71:07:80:b4:cf:e5:40:17:a5:d2:8d:39:da:9a:2b:16:
74:49:70:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeEpVmPj1c8nQVeoEGjqbEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZWJkYjY5YTMzZThmM2FmMzYzYWUxNDRmODUzNTM4ZTgw
MzFiNjMwHhcNMjMwNDE1MTEyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmUyOWQ1ZDQ4NmRiYzE0MmNjOGJiZTgwNjRjNjAwYmQyYzhjZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq739c/AbGOYd2K1JIu9xyQGZWRq
06A+9NDG6yPsqiv/6efxk2nGbFCMWT30tWbvy98nbSlc+iZQdpNjLy1PTQcV6HbR
EPGl8xjaHM/P65peKd0MIgGfLevBUOlsEe6f1iCDhwyAD/VhaNzZywBrfjmpQgMS
5bnwVM+2Ac2zm8K9X3Xm6650lhPIcnIct0cr1Ig6gXAVM9D5bCJ5D7ZBKy7/vy/0
r9GFuyJWgybKOFDutVrJtfDTSp5fLDz0bUS9bXzk8BH3KE2FmjRD7cosiHBpQDk7
zbmeuxlWs5MHMe2jwhKfcc7LLjhjjsS5ezzNRrf7Ufk4yGdeeZsd3exotwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvinV1IbbwULMi76AZMYAvSyM2aMB8GA1UdIwQY
MBaAFODr22mjPo8682OuFE+FNTjoAxtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE92YmFhTS1qenJ6WTY0VVQ0VTFPT2dERzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9kOGM0YmEtMWM0OC00ODBiLWJiNTkt
ZDIzMTBiYmEwZTExLzEvSy1LZFhVaHR2QlFzeUx2b0JreGdDOUxJelpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9kOGM0YmEtMWM0OC00ODBiLWJiNTktZDIzMTBiYmEwZTEx
LzEvNE92YmFhTS1qenJ6WTY0VVQ0VTFPT2dERzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPqjAMA0G
CSqGSIb3DQEBCwUAA4IBAQAuiHBpnwjgJol1923V5WfqO1QkC9gaNkW3NCg756cE
iBVok+UQlXN3lhwLbFkfnwSArlI2qj2PlP7Mf6gU8Bu6zRVL9zkLm9wbrBBQJPZl
ngR7NX1CJItGH/krxRwgpx5POMsOYKjf09/u9HgV43M0ZPa1kM37Krgx7vPUj3Ar
dxk5rgl/HYYr3ObZAeWeDMJTgeZE///C4zRJMAqI6VzLg+Mv73QFWeeSvgDHLsRi
LTN66ANzWXykLyq/rLsd54w5Wwx+x/dBQf7Hf+wDDDYvDEOC9dZ65zl5JC3Gu6/a
3wBvHN6pL3s0L9KIonEHgLTP5UAXpdKNOdqaKxZ0SXBU
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:19 2024 by rpki-client on console-fra.rpki-client.org