Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/KxSJm8FdHHKN6WmD49KSymIoM8A.roa
File: KxSJm8FdHHKN6WmD49KSymIoM8A.roa (raw, json)
Hash identifier: aFLeoV8zrV+ordeMcW9GjjcJvN5lG8J3OwktwoyJHJA=
Subject key identifier: 2B:14:89:9B:C1:5D:1C:72:8D:E9:69:83:E3:D2:92:CA:62:28:33:C0
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 018572B40D7BF002405E7965F24768EF0A80
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/KxSJm8FdHHKN6WmD49KSymIoM8A.roa
Signing time: Mon 02 Jan 2023 13:38:00 +0000
ROA not before: Mon 02 Jan 2023 13:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12307
IP address blocks: 185.119.104.0/23 maxlen: 23
185.119.104.0/24 maxlen: 24
185.119.107.0/24 maxlen: 24
2a06:8a07::/32 maxlen: 32
2a06:8a00::/29 maxlen: 29
2a06:8a00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:0d:7b:f0:02:40:5e:79:65:f2:47:68:ef:0a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: Jan 2 13:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b14899bc15d1c728de96983e3d292ca622833c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:84:a3:20:c7:24:96:6a:dc:40:47:bf:cf:
53:ab:18:d6:43:46:e8:e7:1c:f8:21:c8:75:f7:84:
80:85:e5:a2:e8:c2:6e:7d:ca:58:ae:78:eb:8d:9b:
3c:43:36:eb:dd:89:aa:0c:be:50:c8:d5:3d:40:23:
bb:01:05:6f:b8:4d:32:cc:d6:51:9a:f6:5e:ea:a9:
22:b7:b6:e1:0b:01:51:65:85:47:82:e9:43:3b:37:
6e:ce:92:f0:18:3d:2a:17:6d:ae:c2:23:bd:6e:bc:
5c:5e:0b:1a:da:31:8d:4a:bc:e8:22:1f:c9:c5:0b:
a8:49:21:16:20:df:cb:ba:51:f4:b1:7e:0d:79:66:
79:fe:bc:c1:3f:6c:56:66:3a:54:ad:6f:2a:f5:df:
37:a4:5b:53:1d:37:5c:8b:49:80:7d:7b:b5:ed:ce:
bc:5d:1c:d1:c6:d9:0b:9f:07:52:7c:3e:e3:35:3c:
9c:24:d1:31:e2:7e:2e:8a:94:0a:05:c8:f9:be:f6:
4f:4a:1b:e6:c3:ac:17:51:6a:0c:bc:65:77:de:9e:
10:43:98:e3:44:b1:dd:e6:f4:ce:ff:e6:5f:54:55:
21:92:86:c5:a7:a6:1a:af:34:f2:19:db:7f:bc:6f:
09:f9:48:23:e7:f3:da:59:5d:5e:1b:4f:c4:72:7e:
4c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:14:89:9B:C1:5D:1C:72:8D:E9:69:83:E3:D2:92:CA:62:28:33:C0
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/KxSJm8FdHHKN6WmD49KSymIoM8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.104.0/23
185.119.107.0/24
IPv6:
2a06:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
5a:e0:29:86:d5:7d:95:38:4d:91:50:e6:40:00:79:40:37:32:
9a:1f:4e:57:f9:42:37:6b:e8:03:83:f3:c8:5c:68:3c:7e:64:
11:f0:d4:df:42:dc:4a:66:cb:a5:9a:8a:31:e4:9a:b7:a4:a1:
af:9a:e1:a8:aa:03:d0:cf:86:f5:2f:8c:03:60:34:3a:66:fa:
1a:c9:1f:31:4f:cd:62:e8:fc:50:bc:dc:7b:a2:3b:32:0b:90:
1d:bf:08:cc:1c:b4:35:d0:d3:1b:fe:ac:3d:b2:f2:9a:38:35:
83:e2:09:d0:24:78:47:45:f3:5f:05:3b:be:8b:1a:5a:fe:16:
b3:9e:7a:f5:81:c1:dc:48:63:aa:7b:90:3f:3a:8c:7f:5f:f0:
2f:1d:ca:d6:94:06:67:ba:6a:a4:60:02:ad:05:ec:a4:f2:b8:
3d:1b:b3:10:72:50:90:88:d0:27:4a:dd:6a:49:7f:f6:fa:24:
a2:7d:48:1a:be:82:fe:e1:fe:99:15:64:22:d0:fc:6a:e9:c8:
4b:35:42:27:6f:e9:27:86:b5:70:05:63:27:61:98:5b:ba:8b:
9d:13:0b:f9:88:04:51:c5:14:0f:bc:fb:13:c9:71:9c:cc:b4:
ef:af:de:54:cd:71:1a:e1:26:fb:1f:9c:83:f8:cb:a2:73:84:
51:1a:77:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVytA178AJAXnll8kdo7wqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjMwMTAyMTMzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjE0ODk5YmMxNWQxYzcyOGRlOTY5ODNlM2QyOTJjYTYyMjgzM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ+EoyDHJJZq3EBHv89TqxjWQ0bo
5xz4Ich194SAheWi6MJufcpYrnjrjZs8Qzbr3YmqDL5QyNU9QCO7AQVvuE0yzNZR
mvZe6qkit7bhCwFRZYVHgulDOzduzpLwGD0qF22uwiO9brxcXgsa2jGNSrzoIh/J
xQuoSSEWIN/LulH0sX4NeWZ5/rzBP2xWZjpUrW8q9d83pFtTHTdci0mAfXu17c68
XRzRxtkLnwdSfD7jNTycJNEx4n4uipQKBcj5vvZPShvmw6wXUWoMvGV33p4QQ5jj
RLHd5vTO/+ZfVFUhkobFp6YarzTyGdt/vG8J+Ugj5/PaWV1eG0/Ecn5MgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCsUiZvBXRxyjelpg+PSkspiKDPAMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEvS3hTSm04RmRISEtONldtRDQ5S1N5bUlvTThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuXdoAwQA
uXdrMA0EAgACMAcDBQMqBooAMA0GCSqGSIb3DQEBCwUAA4IBAQBa4CmG1X2VOE2R
UOZAAHlANzKaH05X+UI3a+gDg/PIXGg8fmQR8NTfQtxKZsulmoox5Jq3pKGvmuGo
qgPQz4b1L4wDYDQ6ZvoayR8xT81i6PxQvNx7ojsyC5AdvwjMHLQ10NMb/qw9svKa
ODWD4gnQJHhHRfNfBTu+ixpa/haznnr1gcHcSGOqe5A/Oox/X/AvHcrWlAZnumqk
YAKtBeyk8rg9G7MQclCQiNAnSt1qSX/2+iSifUgavoL+4f6ZFWQi0Pxq6chLNUIn
b+knhrVwBWMnYZhbuoudEwv5iARRxRQPvPsTyXGczLTvr95UzXEa4Sb7H5yD+Mui
c4RRGncf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:54 2024 by rpki-client on console-ams.rpki-client.org