Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/64666e-af1b-4118-823d-5de99a52aa39/1/kulmMUKXDkb1sHf07hU3PGDx5GU.roa
File: kulmMUKXDkb1sHf07hU3PGDx5GU.roa (raw, json)
Hash identifier: SLpOP1yaeujk+Mmef6e4rVPSYH0F+KNHwUTshCM/NJY=
Subject key identifier: 92:E9:66:31:42:97:0E:46:F5:B0:77:F4:EE:15:37:3C:60:F1:E4:65
Certificate issuer: /CN=d26e4538f1ddea77f57396bb93b907f152df697c
Certificate serial: 0190C0C8A9CCBCA30883162CD71A0BC7D08F
Authority key identifier: D2:6E:45:38:F1:DD:EA:77:F5:73:96:BB:93:B9:07:F1:52:DF:69:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0m5FOPHd6nf1c5a7k7kH8VLfaXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/64666e-af1b-4118-823d-5de99a52aa39/1/kulmMUKXDkb1sHf07hU3PGDx5GU.roa
Signing time: Wed 17 Jul 2024 13:01:34 +0000
ROA not before: Wed 17 Jul 2024 13:01:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204983
IP address blocks: 185.233.172.0/22 maxlen: 22
2a0c:eb00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:c8:a9:cc:bc:a3:08:83:16:2c:d7:1a:0b:c7:d0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26e4538f1ddea77f57396bb93b907f152df697c
Validity
Not Before: Jul 17 13:01:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92e9663142970e46f5b077f4ee15373c60f1e465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:8b:83:c1:2c:63:06:b7:fc:9c:7b:56:68:
d5:02:7d:a6:58:67:2c:b6:58:a3:1c:fb:fe:09:31:
d7:27:16:38:27:11:84:50:16:3b:c7:73:34:cf:bf:
79:d6:db:f2:7a:19:68:4f:ed:f3:fa:44:d7:bb:8d:
c1:2e:69:5d:ab:39:e7:6c:57:19:67:28:af:34:7b:
41:80:a1:15:de:3b:0d:45:46:6b:b6:e6:b1:5f:af:
22:72:f5:47:59:57:b9:1d:24:7c:f0:84:96:67:f2:
a2:4c:5c:3c:46:49:8e:2a:31:a8:95:fd:9b:88:5d:
97:87:cb:30:f7:50:2b:1d:2d:96:55:17:1f:cf:ba:
56:08:7a:1a:17:4d:ec:d9:35:8a:fd:f4:41:e9:2c:
8b:fc:28:61:45:0b:ec:cf:d5:54:d5:4d:ea:d9:0e:
7b:27:5e:92:09:4a:45:20:1e:f4:4d:cd:bc:dc:6d:
f8:62:02:f7:52:35:4d:af:f2:08:a6:64:0f:ec:b0:
92:e5:86:65:f1:ca:18:9c:d9:3e:ff:22:97:02:b6:
7d:3b:8a:d5:46:ff:f3:5c:54:89:90:15:79:4f:94:
45:c5:4b:8c:9f:58:e9:79:9d:e4:c2:13:43:06:d6:
f7:be:08:6e:2c:01:33:b9:7a:96:5f:5a:2d:3b:d3:
51:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E9:66:31:42:97:0E:46:F5:B0:77:F4:EE:15:37:3C:60:F1:E4:65
X509v3 Authority Key Identifier:
keyid:D2:6E:45:38:F1:DD:EA:77:F5:73:96:BB:93:B9:07:F1:52:DF:69:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0m5FOPHd6nf1c5a7k7kH8VLfaXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/64666e-af1b-4118-823d-5de99a52aa39/1/kulmMUKXDkb1sHf07hU3PGDx5GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/64666e-af1b-4118-823d-5de99a52aa39/1/0m5FOPHd6nf1c5a7k7kH8VLfaXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.172.0/22
IPv6:
2a0c:eb00::/32
Signature Algorithm: sha256WithRSAEncryption
44:c3:d8:62:37:f0:8d:ce:87:55:5b:4e:e9:21:e8:e5:96:b6:
17:74:df:47:68:67:cd:29:61:26:94:19:bb:98:b2:c4:6d:36:
cb:b7:8a:a7:ec:42:8b:b0:76:3a:d7:ea:22:70:71:74:27:08:
59:67:64:4d:47:f1:3d:ef:5c:0f:8b:01:a3:d5:3f:43:67:80:
b4:4b:33:b1:bf:ae:27:0e:cc:90:83:2e:5a:75:08:06:60:c5:
38:86:17:c7:7a:24:0f:92:90:e7:bc:01:20:8a:55:bd:cd:ab:
06:b9:2e:9a:59:89:90:5e:6f:d0:ec:1b:f8:ec:72:6f:b3:38:
22:e4:80:70:e8:70:11:d5:64:a0:da:72:42:ae:ab:ad:76:d7:
7f:db:b2:e8:f3:6f:eb:84:20:9b:82:40:c3:88:17:88:fc:d0:
73:52:0f:8d:e1:2b:c2:d7:4e:00:1b:22:ca:52:96:26:f2:e2:
e4:30:b1:5c:cb:cf:a5:78:55:68:c4:18:56:8b:b9:1e:16:1c:
c8:93:1b:e3:c6:a2:06:3e:f2:6c:e7:65:23:99:b7:dd:7c:f2:
74:2a:1c:53:02:ec:54:17:59:cc:5d:d8:5b:61:12:3c:d6:3b:
52:89:d4:34:7b:94:20:cf:af:4e:d2:c1:1b:f5:cb:51:b3:45:
43:bb:00:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDAyKnMvKMIgxYs1xoLx9CPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmU0NTM4ZjFkZGVhNzdmNTczOTZiYjkzYjkwN2YxNTJk
ZjY5N2MwHhcNMjQwNzE3MTMwMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmU5NjYzMTQyOTcwZTQ2ZjViMDc3ZjRlZTE1MzczYzYwZjFlNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVGLg8EsYwa3/Jx7VmjVAn2mWGcs
tlijHPv+CTHXJxY4JxGEUBY7x3M0z7951tvyehloT+3z+kTXu43BLmldqznnbFcZ
ZyivNHtBgKEV3jsNRUZrtuaxX68icvVHWVe5HSR88ISWZ/KiTFw8RkmOKjGolf2b
iF2Xh8sw91ArHS2WVRcfz7pWCHoaF03s2TWK/fRB6SyL/ChhRQvsz9VU1U3q2Q57
J16SCUpFIB70Tc283G34YgL3UjVNr/IIpmQP7LCS5YZl8coYnNk+/yKXArZ9O4rV
Rv/zXFSJkBV5T5RFxUuMn1jpeZ3kwhNDBtb3vghuLAEzuXqWX1otO9NR+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJLpZjFClw5G9bB39O4VNzxg8eRlMB8GA1UdIwQY
MBaAFNJuRTjx3ep39XOWu5O5B/FS32l8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG01Rk9QSGQ2bmYxYzVhN2s3a0g4VkxmYVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS82NDY2NmUtYWYxYi00MTE4LTgyM2Qt
NWRlOTlhNTJhYTM5LzEva3VsbU1VS1hEa2Ixc0hmMDdoVTNQR0R4NUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS82NDY2NmUtYWYxYi00MTE4LTgyM2QtNWRlOTlhNTJhYTM5
LzEvMG01Rk9QSGQ2bmYxYzVhN2s3a0g4VkxmYVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuemsMA0E
AgACMAcDBQAqDOsAMA0GCSqGSIb3DQEBCwUAA4IBAQBEw9hiN/CNzodVW07pIejl
lrYXdN9HaGfNKWEmlBm7mLLEbTbLt4qn7EKLsHY61+oicHF0JwhZZ2RNR/E971wP
iwGj1T9DZ4C0SzOxv64nDsyQgy5adQgGYMU4hhfHeiQPkpDnvAEgilW9zasGuS6a
WYmQXm/Q7Bv47HJvszgi5IBw6HAR1WSg2nJCrqutdtd/27Lo82/rhCCbgkDDiBeI
/NBzUg+N4SvC104AGyLKUpYm8uLkMLFcy8+leFVoxBhWi7keFhzIkxvjxqIGPvJs
52UjmbfdfPJ0KhxTAuxUF1nMXdhbYRI81jtSidQ0e5Qgz69O0sEb9ctRs0VDuwAw
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:03:29 2025 by rpki-client