Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/KpiOmqwkSM9potFC-gjwnuvF3OM.roa
File: KpiOmqwkSM9potFC-gjwnuvF3OM.roa (raw, json)
Hash identifier: O86w3GtyKTW7NY4QHSu4TfgMMgU1GjOKQEb7nXprIic=
Subject key identifier: 2A:98:8E:9A:AC:24:48:CF:69:A2:D1:42:FA:08:F0:9E:EB:C5:DC:E3
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018CB5F14A5B1435D916AE9BB5CF704E46CA
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/KpiOmqwkSM9potFC-gjwnuvF3OM.roa
Signing time: Fri 29 Dec 2023 14:18:58 +0000
ROA not before: Fri 29 Dec 2023 14:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205993
IP address blocks: 85.255.120.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:f1:4a:5b:14:35:d9:16:ae:9b:b5:cf:70:4e:46:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Dec 29 14:18:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a988e9aac2448cf69a2d142fa08f09eebc5dce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7d:88:2a:3d:e7:ab:90:49:d1:f2:45:d9:02:
18:b4:2a:ce:66:d4:fd:fb:9d:82:89:af:33:09:c8:
6d:b9:a2:ac:cb:39:1c:5c:4c:a3:96:52:e7:24:4d:
a0:c0:ab:c5:33:d7:30:1c:c8:8c:26:ce:99:f3:b1:
5f:02:67:08:10:05:23:e7:e8:04:81:d3:7c:ef:03:
12:c5:68:9e:a0:98:24:1a:64:51:7a:47:b0:d4:a6:
09:2d:98:89:d7:d8:19:15:f9:e6:29:0a:1e:32:a3:
f2:b9:cd:ca:06:15:b0:96:b9:fd:26:5b:c7:d3:4f:
18:20:e0:ee:9f:c2:86:2d:7a:5e:c2:59:f4:78:65:
10:13:99:53:c9:60:8e:c5:e7:cc:f9:b4:99:b8:aa:
27:2e:23:81:85:4a:6f:c3:0e:3b:37:55:51:2b:14:
a2:ac:99:68:a2:65:d8:06:27:68:bf:11:c5:ff:ea:
fa:ee:85:00:c6:7e:e6:5f:14:78:e3:4e:97:0b:37:
1a:31:41:84:72:31:b2:51:e3:95:9c:1f:85:f5:71:
c9:b6:9a:b8:e7:48:ac:7e:e5:a6:cd:fc:5f:13:49:
7a:19:f5:83:c7:f7:64:72:0b:fd:1e:55:66:a6:2c:
21:a4:5a:fd:70:fd:fd:b3:5c:1e:2e:16:7f:1c:3b:
d1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:98:8E:9A:AC:24:48:CF:69:A2:D1:42:FA:08:F0:9E:EB:C5:DC:E3
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/KpiOmqwkSM9potFC-gjwnuvF3OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.120.0/21
Signature Algorithm: sha256WithRSAEncryption
10:aa:c1:4f:5c:40:52:cc:b9:b2:b3:9b:91:b5:b4:1b:7f:57:
0f:c9:a9:0f:49:c1:c0:81:7f:da:24:a1:79:90:81:72:04:2d:
ad:7d:b3:a3:f7:11:3d:f1:9c:3a:5c:cc:75:6b:a1:4f:5a:7f:
4c:e8:c8:57:c3:31:45:7c:b9:5e:69:6f:08:b5:85:3b:99:9b:
75:73:c6:ce:6e:36:ff:51:f8:b6:42:86:57:7f:6a:4f:f8:4e:
7c:9c:f4:45:82:98:81:f4:72:e1:ee:a3:2a:44:2b:e9:4b:7d:
19:7e:51:c1:6d:ce:10:8b:fd:04:98:ea:32:bd:4e:13:86:21:
aa:c3:44:42:a3:e0:ea:07:85:20:a5:94:b7:f9:32:54:05:ea:
79:b5:14:da:3a:5c:e2:fa:fa:cf:7b:05:68:4e:02:39:cb:02:
93:9c:3e:c4:c4:87:7e:07:f3:ff:a4:b4:33:ad:90:fe:30:71:
36:42:a3:aa:20:90:60:14:21:ff:a7:80:12:14:8e:3e:5f:9b:
da:50:89:8d:c6:85:3d:12:d8:67:23:37:88:3c:0c:f0:da:14:
de:e8:8b:bd:15:d9:26:43:8e:3d:00:bb:98:36:37:85:f4:47:
08:65:be:ed:4d:59:23:39:f6:9c:f9:f7:18:a3:5c:1d:ab:17:
f8:d4:9a:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy18UpbFDXZFq6btc9wTkbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMxMjI5MTQxODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk4OGU5YWFjMjQ0OGNmNjlhMmQxNDJmYTA4ZjA5ZWViYzVkY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln2IKj3nq5BJ0fJF2QIYtCrOZtT9
+52Cia8zCchtuaKsyzkcXEyjllLnJE2gwKvFM9cwHMiMJs6Z87FfAmcIEAUj5+gE
gdN87wMSxWieoJgkGmRRekew1KYJLZiJ19gZFfnmKQoeMqPyuc3KBhWwlrn9JlvH
008YIODun8KGLXpewln0eGUQE5lTyWCOxefM+bSZuKonLiOBhUpvww47N1VRKxSi
rJloomXYBidovxHF/+r67oUAxn7mXxR4406XCzcaMUGEcjGyUeOVnB+F9XHJtpq4
50isfuWmzfxfE0l6GfWDx/dkcgv9HlVmpiwhpFr9cP39s1weLhZ/HDvR0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqYjpqsJEjPaaLRQvoI8J7rxdzjMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvS3BpT21xd2tTTTlwb3RGQy1nandudXZGM09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVf94MA0G
CSqGSIb3DQEBCwUAA4IBAQAQqsFPXEBSzLmys5uRtbQbf1cPyakPScHAgX/aJKF5
kIFyBC2tfbOj9xE98Zw6XMx1a6FPWn9M6MhXwzFFfLleaW8ItYU7mZt1c8bObjb/
Ufi2QoZXf2pP+E58nPRFgpiB9HLh7qMqRCvpS30ZflHBbc4Qi/0EmOoyvU4ThiGq
w0RCo+DqB4UgpZS3+TJUBep5tRTaOlzi+vrPewVoTgI5ywKTnD7ExId+B/P/pLQz
rZD+MHE2QqOqIJBgFCH/p4ASFI4+X5vaUImNxoU9EthnIzeIPAzw2hTe6Iu9Fdkm
Q449ALuYNjeF9EcIZb7tTVkjOfac+fcYo1wdqxf41JpJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:06 2024 by rpki-client on console-ams.rpki-client.org