Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/kDTKhCRTz3Inn0G4h_meVnaiCT0.roa
File: kDTKhCRTz3Inn0G4h_meVnaiCT0.roa (raw, json)
Hash identifier: XGTD3gLypSDeNTN3CnPd6r6kokagvgjHxP5Jj/oy5uw=
Subject key identifier: 90:34:CA:84:24:53:CF:72:27:9F:41:B8:87:F9:9E:56:76:A2:09:3D
Certificate issuer: /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial: 018572BA780812BEEB5610036661670FFCAD
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/kDTKhCRTz3Inn0G4h_meVnaiCT0.roa
Signing time: Mon 02 Jan 2023 13:45:01 +0000
ROA not before: Mon 02 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51200
IP address blocks: 92.241.15.0/24 maxlen: 24
92.241.17.0/24 maxlen: 24
92.241.19.0/24 maxlen: 24
92.241.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:78:08:12:be:eb:56:10:03:66:61:67:0f:fc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Validity
Not Before: Jan 2 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9034ca842453cf72279f41b887f99e5676a2093d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2a:80:94:96:2e:fd:9e:08:36:fc:75:3e:38:
30:cb:85:61:bf:bf:a9:68:c5:12:e8:28:7c:d4:fa:
e3:98:19:d0:d9:41:25:cb:95:01:5c:bf:b6:b3:a9:
63:8f:73:aa:f3:95:62:40:bb:ba:9d:7b:91:a8:6d:
67:07:9a:7b:a6:bc:41:c5:f3:d0:b4:ee:0e:64:7f:
29:0f:98:cc:94:e8:31:10:10:1e:ba:21:92:c2:8b:
95:d0:3b:17:bf:f6:ab:21:09:e4:70:13:2e:cb:d0:
da:f2:30:d4:a9:2e:fb:bb:8b:03:89:61:17:db:1e:
17:fb:d7:be:45:ab:a6:cc:98:aa:59:09:27:1e:7e:
70:f8:82:ff:4b:8d:73:39:b8:4d:96:18:cd:58:83:
0c:3c:54:5c:f9:52:83:a8:bc:88:b8:ee:49:e1:ca:
06:e0:36:40:b9:52:ef:fe:c0:89:d5:13:e3:d4:e9:
5a:f4:74:48:ba:cd:d9:36:31:a5:fd:90:09:d8:0a:
df:77:e5:5f:c0:63:82:e9:68:dd:8c:f6:4f:de:c9:
ef:42:b8:04:61:f1:30:44:b2:5d:72:81:8e:f7:97:
68:ba:9b:7e:57:25:3d:7e:34:b2:ee:8a:a9:6c:af:
ea:30:7a:d8:a0:40:57:e2:0c:c9:0b:32:ab:b3:37:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:34:CA:84:24:53:CF:72:27:9F:41:B8:87:F9:9E:56:76:A2:09:3D
X509v3 Authority Key Identifier:
keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/kDTKhCRTz3Inn0G4h_meVnaiCT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.241.15.0/24
92.241.17.0/24
92.241.19.0-92.241.20.255
Signature Algorithm: sha256WithRSAEncryption
90:a4:bb:5e:6d:f7:c9:cb:7c:a9:87:ae:2b:dd:47:ed:f1:18:
1e:a5:7a:72:40:b9:aa:cf:d9:75:d0:ee:23:2b:46:e6:96:f2:
1f:ca:ca:f6:92:95:30:6b:ef:81:f0:83:98:4c:e8:4e:8d:88:
af:5f:53:9d:c6:a0:7b:2d:2f:b4:19:8f:05:f8:b1:68:dc:c4:
cb:0c:b1:65:90:d7:1b:bb:b5:f1:4e:22:fc:29:7d:f1:7a:42:
38:ae:07:69:73:76:79:5d:ae:75:e9:c7:0a:b4:b9:73:38:e7:
d8:06:31:63:6b:9c:75:84:2d:eb:10:62:40:b9:7f:a8:ad:4e:
c0:ef:23:ce:fc:2e:4c:21:81:5e:86:95:22:b0:96:a5:c0:86:
80:52:6c:d3:b0:68:be:c5:4d:d0:09:27:71:96:66:1c:a2:4e:
6e:28:c7:1b:2c:7d:63:f5:e1:0a:3b:e5:26:67:77:66:6e:4c:
17:45:8c:73:f5:97:83:1d:48:9a:a8:ef:df:4e:72:fc:67:59:
57:d3:cc:8b:9b:00:d3:34:f8:d8:d5:ae:a5:5b:3c:ac:c8:47:
88:c1:b0:48:bf:74:19:6f:41:74:08:6f:9e:22:9c:19:b9:15:
15:ad:ae:9b:05:c7:90:2d:4c:8b:93:a5:40:a3:bb:bd:11:50:
a2:db:5e:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVyungIEr7rVhADZmFnD/ytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWVjNTIzMWQyMTJiMzEwNTc5ZDc4ZmM0MTQ3OWNhNmVj
MmFhMDcwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM0Y2E4NDI0NTNjZjcyMjc5ZjQxYjg4N2Y5OWU1Njc2YTIwOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziqAlJYu/Z4INvx1Pjgwy4Vhv7+p
aMUS6Ch81PrjmBnQ2UEly5UBXL+2s6ljj3Oq85ViQLu6nXuRqG1nB5p7prxBxfPQ
tO4OZH8pD5jMlOgxEBAeuiGSwouV0DsXv/arIQnkcBMuy9Da8jDUqS77u4sDiWEX
2x4X+9e+RaumzJiqWQknHn5w+IL/S41zObhNlhjNWIMMPFRc+VKDqLyIuO5J4coG
4DZAuVLv/sCJ1RPj1Ola9HRIus3ZNjGl/ZAJ2Arfd+VfwGOC6WjdjPZP3snvQrgE
YfEwRLJdcoGO95doupt+VyU9fjSy7oqpbK/qMHrYoEBX4gzJCzKrszcOQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJA0yoQkU89yJ59BuIf5nlZ2ogk9MB8GA1UdIwQY
MBaAFC7uxSMdISsxBXnXj8QUecpuwqoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDIt
MjcxYTk1NzZlYWU3LzEva0RUS2hDUlR6M0lubjBHNGhfbWVWbmFpQ1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDItMjcxYTk1NzZlYWU3
LzEvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXPEPAwQA
XPERMAwDBABc8RMDBABc8RQwDQYJKoZIhvcNAQELBQADggEBAJCku15t98nLfKmH
rivdR+3xGB6lenJAuarP2XXQ7iMrRuaW8h/KyvaSlTBr74Hwg5hM6E6NiK9fU53G
oHstL7QZjwX4sWjcxMsMsWWQ1xu7tfFOIvwpffF6QjiuB2lzdnldrnXpxwq0uXM4
59gGMWNrnHWELesQYkC5f6itTsDvI878LkwhgV6GlSKwlqXAhoBSbNOwaL7FTdAJ
J3GWZhyiTm4oxxssfWP14Qo75SZnd2ZuTBdFjHP1l4MdSJqo799OcvxnWVfTzIub
ANM0+NjVrqVbPKzIR4jBsEi/dBlvQXQIb54inBm5FRWtrpsFx5AtTIuTpUCju70R
UKLbXuk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:30 2024 by rpki-client on console-ams.rpki-client.org