Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/KQJ7bn_gOVrs_322S3tJbtjCEVg.roa
File: KQJ7bn_gOVrs_322S3tJbtjCEVg.roa (raw, json)
Hash identifier: 8ZqhKJPp/HOU1Ubj/uCnMIMsnLYB3U79I1JAIqKy+ao=
Subject key identifier: 29:02:7B:6E:7F:E0:39:5A:EC:FF:7D:B6:4B:7B:49:6E:D8:C2:11:58
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139CB1CEC46232F78F01976604FB5A0
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/KQJ7bn_gOVrs_322S3tJbtjCEVg.roa
Signing time: Mon 02 Jan 2023 06:44:50 +0000
ROA not before: Mon 02 Jan 2023 06:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43965
IP address blocks: 194.225.48.0/20 maxlen: 24
194.225.184.0/22 maxlen: 24
194.225.192.0/19 maxlen: 24
2001:14e8:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:cb:1c:ec:46:23:2f:78:f0:19:76:60:4f:b5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29027b6e7fe0395aecff7db64b7b496ed8c21158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5d:16:fa:4c:ec:61:ca:2a:29:4a:fd:86:ea:
5f:49:fb:05:5f:97:27:1c:c3:45:d4:9c:cb:ff:06:
4e:d6:d6:89:47:2a:b8:a9:3a:b2:f6:c4:f3:37:86:
ce:85:23:2b:22:32:05:12:bb:88:dc:f6:7d:de:73:
cf:2a:de:08:f2:bd:6b:c5:c9:82:36:3f:96:a4:01:
1b:2e:37:5c:6b:b0:e2:21:16:ee:fd:6e:22:02:83:
21:cc:75:3b:2f:e1:9f:20:be:c7:e8:57:d7:1e:a3:
2f:cb:81:0b:1d:ba:d3:c3:fc:ca:ee:77:f4:37:8b:
22:64:61:ab:e5:fd:a9:82:a5:66:d9:dc:5d:69:14:
8a:61:94:0e:88:a1:43:3b:c5:0d:72:d8:e7:91:17:
4c:f7:4e:58:8f:2a:6e:27:b6:38:cb:f0:b9:0c:cd:
a9:b2:23:3a:e5:59:89:50:c8:83:89:92:79:7e:ab:
51:7e:da:99:b4:8b:3a:4d:26:a6:b8:29:12:16:fe:
af:10:19:be:6f:dd:7a:95:6b:b1:c1:60:30:72:ab:
c6:2d:eb:e8:cf:23:de:71:6d:1e:04:dc:6d:7b:cd:
f1:9a:96:26:b9:64:a3:f3:2b:cf:e1:91:da:3a:89:
c7:e6:0a:e8:fb:b1:89:a6:e3:29:40:d1:cf:3b:41:
b2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:02:7B:6E:7F:E0:39:5A:EC:FF:7D:B6:4B:7B:49:6E:D8:C2:11:58
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/KQJ7bn_gOVrs_322S3tJbtjCEVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.225.48.0/20
194.225.184.0/22
194.225.192.0/19
IPv6:
2001:14e8:2::/48
Signature Algorithm: sha256WithRSAEncryption
78:5b:e6:9c:11:6a:f5:30:27:b6:af:7d:08:08:42:97:54:e0:
02:1d:71:a2:7f:04:19:a5:fb:d4:6a:26:84:a2:f8:83:72:d5:
ef:9e:93:0f:8f:3f:82:89:63:4a:a4:4b:a6:d7:99:6a:b9:71:
36:e2:60:69:83:8b:ed:6b:fc:2f:80:90:d6:d2:25:ab:51:1a:
9c:52:f6:75:25:6a:96:8c:73:45:4c:83:df:e9:f5:7c:29:44:
e5:1e:c7:0d:6f:a0:ce:ce:b2:02:2b:9b:9a:11:92:81:63:50:
6a:03:08:5c:2a:2d:12:62:98:88:58:c0:2e:52:37:eb:74:69:
c2:8f:64:89:80:7c:8b:20:9e:22:2d:36:22:b5:dd:32:20:1a:
d4:8b:77:95:81:86:b8:a4:24:97:96:87:bb:f6:85:e7:ce:ef:
b7:dd:16:52:f9:ae:c0:f8:f5:10:74:2c:b2:bc:6f:82:bc:80:
1e:89:0c:27:e5:9b:a5:55:b9:25:34:8b:07:27:87:b0:c5:a1:
c3:b6:4b:90:af:0e:fd:a0:17:bc:dc:1c:fa:01:20:92:07:c1:
5f:91:49:6a:b6:a0:8e:db:cf:01:31:d7:62:73:9b:ec:68:5e:
43:90:fa:e0:11:cb:8f:a5:07:d8:bd:e2:59:ea:c2:e3:0b:a6:
86:a5:31:86
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxOcsc7EYjL3jwGXZgT7WgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAyN2I2ZTdmZTAzOTVhZWNmZjdkYjY0YjdiNDk2ZWQ4YzIxMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV0W+kzsYcoqKUr9hupfSfsFX5cn
HMNF1JzL/wZO1taJRyq4qTqy9sTzN4bOhSMrIjIFEruI3PZ93nPPKt4I8r1rxcmC
Nj+WpAEbLjdca7DiIRbu/W4iAoMhzHU7L+GfIL7H6FfXHqMvy4ELHbrTw/zK7nf0
N4siZGGr5f2pgqVm2dxdaRSKYZQOiKFDO8UNctjnkRdM905YjypuJ7Y4y/C5DM2p
siM65VmJUMiDiZJ5fqtRftqZtIs6TSamuCkSFv6vEBm+b916lWuxwWAwcqvGLevo
zyPecW0eBNxte83xmpYmuWSj8yvP4ZHaOonH5gro+7GJpuMpQNHPO0Gy4wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCkCe25/4Dla7P99tkt7SW7YwhFYMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvS1FKN2JuX2dPVnJzXzMyMlMzdEpidGpDRVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEwuEwAwQC
wuG4AwQFwuHAMA8EAgACMAkDBwAgARToAAIwDQYJKoZIhvcNAQELBQADggEBAHhb
5pwRavUwJ7avfQgIQpdU4AIdcaJ/BBml+9RqJoSi+INy1e+ekw+PP4KJY0qkS6bX
mWq5cTbiYGmDi+1r/C+AkNbSJatRGpxS9nUlapaMc0VMg9/p9XwpROUexw1voM7O
sgIrm5oRkoFjUGoDCFwqLRJimIhYwC5SN+t0acKPZImAfIsgniItNiK13TIgGtSL
d5WBhrikJJeWh7v2hefO77fdFlL5rsD49RB0LLK8b4K8gB6JDCflm6VVuSU0iwcn
h7DFocO2S5CvDv2gF7zcHPoBIJIHwV+RSWq2oI7bzwEx12Jzm+xoXkOQ+uARy4+l
B9i94lnqwuMLpoalMYY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org