Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/KksvByq8k3-a5lHoNaj5BnUuZLs.roa
File: KksvByq8k3-a5lHoNaj5BnUuZLs.roa (raw, json)
Hash identifier: GT/zL1oQGWCh9f6uHFiBcybeRyORjlP7fkLJg26f7TU=
Subject key identifier: 2A:4B:2F:07:2A:BC:93:7F:9A:E6:51:E8:35:A8:F9:06:75:2E:64:BB
Certificate issuer: /CN=6b5157e419fb5a18ba2beaf2de545f2bb3decfd1
Certificate serial: 01856F42927D33502984D067076BD30DFB29
Authority key identifier: 6B:51:57:E4:19:FB:5A:18:BA:2B:EA:F2:DE:54:5F:2B:B3:DE:CF:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1FX5Bn7Whi6K-ry3lRfK7Pez9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/KksvByq8k3-a5lHoNaj5BnUuZLs.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60698
IP address blocks: 193.17.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:92:7d:33:50:29:84:d0:67:07:6b:d3:0d:fb:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5157e419fb5a18ba2beaf2de545f2bb3decfd1
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a4b2f072abc937f9ae651e835a8f906752e64bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4c:e5:e4:64:88:b6:cf:a8:05:b4:fd:4b:41:
63:52:57:77:12:89:28:08:5e:4e:9a:89:7e:9a:07:
f6:4e:41:71:64:c5:33:8e:3a:6e:80:fa:bc:38:56:
2c:68:c6:86:b9:67:5f:90:36:99:21:77:04:14:f5:
5a:76:33:4f:27:46:d5:0b:79:30:d4:af:5f:34:44:
55:93:5b:91:02:2a:0b:00:60:b6:80:b9:a5:43:b5:
08:39:b7:3f:bd:0f:49:a3:e2:ac:e9:dc:14:e3:c3:
5e:3c:21:8c:b2:1f:d4:80:37:22:8e:4c:37:a0:d6:
7e:9b:52:35:45:ea:db:cd:81:1b:2a:13:8c:de:db:
88:e2:7b:e4:bb:65:dd:ec:d1:33:f9:96:da:ca:41:
32:57:3c:68:13:ee:b2:0e:ed:0c:d3:52:e6:de:c4:
bd:fb:c4:bc:83:43:4a:3c:62:77:4c:96:fc:c6:d8:
43:1c:54:56:59:78:59:b0:7d:ba:10:7c:33:8d:54:
3d:13:8c:01:0f:f7:c9:5a:84:8b:af:b2:9d:f3:12:
00:2a:67:04:b8:6a:1a:12:a8:f1:2a:58:e9:81:b7:
4e:d2:04:74:bd:bc:e4:4b:f3:9a:9a:16:25:95:eb:
4a:94:b4:a5:3d:e3:f3:83:fb:52:7a:02:f2:11:5e:
66:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4B:2F:07:2A:BC:93:7F:9A:E6:51:E8:35:A8:F9:06:75:2E:64:BB
X509v3 Authority Key Identifier:
keyid:6B:51:57:E4:19:FB:5A:18:BA:2B:EA:F2:DE:54:5F:2B:B3:DE:CF:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1FX5Bn7Whi6K-ry3lRfK7Pez9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/KksvByq8k3-a5lHoNaj5BnUuZLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/a1FX5Bn7Whi6K-ry3lRfK7Pez9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.94.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:27:16:4d:0b:54:61:8d:15:2e:1a:6b:1f:5a:c7:7d:bf:3d:
e2:25:39:dc:f4:e9:1a:7d:5c:24:c6:e2:3b:56:f2:d2:6a:8b:
8f:e7:fc:c2:e0:2a:d6:a3:98:6f:c5:0a:25:32:b3:2c:cf:d5:
fa:9b:f2:f9:63:25:94:3a:b9:e5:35:b8:50:95:3d:b3:34:b6:
cc:31:e2:1f:60:b6:3a:d4:f4:46:a7:e9:31:69:bd:a2:d6:99:
8e:07:c7:b7:9f:b9:60:93:64:a5:2e:30:97:b4:c1:70:92:e3:
a2:cc:8a:a5:eb:0c:36:2f:68:c4:31:bf:40:d2:e0:c9:76:17:
36:50:4a:73:e4:fd:0a:d3:e6:60:e6:55:85:5c:58:52:22:0e:
1a:04:28:c6:7a:b2:9c:94:17:94:f0:11:c4:0e:4d:ce:c7:24:
69:8b:e2:42:39:2a:45:65:d9:e9:3b:ee:d6:4a:5f:0a:cd:98:
d2:ad:27:ea:51:3d:ae:b4:f5:7f:59:e1:50:54:01:26:ab:7f:
13:a2:5d:c1:49:d7:88:f7:87:5f:2a:95:40:54:0e:47:b9:b9:
12:e5:06:c6:12:51:72:45:88:26:52:ff:fe:ef:15:69:15:7f:
aa:45:ec:18:c6:fe:5a:08:ac:78:1b:67:eb:a4:82:30:c2:76:
d9:92:f2:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQpJ9M1AphNBnB2vTDfspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNTE1N2U0MTlmYjVhMThiYTJiZWFmMmRlNTQ1ZjJiYjNk
ZWNmZDEwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRiMmYwNzJhYmM5MzdmOWFlNjUxZTgzNWE4ZjkwNjc1MmU2NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUzl5GSIts+oBbT9S0FjUld3Eoko
CF5Omol+mgf2TkFxZMUzjjpugPq8OFYsaMaGuWdfkDaZIXcEFPVadjNPJ0bVC3kw
1K9fNERVk1uRAioLAGC2gLmlQ7UIObc/vQ9Jo+Ks6dwU48NePCGMsh/UgDcijkw3
oNZ+m1I1RerbzYEbKhOM3tuI4nvku2Xd7NEz+ZbaykEyVzxoE+6yDu0M01Lm3sS9
+8S8g0NKPGJ3TJb8xthDHFRWWXhZsH26EHwzjVQ9E4wBD/fJWoSLr7Kd8xIAKmcE
uGoaEqjxKljpgbdO0gR0vbzkS/OamhYlletKlLSlPePzg/tSegLyEV5mQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpLLwcqvJN/muZR6DWo+QZ1LmS7MB8GA1UdIwQY
MBaAFGtRV+QZ+1oYuivq8t5UXyuz3s/RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFGWDVCbjdXaGk2Sy1yeTNsUmZLN1BlejlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iNmNhMWItNjdkYy00MDRmLThkNjEt
MzI4OTFhNTgzMzdmLzEvS2tzdkJ5cThrMy1hNWxIb05hajVCblV1WkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iNmNhMWItNjdkYy00MDRmLThkNjEtMzI4OTFhNTgzMzdm
LzEvYTFGWDVCbjdXaGk2Sy1yeTNsUmZLN1BlejlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRFeMA0G
CSqGSIb3DQEBCwUAA4IBAQA8JxZNC1RhjRUuGmsfWsd9vz3iJTnc9OkafVwkxuI7
VvLSaouP5/zC4CrWo5hvxQolMrMsz9X6m/L5YyWUOrnlNbhQlT2zNLbMMeIfYLY6
1PRGp+kxab2i1pmOB8e3n7lgk2SlLjCXtMFwkuOizIql6ww2L2jEMb9A0uDJdhc2
UEpz5P0K0+Zg5lWFXFhSIg4aBCjGerKclBeU8BHEDk3OxyRpi+JCOSpFZdnpO+7W
Sl8KzZjSrSfqUT2utPV/WeFQVAEmq38Tol3BSdeI94dfKpVAVA5HubkS5QbGElFy
RYgmUv/+7xVpFX+qRewYxv5aCKx4G2frpIIwwnbZkvK0
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:24 2024 by rpki-client on console-fra.rpki-client.org