Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/KHgs86BjS0xP_Yarb4XktZWFbn8.roa
File: KHgs86BjS0xP_Yarb4XktZWFbn8.roa (raw, json)
Hash identifier: HtzA5fB0hl8Ymstr6YsUd/Gv5nLH5ctTBUxvlg3EEKM=
Subject key identifier: 28:78:2C:F3:A0:63:4B:4C:4F:FD:86:AB:6F:85:E4:B5:95:85:6E:7F
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0185CD560AC0E0F7FDC295B3213432D32D36
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/KHgs86BjS0xP_Yarb4XktZWFbn8.roa
Signing time: Fri 20 Jan 2023 04:00:46 +0000
ROA not before: Fri 20 Jan 2023 04:00:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 168.199.128.0/17 maxlen: 24
185.170.68.0/22 maxlen: 24
185.171.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jul 2023 06:21:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cd:56:0a:c0:e0:f7:fd:c2:95:b3:21:34:32:d3:2d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 20 04:00:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28782cf3a0634b4c4ffd86ab6f85e4b595856e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:af:83:bc:91:f6:32:fc:41:0e:96:94:d5:cb:
9f:9a:bf:f0:8c:96:49:ae:14:d9:67:91:3f:65:68:
05:ac:1a:4c:6f:b6:52:94:97:fc:c5:71:33:0f:f8:
89:64:de:1b:81:a8:61:9b:54:69:09:3f:22:c5:4d:
38:4b:f8:22:e7:71:ff:e2:04:e4:e9:f8:43:aa:70:
82:c0:62:2b:46:af:95:a8:74:e9:dd:35:d9:13:e7:
71:a5:a4:cb:0a:1d:79:4b:39:ad:6f:48:f3:b6:37:
42:67:09:25:d1:c6:d2:e2:a2:b0:66:a8:8b:c8:27:
6e:79:26:45:54:5b:67:3b:0d:a8:1a:76:6f:32:1f:
ca:38:9c:b5:f7:10:08:cc:29:0d:9b:2c:09:d7:4b:
d2:70:a0:e3:27:b3:b9:de:8e:c5:fd:18:04:e3:59:
f6:f9:81:a3:45:d0:fe:ee:b0:49:b6:a6:fd:97:3c:
7c:66:72:50:f7:a4:92:f7:d0:46:15:0a:5e:6c:44:
65:4a:43:c0:67:7c:ac:09:37:33:43:3e:7e:95:3f:
66:23:c2:7d:cf:ca:62:01:12:bb:77:23:22:7c:b6:
9f:83:59:62:c3:df:28:dc:84:7d:bd:61:78:24:57:
a6:2f:34:44:14:da:60:6c:2c:27:0a:c7:1c:31:37:
41:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:78:2C:F3:A0:63:4B:4C:4F:FD:86:AB:6F:85:E4:B5:95:85:6E:7F
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/KHgs86BjS0xP_Yarb4XktZWFbn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.128.0/17
185.170.68.0/22
185.171.252.0/22
Signature Algorithm: sha256WithRSAEncryption
69:62:26:56:bb:85:dc:1b:2f:3c:e9:0b:f9:46:6e:bc:7c:b7:
0f:58:47:bb:f5:59:50:ca:c4:f3:94:5b:d9:61:19:85:ed:80:
1f:e3:47:8b:6d:6d:06:d9:98:7c:63:e5:ea:27:1c:24:a8:ba:
89:e5:1e:c8:c1:c9:dd:06:19:ad:51:9c:dd:11:3f:7a:23:d6:
b5:3e:34:09:e0:bc:56:b8:e6:1b:20:25:11:58:58:78:73:39:
bb:c7:42:e9:03:3e:96:ba:22:45:31:56:4d:3f:23:bb:e5:f9:
57:ff:10:87:9c:54:6f:2b:ab:56:b7:73:00:48:5c:da:8e:0b:
2e:08:72:45:73:ba:f1:52:be:39:10:31:cb:02:f5:ce:c9:fb:
f1:06:17:c1:69:64:3c:21:0f:d2:9c:6c:5e:f3:38:24:82:bb:
08:d4:0d:7d:8c:84:61:4e:38:bf:d7:c0:bd:bd:3c:aa:2f:54:
ed:20:9c:b8:03:d2:3c:55:54:84:b1:ef:3c:40:81:d4:13:fa:
1b:f6:6f:b8:f1:dd:d6:9e:2a:5a:9b:3c:bf:9d:5f:35:85:22:
1f:76:d6:49:af:25:cd:ff:ee:d4:bd:a4:1c:ef:f2:67:bd:e5:
a6:74:82:01:80:ef:17:af:f2:ab:92:b6:73:82:25:20:12:9c:
e9:a8:59:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXNVgrA4Pf9wpWzITQy0y02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMwMTIwMDQwMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc4MmNmM2EwNjM0YjRjNGZmZDg2YWI2Zjg1ZTRiNTk1ODU2ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK+DvJH2MvxBDpaU1cufmr/wjJZJ
rhTZZ5E/ZWgFrBpMb7ZSlJf8xXEzD/iJZN4bgahhm1RpCT8ixU04S/gi53H/4gTk
6fhDqnCCwGIrRq+VqHTp3TXZE+dxpaTLCh15Szmtb0jztjdCZwkl0cbS4qKwZqiL
yCdueSZFVFtnOw2oGnZvMh/KOJy19xAIzCkNmywJ10vScKDjJ7O53o7F/RgE41n2
+YGjRdD+7rBJtqb9lzx8ZnJQ96SS99BGFQpebERlSkPAZ3ysCTczQz5+lT9mI8J9
z8piARK7dyMifLafg1liw98o3IR9vWF4JFemLzREFNpgbCwnCsccMTdBYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCh4LPOgY0tMT/2Gq2+F5LWVhW5/MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvS0hnczg2QmpTMHhQX1lhcmI0WGt0WldGYm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQHqMeAAwQC
uapEAwQCuav8MA0GCSqGSIb3DQEBCwUAA4IBAQBpYiZWu4XcGy886Qv5Rm68fLcP
WEe79VlQysTzlFvZYRmF7YAf40eLbW0G2Zh8Y+XqJxwkqLqJ5R7IwcndBhmtUZzd
ET96I9a1PjQJ4LxWuOYbICURWFh4czm7x0LpAz6WuiJFMVZNPyO75flX/xCHnFRv
K6tWt3MASFzajgsuCHJFc7rxUr45EDHLAvXOyfvxBhfBaWQ8IQ/SnGxe8zgkgrsI
1A19jIRhTji/18C9vTyqL1TtIJy4A9I8VVSEse88QIHUE/ob9m+48d3Wnipamzy/
nV81hSIfdtZJryXN/+7UvaQc7/JnveWmdIIBgO8Xr/KrkrZzgiUgEpzpqFnV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org