Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/KMXYgOF8J6DAKvkZ0V_956MWLJU.roa
File: KMXYgOF8J6DAKvkZ0V_956MWLJU.roa (raw, json)
Hash identifier: 8jCwFlCwc/lkg7CKNJzkc045IejEsvUkRH5LVZi3o7M=
Subject key identifier: 28:C5:D8:80:E1:7C:27:A0:C0:2A:F9:19:D1:5F:FD:E7:A3:16:2C:95
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 018B9179BBA1D6EA140BD4575507D5CF64F8
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/KMXYgOF8J6DAKvkZ0V_956MWLJU.roa
Signing time: Thu 02 Nov 2023 19:19:16 +0000
ROA not before: Thu 02 Nov 2023 19:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.14.238.0/24 maxlen: 24
185.14.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:79:bb:a1:d6:ea:14:0b:d4:57:55:07:d5:cf:64:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Nov 2 19:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c5d880e17c27a0c02af919d15ffde7a3162c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:88:83:c8:fb:28:2a:73:55:bd:ef:af:59:43:
60:d9:64:d9:d8:1b:dd:d8:e1:78:ab:35:65:2e:88:
5a:42:ca:5d:5a:7a:01:22:a6:c4:40:24:1f:04:ea:
86:14:69:15:fa:2e:b7:6b:b0:08:98:fa:eb:c8:14:
76:13:35:80:77:dc:a7:20:61:4c:74:e3:8a:0a:ce:
81:f2:88:81:d6:26:65:cc:3d:65:5a:e6:c1:14:2e:
e4:f8:f7:53:26:8f:d0:55:01:82:92:02:5a:67:13:
25:41:06:19:69:ee:49:d3:71:11:78:4e:f1:22:cb:
16:78:96:9b:f4:c2:e7:b6:06:34:28:6c:00:5b:2f:
c1:33:7f:df:ff:00:b4:1c:99:80:7f:2a:7c:3f:ee:
36:e9:f8:de:d3:08:ac:b9:cc:90:b1:7c:90:cc:b0:
63:a7:ac:9e:62:ff:da:08:ed:ed:f0:13:0e:24:07:
99:70:3f:36:db:88:82:76:3a:eb:52:c1:e4:cd:09:
04:f6:db:ad:3c:d4:b4:79:1c:ea:75:af:e9:2b:88:
f9:e3:44:b3:f2:36:5e:93:9c:3c:4c:9c:d1:c8:a4:
01:64:2c:f8:06:22:a7:86:61:42:58:d7:12:bf:eb:
20:33:c5:fe:81:43:be:b2:98:20:3d:4b:43:93:ed:
f6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C5:D8:80:E1:7C:27:A0:C0:2A:F9:19:D1:5F:FD:E7:A3:16:2C:95
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/KMXYgOF8J6DAKvkZ0V_956MWLJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.236.0/24
185.14.238.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ef:08:b6:c6:87:ae:a1:da:c1:f6:7f:47:45:db:39:38:62:
5d:ba:34:5e:c7:ce:b7:dd:7c:d8:ba:03:76:ea:0a:29:a5:f0:
f9:aa:2a:4e:02:41:21:45:d9:84:b4:1d:49:f9:a5:77:cb:c4:
6b:2f:67:8d:ce:59:13:e5:c4:11:ba:cf:45:66:c2:a7:59:de:
fc:bd:2d:52:ee:ee:06:6d:7f:b8:c8:b5:79:88:23:34:1f:4d:
08:3c:a5:d1:41:80:aa:e8:eb:ea:94:bd:c4:f0:8b:ea:c4:d3:
9c:a5:46:6f:ac:83:21:0b:57:42:47:66:bf:9e:08:44:20:38:
ec:2b:0d:38:0d:5b:1b:dc:ca:dc:35:bc:35:39:da:f3:1e:cc:
48:c6:bc:45:2c:05:80:3b:9f:13:21:87:43:00:ed:a4:ba:29:
b7:d3:48:6c:d2:8f:57:3d:f7:87:25:46:1b:dc:3c:d0:2b:81:
03:4e:34:e4:3c:84:78:da:29:e1:a5:94:18:35:28:49:77:8c:
c6:36:31:35:65:25:6d:82:55:7d:a0:c4:73:55:e3:fc:7d:4e:
b4:1d:72:67:f5:14:24:a6:72:f2:22:05:27:4b:16:e5:33:3d:
36:87:00:fd:b6:ed:19:b1:4a:2e:70:af:b8:b8:91:18:7a:2c:
52:bc:eb:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuRebuh1uoUC9RXVQfVz2T4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjMxMTAyMTkxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM1ZDg4MGUxN2MyN2EwYzAyYWY5MTlkMTVmZmRlN2EzMTYyYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14iDyPsoKnNVve+vWUNg2WTZ2Bvd
2OF4qzVlLohaQspdWnoBIqbEQCQfBOqGFGkV+i63a7AImPrryBR2EzWAd9ynIGFM
dOOKCs6B8oiB1iZlzD1lWubBFC7k+PdTJo/QVQGCkgJaZxMlQQYZae5J03EReE7x
IssWeJab9MLntgY0KGwAWy/BM3/f/wC0HJmAfyp8P+426fje0wisucyQsXyQzLBj
p6yeYv/aCO3t8BMOJAeZcD8224iCdjrrUsHkzQkE9tutPNS0eRzqda/pK4j540Sz
8jZek5w8TJzRyKQBZCz4BiKnhmFCWNcSv+sgM8X+gUO+spggPUtDk+32KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCjF2IDhfCegwCr5GdFf/eejFiyVMB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvS01YWWdPRjhKNkRBS3ZrWjBWXzk1Nk1XTEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQ7sAwQA
uQ7uMA0GCSqGSIb3DQEBCwUAA4IBAQAb7wi2xoeuodrB9n9HRds5OGJdujRex863
3XzYugN26goppfD5qipOAkEhRdmEtB1J+aV3y8RrL2eNzlkT5cQRus9FZsKnWd78
vS1S7u4GbX+4yLV5iCM0H00IPKXRQYCq6OvqlL3E8IvqxNOcpUZvrIMhC1dCR2a/
nghEIDjsKw04DVsb3MrcNbw1OdrzHsxIxrxFLAWAO58TIYdDAO2kuim300hs0o9X
PfeHJUYb3DzQK4EDTjTkPIR42inhpZQYNShJd4zGNjE1ZSVtglV9oMRzVeP8fU60
HXJn9RQkpnLyIgUnSxblMz02hwD9tu0ZsUoucK+4uJEYeixSvOu3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:03 2024 by rpki-client on console-fra.rpki-client.org