Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/KPz7y1zE39QeHDKu27vlvstQHEc.roa
File: KPz7y1zE39QeHDKu27vlvstQHEc.roa (raw, json)
Hash identifier: 5AMdEDMBN3QdWpQ3loN12WGhCTKkZTheK5qendKrz3k=
Subject key identifier: 28:FC:FB:CB:5C:C4:DF:D4:1E:1C:32:AE:DB:BB:E5:BE:CB:50:1C:47
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 01914796EEBE87FD3F011E79CE67192BD616
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/KPz7y1zE39QeHDKu27vlvstQHEc.roa
Signing time: Mon 12 Aug 2024 17:15:59 +0000
ROA not before: Mon 12 Aug 2024 17:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 188.211.166.0/24 maxlen: 24
193.56.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 15:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:47:96:ee:be:87:fd:3f:01:1e:79:ce:67:19:2b:d6:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Aug 12 17:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28fcfbcb5cc4dfd41e1c32aedbbbe5becb501c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:6f:fe:68:7f:92:1b:f5:17:98:3e:14:57:
d5:e3:8c:97:c9:4e:77:1e:52:77:28:7c:3a:9e:4f:
e3:8d:f7:c1:3c:4c:66:d9:3c:2f:c4:bb:a3:20:2a:
c4:d9:76:33:95:5f:85:49:b5:12:d5:cc:15:53:52:
6d:bd:d4:ec:a4:48:8d:b5:d1:f5:7a:58:51:f5:48:
98:2b:0c:be:b8:e2:57:5b:ae:f2:93:37:7f:81:e0:
7a:03:29:58:d2:fe:8d:85:32:69:f0:04:84:a8:1e:
4f:ab:35:94:b2:58:01:64:d1:b9:17:c6:fb:1a:02:
31:9b:5f:b8:0b:71:98:d1:24:e1:a5:50:0d:17:a0:
3e:f9:a1:ab:bd:c8:90:68:ac:43:a2:a1:3d:6f:f7:
9c:70:e1:e6:8d:51:33:23:ba:4c:6b:39:d0:f6:36:
fa:c8:aa:ad:bc:4e:af:50:77:55:4e:a6:88:15:e2:
10:b2:a8:a8:29:c4:f5:50:15:21:8f:73:f4:00:66:
6f:8b:15:6c:39:4a:0b:f5:10:9b:5d:39:32:22:84:
83:1d:71:ce:31:c0:c4:dd:cc:9c:45:97:6c:81:29:
aa:3d:ed:59:01:d1:e6:4c:2a:0b:8c:12:d0:2c:35:
b8:47:a2:7d:c9:34:10:bd:32:2d:de:95:ff:02:ac:
1d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FC:FB:CB:5C:C4:DF:D4:1E:1C:32:AE:DB:BB:E5:BE:CB:50:1C:47
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/KPz7y1zE39QeHDKu27vlvstQHEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.211.166.0/24
193.56.144.0/24
Signature Algorithm: sha256WithRSAEncryption
44:4a:9d:a4:48:b5:12:50:2c:97:20:44:4b:e9:96:2d:72:78:
53:77:33:e5:a3:a1:ca:b4:25:91:06:bb:c4:f3:0c:7e:11:db:
41:64:4d:a7:2a:3d:fa:02:37:a6:be:79:1f:3f:cb:0c:de:c2:
70:5c:59:f9:74:1b:f6:3c:47:23:fc:a3:cc:38:a2:d4:d5:c6:
18:5d:83:73:0f:ab:32:74:35:c4:46:a9:71:9b:b0:24:aa:53:
5d:bb:48:fa:9c:2c:4b:be:4b:16:62:f7:31:dd:bc:be:65:5a:
26:a6:08:f3:09:99:85:78:b5:73:65:f9:3f:34:e2:cf:81:ec:
11:b3:89:97:a8:a3:b6:4e:77:83:c7:d5:84:46:59:e1:78:1c:
4e:0d:5a:f3:41:10:0d:6b:26:5b:d3:26:fc:9d:cc:29:af:46:
06:2a:2d:73:41:f1:13:fe:d9:d8:0d:7b:7c:ae:0e:e5:a8:b4:
ab:0e:79:47:d5:2a:4d:46:2e:9b:9d:21:9e:65:38:08:8f:1a:
20:8b:9d:8c:30:b3:4b:f5:de:45:a3:30:6c:80:d0:e0:3f:8a:
2b:9d:a6:3b:2a:35:49:ff:54:8f:51:17:1d:7e:34:33:5d:df:
2e:68:da:8f:57:98:f4:dc:f8:a9:e9:03:09:9d:55:d5:f1:e9:
72:d3:51:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFHlu6+h/0/AR55zmcZK9YWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwODEyMTcxNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZjZmJjYjVjYzRkZmQ0MWUxYzMyYWVkYmJiZTViZWNiNTAxYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvlv/mh/khv1F5g+FFfV44yXyU53
HlJ3KHw6nk/jjffBPExm2TwvxLujICrE2XYzlV+FSbUS1cwVU1JtvdTspEiNtdH1
elhR9UiYKwy+uOJXW67ykzd/geB6AylY0v6NhTJp8ASEqB5PqzWUslgBZNG5F8b7
GgIxm1+4C3GY0SThpVANF6A++aGrvciQaKxDoqE9b/eccOHmjVEzI7pMaznQ9jb6
yKqtvE6vUHdVTqaIFeIQsqioKcT1UBUhj3P0AGZvixVsOUoL9RCbXTkyIoSDHXHO
McDE3cycRZdsgSmqPe1ZAdHmTCoLjBLQLDW4R6J9yTQQvTIt3pX/AqwdxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCj8+8tcxN/UHhwyrtu75b7LUBxHMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvS1B6N3kxekUzOVFlSERLdTI3dmx2c3RRSEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNOmAwQA
wTiQMA0GCSqGSIb3DQEBCwUAA4IBAQBESp2kSLUSUCyXIERL6ZYtcnhTdzPlo6HK
tCWRBrvE8wx+EdtBZE2nKj36AjemvnkfP8sM3sJwXFn5dBv2PEcj/KPMOKLU1cYY
XYNzD6sydDXERqlxm7AkqlNdu0j6nCxLvksWYvcx3by+ZVompgjzCZmFeLVzZfk/
NOLPgewRs4mXqKO2TneDx9WERlnheBxODVrzQRANayZb0yb8ncwpr0YGKi1zQfET
/tnYDXt8rg7lqLSrDnlH1SpNRi6bnSGeZTgIjxogi52MMLNL9d5FozBsgNDgP4or
naY7KjVJ/1SPURcdfjQzXd8uaNqPV5j03Pip6QMJnVXV8ely01Gy
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:28:48 2025 by rpki-client