Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/KKkWjQlraCxPpToFtz2AExY9mg0.roa
File: KKkWjQlraCxPpToFtz2AExY9mg0.roa (raw, json)
Hash identifier: f1oE8ywkEDvJH4TbrYd3QLbp0GHzL7MISaPAeEj50W8=
Subject key identifier: 28:A9:16:8D:09:6B:68:2C:4F:A5:3A:05:B7:3D:80:13:16:3D:9A:0D
Certificate issuer: /CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Certificate serial: 01856D01831AFBF7AAA898FD8DD61049F5FC
Authority key identifier: 43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/KKkWjQlraCxPpToFtz2AExY9mg0.roa
Signing time: Sun 01 Jan 2023 11:04:53 +0000
ROA not before: Sun 01 Jan 2023 11:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39498
IP address blocks: 185.122.245.0/24 maxlen: 24
185.122.246.0/23 maxlen: 23
185.122.244.0/24 maxlen: 24
185.122.244.0/23 maxlen: 23
185.122.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:83:1a:fb:f7:aa:a8:98:fd:8d:d6:10:49:f5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Validity
Not Before: Jan 1 11:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28a9168d096b682c4fa53a05b73d8013163d9a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ff:82:c8:cc:11:31:d0:02:0c:4a:7e:ca:7f:
d3:3a:0f:24:e8:a5:4f:cd:7e:31:de:74:23:db:f0:
38:df:65:a6:e2:70:c6:3f:8e:f3:71:07:92:8c:85:
bc:79:ed:17:44:e1:79:38:52:95:4d:15:51:6c:7a:
df:76:a5:5c:61:46:30:6c:49:ef:6a:c2:30:0d:28:
27:78:19:5f:8b:29:cb:5f:d7:a6:4c:49:14:e6:14:
2f:2f:42:a3:9e:b6:6e:93:56:1f:7a:61:fe:f3:06:
11:7b:04:1c:c3:42:f4:58:de:52:cc:b8:4c:fb:4c:
4e:b7:78:5a:ad:65:43:bf:d3:8d:dc:c4:0a:01:23:
cd:bf:23:16:42:37:d8:2f:69:4c:f1:f9:a5:32:92:
7a:80:7d:38:66:4a:2f:9c:bb:ac:44:4f:82:2d:59:
ae:b4:48:5f:8b:bf:3f:4e:8e:6b:f9:36:78:08:ff:
6a:75:c7:80:7e:6b:a7:a4:02:ae:4f:89:2d:15:da:
a3:d1:53:b9:28:1f:2d:7a:5a:49:7b:a6:c2:87:cc:
cd:0f:b3:6a:3a:08:05:cc:fe:4b:f2:16:f7:d1:a9:
44:71:02:36:7a:1e:2d:d6:c8:87:0e:21:5f:2a:c2:
1c:c8:3d:a1:d3:02:c4:a5:ce:ad:85:45:c1:a5:48:
0e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A9:16:8D:09:6B:68:2C:4F:A5:3A:05:B7:3D:80:13:16:3D:9A:0D
X509v3 Authority Key Identifier:
keyid:43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/KKkWjQlraCxPpToFtz2AExY9mg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.244.0/22
Signature Algorithm: sha256WithRSAEncryption
30:79:4a:8a:ca:c4:8c:f8:cf:35:ca:67:1c:3e:db:66:d0:da:
14:de:a9:d1:4a:c0:fa:85:24:59:04:e5:01:43:65:73:b0:90:
ba:d5:7c:0f:69:07:a1:b9:28:61:83:1c:0e:2b:5a:c9:8d:5e:
87:3f:04:33:30:90:0f:77:10:27:ea:06:62:89:88:cd:7a:84:
e7:ed:b0:25:24:94:2c:0b:0f:00:5e:0f:a3:79:f2:a7:03:99:
20:ab:94:dc:39:b3:46:9a:cd:19:b1:76:58:88:3c:50:6e:1f:
79:3a:50:7b:dc:83:c1:28:5d:73:06:b8:45:b6:cc:49:ea:6b:
30:8b:b1:cb:da:48:02:0d:3e:56:fd:0d:60:fe:f4:41:68:e5:
1e:42:81:5a:9b:ee:34:07:1d:49:8d:65:c2:5c:0f:ef:80:15:
43:c1:cb:4d:6d:0e:86:67:db:c9:82:21:b9:f5:5a:69:4f:32:
b4:2a:eb:da:fc:5b:f4:4d:44:be:99:a3:2b:4c:ac:ff:0e:7f:
e1:3a:b8:d6:53:48:51:ed:42:91:c4:f4:0d:82:4d:05:61:7a:
90:77:d5:9d:36:77:22:04:92:7e:ba:21:5e:e5:db:a5:57:a4:
81:81:f7:b8:28:09:34:ef:bb:c1:7f:06:d4:68:e9:1e:74:f5:
d6:b4:9b:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAYMa+/eqqJj9jdYQSfX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmVmZTE2ZWM2YzAwZmQ0NWI1ZDkxOGQ5YjE3MmFjZDBh
NThkOTYwHhcNMjMwMTAxMTEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE5MTY4ZDA5NmI2ODJjNGZhNTNhMDViNzNkODAxMzE2M2Q5YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv+CyMwRMdACDEp+yn/TOg8k6KVP
zX4x3nQj2/A432Wm4nDGP47zcQeSjIW8ee0XROF5OFKVTRVRbHrfdqVcYUYwbEnv
asIwDSgneBlfiynLX9emTEkU5hQvL0KjnrZuk1YfemH+8wYRewQcw0L0WN5SzLhM
+0xOt3harWVDv9ON3MQKASPNvyMWQjfYL2lM8fmlMpJ6gH04ZkovnLusRE+CLVmu
tEhfi78/To5r+TZ4CP9qdceAfmunpAKuT4ktFdqj0VO5KB8telpJe6bCh8zND7Nq
OggFzP5L8hb30alEcQI2eh4t1siHDiFfKsIcyD2h0wLEpc6thUXBpUgOnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCipFo0Ja2gsT6U6Bbc9gBMWPZoNMB8GA1UdIwQY
MBaAFEMu/hbsbAD9RbXZGNmxcqzQpY2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWIt
ZjM4OWE1MjY5ZmIyLzEvS0trV2pRbHJhQ3hQcFRvRnR6MkFFeFk5bWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWItZjM4OWE1MjY5ZmIy
LzEvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXr0MA0G
CSqGSIb3DQEBCwUAA4IBAQAweUqKysSM+M81ymccPttm0NoU3qnRSsD6hSRZBOUB
Q2VzsJC61XwPaQehuShhgxwOK1rJjV6HPwQzMJAPdxAn6gZiiYjNeoTn7bAlJJQs
Cw8AXg+jefKnA5kgq5TcObNGms0ZsXZYiDxQbh95OlB73IPBKF1zBrhFtsxJ6msw
i7HL2kgCDT5W/Q1g/vRBaOUeQoFam+40Bx1JjWXCXA/vgBVDwctNbQ6GZ9vJgiG5
9VppTzK0Kuva/Fv0TUS+maMrTKz/Dn/hOrjWU0hR7UKRxPQNgk0FYXqQd9WdNnci
BJJ+uiFe5dulV6SBgfe4KAk077vBfwbUaOkedPXWtJu0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:35 2024 by rpki-client on console-fra.rpki-client.org