Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/Kcg4IYCnqkvgVBs1htWiWWLAKQQ.roa
File: Kcg4IYCnqkvgVBs1htWiWWLAKQQ.roa (raw, json)
Hash identifier: BEikA+NL1fXxBiaegmZUWPiXgznFtT2KZ5D1uJ2Z04U=
Subject key identifier: 29:C8:38:21:80:A7:AA:4B:E0:54:1B:35:86:D5:A2:59:62:C0:29:04
Certificate issuer: /CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Certificate serial: 01856C53AA01F90D6E457398B12AD659D35C
Authority key identifier: 28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/Kcg4IYCnqkvgVBs1htWiWWLAKQQ.roa
Signing time: Sun 01 Jan 2023 07:55:00 +0000
ROA not before: Sun 01 Jan 2023 07:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203923
IP address blocks: 185.119.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:aa:01:f9:0d:6e:45:73:98:b1:2a:d6:59:d3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Validity
Not Before: Jan 1 07:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29c8382180a7aa4be0541b3586d5a25962c02904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:08:53:f8:8e:6e:f0:58:af:d4:aa:f6:23:3a:
92:39:db:ba:b3:d1:37:70:dd:cf:a2:56:7e:98:fb:
d5:8a:32:f1:04:f9:f1:88:4a:80:de:75:93:2e:cc:
dd:04:72:25:c0:9e:74:5c:d1:47:a2:f5:71:fe:71:
d4:74:a6:44:06:38:39:f1:04:26:26:45:0c:00:a4:
18:96:be:eb:eb:9e:2c:bf:91:40:dd:05:66:67:38:
1d:b5:58:c6:d4:d9:e0:22:23:f3:c7:f1:ad:cf:10:
ca:3b:26:d4:1d:61:aa:6e:e7:92:82:e5:64:fb:64:
4b:5b:e6:1a:a2:a9:8c:78:2f:9d:37:82:41:9b:57:
d3:ae:99:3c:79:c8:d7:ef:4a:ac:21:1f:55:ab:ae:
d5:6d:db:a1:91:50:b5:4f:1a:e3:28:24:c7:2c:e6:
ff:29:e7:67:20:94:37:1f:ad:96:ac:58:6a:f7:32:
ab:33:27:ff:53:8a:26:d7:74:86:fd:2f:3c:1d:f0:
50:f9:d9:49:09:11:b5:da:67:fe:8b:84:d1:1e:cf:
d5:0c:01:69:b3:c9:cf:a0:99:6f:e0:e6:9d:af:24:
df:bb:59:a4:16:bb:ae:f6:d1:e7:2a:e6:5d:4b:c6:
4e:18:80:5b:5b:45:74:f6:e9:f6:03:81:db:78:8f:
ed:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C8:38:21:80:A7:AA:4B:E0:54:1B:35:86:D5:A2:59:62:C0:29:04
X509v3 Authority Key Identifier:
keyid:28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/Kcg4IYCnqkvgVBs1htWiWWLAKQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.220.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:b6:cf:7f:0a:00:58:e4:f3:c4:b2:48:5f:6f:d1:c7:cc:d7:
e6:3e:7b:44:68:ab:49:df:c8:df:08:3c:5d:a0:6a:d0:69:88:
14:3b:99:68:b1:a5:34:63:c1:01:f0:38:ab:86:9d:af:74:40:
a2:06:0e:89:42:40:89:39:6e:42:8b:69:4c:a6:34:5e:fa:06:
cb:40:ed:ff:0c:a8:e3:b6:b2:43:76:95:2e:ed:93:9e:b7:4d:
f1:5c:5b:15:91:5c:76:93:7f:31:e8:70:cd:da:56:62:a2:cf:
5c:1c:d7:55:28:18:c8:58:a7:aa:7e:1d:4c:fa:f7:43:93:83:
2d:d7:37:d9:ba:05:1f:4c:7a:61:16:06:12:0f:59:f3:73:50:
ea:4d:1e:ec:6a:92:a4:42:c3:46:aa:84:10:e6:6e:7e:1e:d0:
fa:61:1a:26:cf:65:88:31:15:7f:66:f7:79:3b:e9:69:e5:01:
64:63:f6:06:41:5b:52:27:30:05:1a:98:6e:d6:18:dc:f5:5b:
90:ca:2c:46:9c:34:25:2c:10:c8:6a:33:ad:a8:0a:cc:0d:ce:
89:36:7e:08:a3:ca:fc:12:96:8e:ab:7e:39:2f:7f:95:eb:51:
de:c3:34:06:d9:d5:6c:be:d3:35:7d:b8:96:8e:78:c2:be:c6:
87:85:5a:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU6oB+Q1uRXOYsSrWWdNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YjBmZjc5OThjYTg4NTRjZTdjNDc1YTk3MmVkMWQ1MmE1
YzYwY2QwHhcNMjMwMTAxMDc1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM4MzgyMTgwYTdhYTRiZTA1NDFiMzU4NmQ1YTI1OTYyYzAyOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAhT+I5u8Fiv1Kr2IzqSOdu6s9E3
cN3PolZ+mPvVijLxBPnxiEqA3nWTLszdBHIlwJ50XNFHovVx/nHUdKZEBjg58QQm
JkUMAKQYlr7r654sv5FA3QVmZzgdtVjG1NngIiPzx/GtzxDKOybUHWGqbueSguVk
+2RLW+YaoqmMeC+dN4JBm1fTrpk8ecjX70qsIR9Vq67VbduhkVC1TxrjKCTHLOb/
KednIJQ3H62WrFhq9zKrMyf/U4om13SG/S88HfBQ+dlJCRG12mf+i4TRHs/VDAFp
s8nPoJlv4OadryTfu1mkFruu9tHnKuZdS8ZOGIBbW0V09un2A4HbeI/tfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnIOCGAp6pL4FQbNYbVolliwCkEMB8GA1UdIwQY
MBaAFCiw/3mYyohUznxHWpcu0dUqXGDNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDIt
MjY3NTQ3ZWExZTM1LzEvS2NnNElZQ25xa3ZnVkJzMWh0V2lXV0xBS1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDItMjY3NTQ3ZWExZTM1
LzEvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXfcMA0G
CSqGSIb3DQEBCwUAA4IBAQC0ts9/CgBY5PPEskhfb9HHzNfmPntEaKtJ38jfCDxd
oGrQaYgUO5losaU0Y8EB8Dirhp2vdECiBg6JQkCJOW5Ci2lMpjRe+gbLQO3/DKjj
trJDdpUu7ZOet03xXFsVkVx2k38x6HDN2lZios9cHNdVKBjIWKeqfh1M+vdDk4Mt
1zfZugUfTHphFgYSD1nzc1DqTR7sapKkQsNGqoQQ5m5+HtD6YRomz2WIMRV/Zvd5
O+lp5QFkY/YGQVtSJzAFGphu1hjc9VuQyixGnDQlLBDIajOtqArMDc6JNn4Io8r8
EpaOq345L3+V61HewzQG2dVsvtM1fbiWjnjCvsaHhVon
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:22 2024 by rpki-client on console-ams.rpki-client.org