Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/ckgHpJQ_mqDzaSns__KudeTCeS4.roa
File: ckgHpJQ_mqDzaSns__KudeTCeS4.roa (raw, json)
Hash identifier: 3C2IJ1yjmpJCVzayWDGo6T+Dp/N6Mht7ie9jUKhYjrI=
Subject key identifier: 72:48:07:A4:94:3F:9A:A0:F3:69:29:EC:FF:F2:AE:75:E4:C2:79:2E
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 018D87B3F9BA62F8E9C8BD2A78B500C192E3
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/ckgHpJQ_mqDzaSns__KudeTCeS4.roa
Signing time: Thu 08 Feb 2024 07:52:15 +0000
ROA not before: Thu 08 Feb 2024 07:52:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33885
IP address blocks: 109.104.0.0/19 maxlen: 19
185.86.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 08 Feb 2024 09:06:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:b3:f9:ba:62:f8:e9:c8:bd:2a:78:b5:00:c1:92:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Feb 8 07:52:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=724807a4943f9aa0f36929ecfff2ae75e4c2792e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7b:37:ff:1d:4d:58:a3:e1:36:4e:80:0e:93:
ed:b0:31:bf:9a:ac:97:02:ac:be:6d:8c:dd:77:98:
3d:df:5d:3b:ad:58:7f:3b:df:bb:4d:74:25:a7:59:
c8:79:f6:f5:9c:8c:f6:3a:95:c0:eb:34:92:86:68:
4c:67:20:b1:3d:2b:bf:76:57:bf:15:b5:9d:66:17:
f6:60:fe:96:a7:ab:58:c5:fa:7d:b1:f0:96:da:36:
a4:5a:a0:76:8f:90:06:7b:2f:d3:05:cb:ed:be:20:
bb:7c:20:de:4a:8b:8b:28:5b:7e:14:dc:f9:8d:48:
0b:54:98:80:47:3c:f5:e3:85:b1:fb:26:c2:59:a8:
1a:8a:57:f9:7a:b7:c1:1f:de:a1:78:cd:25:31:47:
ec:2d:8a:9d:d1:98:9b:bc:3d:9d:7e:a9:fe:34:31:
9d:50:bd:19:4a:a2:b4:d3:70:0b:ed:9b:ef:54:69:
aa:d9:ff:00:c9:7d:40:fe:85:d2:44:c1:25:0c:99:
a5:54:89:0f:95:b8:7f:7a:74:1c:22:8c:e3:0f:58:
0f:65:91:60:da:c0:a8:f6:fc:1a:0e:fa:8c:c2:05:
a5:31:b7:a2:99:71:f8:da:f8:1d:e2:c2:36:ea:b1:
c6:13:b4:ff:60:65:a0:35:7e:0c:2e:49:88:2b:bc:
f8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:48:07:A4:94:3F:9A:A0:F3:69:29:EC:FF:F2:AE:75:E4:C2:79:2E
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/ckgHpJQ_mqDzaSns__KudeTCeS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.0.0/19
185.86.100.0/22
Signature Algorithm: sha256WithRSAEncryption
13:15:fe:c4:74:00:e9:a5:16:d2:c5:bf:2e:56:46:33:0e:24:
25:e8:7d:4a:e3:e7:4e:14:96:41:1b:cd:a9:ad:3e:30:29:b9:
6c:bd:b6:66:4c:1d:95:08:4a:78:46:5a:9e:57:ee:5d:c0:69:
df:c5:88:4c:78:6a:e3:07:87:8f:c0:96:2d:d6:d5:b0:86:eb:
7a:c9:dd:cf:2c:7b:68:31:ad:c8:20:fb:c1:35:44:91:60:cc:
d2:13:48:0f:56:2f:bf:6e:df:19:9d:e3:e4:54:59:08:6b:a0:
01:b4:85:1b:f1:12:ec:3a:aa:9d:32:d7:cb:a9:c7:ea:d8:23:
ae:35:37:c5:6b:63:dc:9f:6d:fe:8e:0f:36:e4:cc:8d:aa:58:
9c:c5:83:e7:93:2f:d6:3a:b6:f2:13:d8:90:d2:69:45:f0:14:
67:d0:35:e4:3d:3e:f5:b9:9c:43:c8:83:0b:62:11:87:a5:de:
03:9d:6d:0d:a5:3a:42:b1:db:8a:83:56:c2:38:66:ad:4d:04:
5f:fb:ce:74:6a:c8:25:11:62:de:07:17:76:ad:e4:d1:70:c9:
79:96:1f:f6:d4:4a:6e:f4:d1:7d:f1:2f:c3:57:93:6f:38:bf:
70:1f:83:e0:ff:d3:18:82:d3:ee:33:29:b6:78:4b:a2:8f:f0:
5f:2f:19:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2Hs/m6YvjpyL0qeLUAwZLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjQwMjA4MDc1MjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQ4MDdhNDk0M2Y5YWEwZjM2OTI5ZWNmZmYyYWU3NWU0YzI3OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHs3/x1NWKPhNk6ADpPtsDG/mqyX
Aqy+bYzdd5g93107rVh/O9+7TXQlp1nIefb1nIz2OpXA6zSShmhMZyCxPSu/dle/
FbWdZhf2YP6Wp6tYxfp9sfCW2jakWqB2j5AGey/TBcvtviC7fCDeSouLKFt+FNz5
jUgLVJiARzz144Wx+ybCWagailf5erfBH96heM0lMUfsLYqd0ZibvD2dfqn+NDGd
UL0ZSqK003AL7ZvvVGmq2f8AyX1A/oXSRMElDJmlVIkPlbh/enQcIozjD1gPZZFg
2sCo9vwaDvqMwgWlMbeimXH42vgd4sI26rHGE7T/YGWgNX4MLkmIK7z4TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHJIB6SUP5qg82kp7P/yrnXkwnkuMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvY2tnSHBKUV9tcUR6YVNuc19fS3VkZVRDZVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFbWgAAwQC
uVZkMA0GCSqGSIb3DQEBCwUAA4IBAQATFf7EdADppRbSxb8uVkYzDiQl6H1K4+dO
FJZBG82prT4wKblsvbZmTB2VCEp4RlqeV+5dwGnfxYhMeGrjB4ePwJYt1tWwhut6
yd3PLHtoMa3IIPvBNUSRYMzSE0gPVi+/bt8ZnePkVFkIa6ABtIUb8RLsOqqdMtfL
qcfq2COuNTfFa2Pcn23+jg825MyNqlicxYPnky/WOrbyE9iQ0mlF8BRn0DXkPT71
uZxDyIMLYhGHpd4DnW0NpTpCsduKg1bCOGatTQRf+850asglEWLeBxd2reTRcMl5
lh/21Epu9NF98S/DV5NvOL9wH4Pg/9MYgtPuMym2eEuij/BfLxmn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:19 2024 by rpki-client on console-fra.rpki-client.org