Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/KHSNO_yskULqdDy8e-LZzwfiyEU.roa
File: KHSNO_yskULqdDy8e-LZzwfiyEU.roa (raw, json)
Hash identifier: CBB76WcJcPlTHXGYVDto4qgylwm9ag3nie2c9XMfarA=
Subject key identifier: 28:74:8D:3B:FC:AC:91:42:EA:74:3C:BC:7B:E2:D9:CF:07:E2:C8:45
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0192FB0240461F2080D76E8828BBC535BAD2
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/KHSNO_yskULqdDy8e-LZzwfiyEU.roa
Signing time: Tue 05 Nov 2024 06:28:01 +0000
ROA not before: Tue 05 Nov 2024 06:28:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 188.208.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 16:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:02:40:46:1f:20:80:d7:6e:88:28:bb:c5:35:ba:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Nov 5 06:28:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28748d3bfcac9142ea743cbc7be2d9cf07e2c845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:33:a9:18:47:64:f2:2a:1b:96:02:de:99:
cc:ad:65:07:5b:eb:4a:2c:06:2e:87:9e:18:ea:74:
0f:80:6f:95:99:37:b9:8c:c9:9d:65:7d:95:1c:36:
75:83:ea:3c:25:c5:2e:68:a2:9f:c7:f2:7c:7e:28:
7b:4c:b7:ab:23:99:6a:01:83:7a:73:8a:50:f5:51:
30:bb:0d:17:9a:d8:61:94:9f:d7:7c:da:86:61:a5:
bf:b3:25:3a:1a:fc:4d:dc:3d:93:87:0a:bd:2c:a5:
8c:ce:71:3d:d9:f8:7f:eb:98:17:bb:35:db:6c:55:
ad:de:6f:3b:4b:f7:56:28:5b:84:4c:47:50:df:47:
f6:29:45:96:75:bb:c9:91:f2:24:74:26:66:d0:2a:
9e:4f:36:64:ca:1f:d6:33:8b:21:89:63:0f:3f:66:
08:22:dd:45:0d:f0:ec:d9:89:e8:0b:39:5a:0c:45:
50:97:ec:c1:e8:21:a4:90:f4:a8:83:01:96:19:aa:
40:e5:13:6e:4b:7e:64:7a:b0:ec:04:c6:b3:94:f3:
35:c7:83:b7:68:e2:64:0e:b7:11:3b:17:c6:a1:c1:
4d:1c:a8:c2:09:99:ce:4c:0b:97:3b:00:2e:2b:a5:
0e:6f:01:13:7a:f8:f6:3d:ca:fc:4f:7c:b1:e6:f6:
1b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:74:8D:3B:FC:AC:91:42:EA:74:3C:BC:7B:E2:D9:CF:07:E2:C8:45
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/KHSNO_yskULqdDy8e-LZzwfiyEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.124.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ae:7f:82:46:6b:f2:ce:0f:87:1f:3e:3c:f1:66:6b:28:83:
eb:bd:a8:ff:74:32:fa:3c:7e:73:72:a0:30:18:56:a7:ff:c8:
0b:14:81:da:2b:82:59:87:7a:15:0e:26:ca:b4:8a:7a:c4:f2:
68:44:79:aa:6d:d6:91:49:a8:fa:60:2d:a1:7e:92:1b:6e:93:
99:05:65:eb:67:ca:22:c1:9f:41:d8:70:df:8c:12:af:bb:f7:
7d:b1:15:cc:ca:77:5f:be:ef:da:5e:90:f3:5b:b9:0d:ab:20:
a5:ce:3d:60:51:8a:f2:13:fc:23:45:39:b3:14:61:99:f1:57:
b5:13:b3:52:6c:5c:b3:95:2e:59:09:cd:4f:44:44:7b:70:2c:
14:52:b6:82:ae:a5:d2:12:cd:8b:75:f5:d3:46:84:fc:6d:bb:
f5:b9:f3:a8:b0:bd:8f:4f:24:3f:5f:51:f2:d1:ef:56:88:f3:
e9:0a:e9:d8:3a:e7:88:6f:7c:11:31:77:15:6c:62:1e:14:bf:
3e:7b:82:63:ad:c7:6c:88:d7:ff:f5:09:22:eb:3b:50:57:6f:
89:5a:ea:97:d9:82:2c:c9:a5:f9:fe:d5:89:c2:62:e1:55:a2:
af:ce:cb:2a:58:12:03:1c:c1:dc:3f:22:3f:48:fd:d4:6c:d3:
d0:df:25:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL7AkBGHyCA126IKLvFNbrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjQxMTA1MDYyODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc0OGQzYmZjYWM5MTQyZWE3NDNjYmM3YmUyZDljZjA3ZTJjODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM0zqRhHZPIqG5YC3pnMrWUHW+tK
LAYuh54Y6nQPgG+VmTe5jMmdZX2VHDZ1g+o8JcUuaKKfx/J8fih7TLerI5lqAYN6
c4pQ9VEwuw0XmthhlJ/XfNqGYaW/syU6GvxN3D2Thwq9LKWMznE92fh/65gXuzXb
bFWt3m87S/dWKFuETEdQ30f2KUWWdbvJkfIkdCZm0CqeTzZkyh/WM4shiWMPP2YI
It1FDfDs2YnoCzlaDEVQl+zB6CGkkPSogwGWGapA5RNuS35kerDsBMazlPM1x4O3
aOJkDrcROxfGocFNHKjCCZnOTAuXOwAuK6UObwETevj2Pcr8T3yx5vYbKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCh0jTv8rJFC6nQ8vHvi2c8H4shFMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvS0hTTk9feXNrVUxxZER5OGUtTFp6d2ZpeUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNB8MA0G
CSqGSIb3DQEBCwUAA4IBAQAbrn+CRmvyzg+HHz488WZrKIPrvaj/dDL6PH5zcqAw
GFan/8gLFIHaK4JZh3oVDibKtIp6xPJoRHmqbdaRSaj6YC2hfpIbbpOZBWXrZ8oi
wZ9B2HDfjBKvu/d9sRXMyndfvu/aXpDzW7kNqyClzj1gUYryE/wjRTmzFGGZ8Ve1
E7NSbFyzlS5ZCc1PRER7cCwUUraCrqXSEs2LdfXTRoT8bbv1ufOosL2PTyQ/X1Hy
0e9WiPPpCunYOueIb3wRMXcVbGIeFL8+e4JjrcdsiNf/9Qki6ztQV2+JWuqX2YIs
yaX5/tWJwmLhVaKvzssqWBIDHMHcPyI/SP3UbNPQ3yXb
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:30 2025 by rpki-client