Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/KV-8gRYI_N4kQluyhIK3AoEFlBA.roa
File: KV-8gRYI_N4kQluyhIK3AoEFlBA.roa (raw, json)
Hash identifier: gLUQA8fAIJdzNbB6FHsjs/W5tEfUaDfdZtsEmdJ0jY0=
Subject key identifier: 29:5F:BC:81:16:08:FC:DE:24:42:5B:B2:84:82:B7:02:81:05:94:10
Certificate issuer: /CN=77ca53a8a5a03b055cb3f340fcbeb85d7ad487a8
Certificate serial: 018CC94E3012371BA4FCDC4373CDFF49AB92
Authority key identifier: 77:CA:53:A8:A5:A0:3B:05:5C:B3:F3:40:FC:BE:B8:5D:7A:D4:87:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8pTqKWgOwVcs_NA_L64XXrUh6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/KV-8gRYI_N4kQluyhIK3AoEFlBA.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16019
IP address blocks: 188.94.232.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 17 Sep 2024 08:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:30:12:37:1b:a4:fc:dc:43:73:cd:ff:49:ab:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77ca53a8a5a03b055cb3f340fcbeb85d7ad487a8
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=295fbc811608fcde24425bb28482b70281059410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e2:da:59:d8:6e:21:45:83:bf:64:57:a9:b3:
83:5f:b9:ad:69:71:86:9f:e0:a5:54:cd:36:82:1a:
d7:48:3e:15:b4:39:87:c2:d7:ab:ea:e1:48:39:d4:
05:ea:f3:fe:50:7f:f3:10:a5:b5:8e:6f:c2:f8:40:
29:a0:58:0b:ac:95:67:30:5a:65:5f:af:fd:5a:d1:
00:96:30:5a:22:65:04:e6:00:3c:79:8b:d4:af:98:
15:e4:fa:8d:a0:7c:bf:93:5c:ec:24:54:10:b0:35:
34:5b:be:4b:c8:a5:a4:bb:a0:8e:42:c4:10:33:9f:
9b:4c:1c:c8:0a:5c:98:18:f0:44:cc:22:5f:8a:fe:
92:6b:6a:9e:08:ce:47:02:4e:fb:3f:14:f0:b5:e9:
01:26:21:ca:f7:33:ec:b9:8a:fc:dd:a9:13:1c:42:
12:80:59:54:1e:77:61:ad:dd:ae:34:85:aa:8c:21:
84:09:73:66:77:90:0c:db:ca:7a:54:55:3a:26:2a:
7d:7f:fb:aa:30:c1:d8:34:48:c6:26:81:0c:9f:c2:
2e:2c:d2:46:71:6b:ef:28:88:29:11:f0:35:d0:fe:
b2:2e:08:fc:c3:d8:77:4c:d3:44:be:7e:ad:b5:2e:
a6:d0:51:af:48:59:6f:6a:4f:f3:fa:42:cc:f7:10:
11:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5F:BC:81:16:08:FC:DE:24:42:5B:B2:84:82:B7:02:81:05:94:10
X509v3 Authority Key Identifier:
keyid:77:CA:53:A8:A5:A0:3B:05:5C:B3:F3:40:FC:BE:B8:5D:7A:D4:87:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8pTqKWgOwVcs_NA_L64XXrUh6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/KV-8gRYI_N4kQluyhIK3AoEFlBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/d8pTqKWgOwVcs_NA_L64XXrUh6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.232.0/21
Signature Algorithm: sha256WithRSAEncryption
01:7e:f1:b1:00:6c:77:48:10:0d:d4:c9:f3:3e:d4:0a:73:3d:
ab:d1:cd:b2:ef:d3:6b:71:40:1c:b5:2c:3a:03:0d:d0:41:77:
b7:a5:d4:38:ca:a6:a0:04:17:d7:73:0c:3f:d7:0e:1e:d2:6e:
84:7f:90:0f:0c:6b:f8:b9:b1:90:c0:bd:d1:7e:05:2c:59:8c:
d3:42:3a:e3:40:b5:7f:a9:f0:78:56:4a:39:9c:fb:df:f4:4f:
68:21:2b:bf:02:cc:e9:cd:8a:b0:c3:10:c6:bb:78:6e:db:c3:
9e:77:8c:91:c7:71:5b:27:64:62:f2:f3:58:90:98:61:7a:5b:
4e:e7:ef:37:cd:0f:ad:11:31:9a:7e:35:e4:ad:53:a9:4a:aa:
dc:ac:18:4a:59:00:ff:18:52:c8:e2:d4:01:50:2a:6a:1a:97:
7f:eb:75:82:b9:e8:22:90:82:ee:31:3d:17:9d:3b:cf:5f:f4:
6b:b1:9e:bb:8b:89:bb:92:b8:2a:4c:bf:21:2e:bc:12:23:d8:
0c:1d:f0:8f:c1:1b:9b:cb:22:72:7a:24:51:99:09:ac:ca:63:
37:cb:7b:88:03:6e:3a:1e:f1:73:24:45:7f:0d:45:ed:7e:1d:
07:9d:03:fa:f1:cc:9c:7a:89:35:58:bc:3f:ee:ce:21:8a:f4:
39:cd:37:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTjASNxuk/NxDc83/SauSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3Y2E1M2E4YTVhMDNiMDU1Y2IzZjM0MGZjYmViODVkN2Fk
NDg3YTgwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTVmYmM4MTE2MDhmY2RlMjQ0MjViYjI4NDgyYjcwMjgxMDU5NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuLaWdhuIUWDv2RXqbODX7mtaXGG
n+ClVM02ghrXSD4VtDmHwter6uFIOdQF6vP+UH/zEKW1jm/C+EApoFgLrJVnMFpl
X6/9WtEAljBaImUE5gA8eYvUr5gV5PqNoHy/k1zsJFQQsDU0W75LyKWku6COQsQQ
M5+bTBzIClyYGPBEzCJfiv6Sa2qeCM5HAk77PxTwtekBJiHK9zPsuYr83akTHEIS
gFlUHndhrd2uNIWqjCGECXNmd5AM28p6VFU6Jip9f/uqMMHYNEjGJoEMn8IuLNJG
cWvvKIgpEfA10P6yLgj8w9h3TNNEvn6ttS6m0FGvSFlvak/z+kLM9xARBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClfvIEWCPzeJEJbsoSCtwKBBZQQMB8GA1UdIwQY
MBaAFHfKU6iloDsFXLPzQPy+uF161IeoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhwVHFLV2dPd1Zjc19OQV9MNjRYWHJVaDZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wZDc5YTQtODhhZS00MmU0LTkyOGMt
Y2MzZTc4ZjYyZGMyLzEvS1YtOGdSWUlfTjRrUWx1eWhJSzNBb0VGbEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wZDc5YTQtODhhZS00MmU0LTkyOGMtY2MzZTc4ZjYyZGMy
LzEvZDhwVHFLV2dPd1Zjc19OQV9MNjRYWHJVaDZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvF7oMA0G
CSqGSIb3DQEBCwUAA4IBAQABfvGxAGx3SBAN1MnzPtQKcz2r0c2y79NrcUActSw6
Aw3QQXe3pdQ4yqagBBfXcww/1w4e0m6Ef5APDGv4ubGQwL3RfgUsWYzTQjrjQLV/
qfB4Vko5nPvf9E9oISu/AszpzYqwwxDGu3hu28Oed4yRx3FbJ2Ri8vNYkJhheltO
5+83zQ+tETGafjXkrVOpSqrcrBhKWQD/GFLI4tQBUCpqGpd/63WCuegikILuMT0X
nTvPX/RrsZ67i4m7krgqTL8hLrwSI9gMHfCPwRubyyJyeiRRmQmsymM3y3uIA246
HvFzJEV/DUXtfh0HnQP68cyceok1WLw/7s4hivQ5zTf+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:22 2025 by rpki-client