Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/Kcn7d6SEvoGCbMVn7H6mQHgjyNk.roa
File: Kcn7d6SEvoGCbMVn7H6mQHgjyNk.roa (raw, json)
Hash identifier: KNNP1JmlOYWMu0udfY/ooqAVUwaaKmGtIVvRgP5BuzY=
Subject key identifier: 29:C9:FB:77:A4:84:BE:81:82:6C:C5:67:EC:7E:A6:40:78:23:C8:D9
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018FF97A395814BA7C5AB0839ED864F10B01
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/Kcn7d6SEvoGCbMVn7H6mQHgjyNk.roa
Signing time: Sat 08 Jun 2024 20:11:27 +0000
ROA not before: Sat 08 Jun 2024 20:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 178.239.147.0/24 maxlen: 24
178.239.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 19:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f9:7a:39:58:14:ba:7c:5a:b0:83:9e:d8:64:f1:0b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jun 8 20:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29c9fb77a484be81826cc567ec7ea6407823c8d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c0:c2:d9:08:66:1e:1f:60:25:ce:ac:d9:4e:
41:d3:50:7b:94:1a:c5:50:26:ea:5d:f8:40:3b:0e:
92:4e:24:f9:5f:e2:43:1d:59:a8:92:47:ee:5c:34:
62:79:65:25:ac:db:94:22:49:8b:0d:19:cc:2c:ff:
53:eb:97:aa:8e:c4:53:2a:51:75:e7:2f:fb:c3:79:
b1:d1:f5:54:5f:dd:b6:7e:cb:fd:65:ba:c9:e7:5a:
d0:fc:31:46:16:90:ed:a6:9c:48:41:52:d3:72:63:
c0:df:01:6a:79:71:90:bc:7f:1f:54:f8:d9:de:c5:
05:a2:15:26:96:af:31:09:4a:0f:f8:89:bb:11:e2:
75:fe:fe:4b:ff:6a:6b:0e:e1:73:a7:d1:85:bf:47:
fb:37:c5:3c:ae:1f:36:c4:8b:e8:b3:e8:83:38:a3:
e5:5c:a6:d3:05:95:de:13:c3:1a:21:36:88:3d:d4:
0b:92:7e:16:48:ca:07:0b:78:48:bd:1a:f0:80:48:
a5:82:7c:b3:21:69:57:7b:89:70:92:86:f1:d6:05:
9b:05:86:0f:fa:e4:9c:b6:aa:a0:80:9f:91:d3:39:
4c:60:5f:5c:8c:1a:8e:76:6c:33:30:12:9c:58:92:
47:48:93:d7:99:14:c0:87:9c:2c:a1:ce:1c:f7:f1:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C9:FB:77:A4:84:BE:81:82:6C:C5:67:EC:7E:A6:40:78:23:C8:D9
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/Kcn7d6SEvoGCbMVn7H6mQHgjyNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.147.0/24
178.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:0c:22:47:60:fd:52:72:eb:9a:94:67:70:83:58:5e:ad:62:
42:26:61:f4:93:a9:e8:59:16:b9:95:d5:62:29:2b:51:7a:27:
ec:d5:58:9a:bf:2a:1e:4b:07:26:2d:43:c1:cf:d6:8c:a6:85:
36:3c:52:7e:8f:fd:65:08:6b:72:03:3b:19:d0:f9:43:0e:df:
6c:39:03:a1:08:2d:76:96:31:a4:17:44:58:7d:7f:2a:5c:31:
ec:0b:ea:f9:a0:65:04:57:08:a6:66:7d:a1:72:61:22:e2:d5:
55:3a:b9:db:90:05:fd:c9:8e:cc:89:a0:02:15:8e:b2:d0:e4:
89:b6:4b:e6:e5:d6:d6:5e:7f:ee:f8:24:a9:d6:d7:52:11:cf:
e4:0d:25:27:b4:30:77:6f:72:5f:db:82:8a:60:fd:60:84:e2:
b0:5b:e5:d4:4a:05:d6:3a:2b:25:93:4e:6d:c9:c3:de:f7:3f:
1a:65:79:ed:7c:7d:3a:ef:4b:4e:41:1b:9d:59:6e:a5:8d:aa:
4b:a9:4c:07:df:78:da:86:75:68:9b:66:4f:4c:91:21:66:6a:
d9:bd:17:0e:d0:8a:e1:1e:ee:01:f5:ea:fc:d1:40:44:b7:9a:
5e:89:ac:72:da:42:a8:a4:d3:b4:99:1d:9f:31:55:44:bc:9e:
5b:85:9c:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/5ejlYFLp8WrCDnthk8QsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwNjA4MjAxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM5ZmI3N2E0ODRiZTgxODI2Y2M1NjdlYzdlYTY0MDc4MjNjOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMDC2QhmHh9gJc6s2U5B01B7lBrF
UCbqXfhAOw6STiT5X+JDHVmokkfuXDRieWUlrNuUIkmLDRnMLP9T65eqjsRTKlF1
5y/7w3mx0fVUX922fsv9ZbrJ51rQ/DFGFpDtppxIQVLTcmPA3wFqeXGQvH8fVPjZ
3sUFohUmlq8xCUoP+Im7EeJ1/v5L/2prDuFzp9GFv0f7N8U8rh82xIvos+iDOKPl
XKbTBZXeE8MaITaIPdQLkn4WSMoHC3hIvRrwgEilgnyzIWlXe4lwkobx1gWbBYYP
+uSctqqggJ+R0zlMYF9cjBqOdmwzMBKcWJJHSJPXmRTAh5wsoc4c9/FW6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnJ+3ekhL6BgmzFZ+x+pkB4I8jZMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvS2NuN2Q2U0V2b0dDYk1WbjdINm1RSGdqeU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsu+TAwQA
su+WMA0GCSqGSIb3DQEBCwUAA4IBAQC2DCJHYP1ScuualGdwg1herWJCJmH0k6no
WRa5ldViKStReifs1ViavyoeSwcmLUPBz9aMpoU2PFJ+j/1lCGtyAzsZ0PlDDt9s
OQOhCC12ljGkF0RYfX8qXDHsC+r5oGUEVwimZn2hcmEi4tVVOrnbkAX9yY7MiaAC
FY6y0OSJtkvm5dbWXn/u+CSp1tdSEc/kDSUntDB3b3Jf24KKYP1ghOKwW+XUSgXW
Oislk05tycPe9z8aZXntfH0670tOQRudWW6ljapLqUwH33jahnVom2ZPTJEhZmrZ
vRcO0IrhHu4B9er80UBEt5peiaxy2kKopNO0mR2fMVVEvJ5bhZyV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:54 2025 by rpki-client