Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/kLHK-BhYuB2RrCY3g36KEDnfZ8w.roa
File: kLHK-BhYuB2RrCY3g36KEDnfZ8w.roa (raw, json)
Hash identifier: WbxQqfFwOJKm1RGJU47RFAKbbpqaCACeCizZ5uRNHhE=
Subject key identifier: 90:B1:CA:F8:18:58:B8:1D:91:AC:26:37:83:7E:8A:10:39:DF:67:CC
Certificate issuer: /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial: 01857255B066A3667A6BDCD830E70EE1FD51
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/kLHK-BhYuB2RrCY3g36KEDnfZ8w.roa
Signing time: Mon 02 Jan 2023 11:54:56 +0000
ROA not before: Mon 02 Jan 2023 11:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199598
IP address blocks: 62.228.253.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:b0:66:a3:66:7a:6b:dc:d8:30:e7:0e:e1:fd:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Validity
Not Before: Jan 2 11:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90b1caf81858b81d91ac2637837e8a1039df67cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:45:13:35:32:e7:ca:74:19:ed:ae:c8:58:27:
46:be:6f:68:e1:a3:93:58:df:ea:17:df:d7:a1:1d:
3f:6f:0b:80:36:7c:59:82:06:17:c0:04:42:e4:40:
0e:0b:59:24:76:74:31:17:b9:1c:cf:63:0d:ff:98:
d2:92:64:83:1e:27:97:14:6b:3a:b1:a0:e3:73:a4:
de:d4:0c:d8:07:a5:3b:0b:a7:f6:77:da:33:cf:f3:
1c:f4:b4:d6:b9:29:64:d7:2e:61:2f:8a:7d:3f:27:
34:0f:84:fe:36:32:be:27:52:a6:a8:6a:74:ae:a7:
da:c2:30:d4:2a:ac:4c:c4:59:5b:ed:2b:c2:f4:d3:
cb:3e:5d:de:34:08:d3:10:1a:46:4f:1a:d2:54:a4:
d8:4e:9a:5a:91:8a:2a:f8:d9:ea:df:75:47:70:c8:
d8:87:d7:2f:c0:f6:33:4c:b5:95:c1:b5:29:21:0c:
86:59:af:ff:86:e7:45:57:1b:06:07:34:4d:a5:ba:
bf:8f:7d:07:2b:69:39:81:d6:a6:19:54:9c:92:e0:
74:51:95:e8:92:20:62:7b:34:59:68:58:5f:60:03:
d6:0e:c4:63:b0:4e:11:5f:6a:57:26:db:b3:48:fd:
73:cd:3b:01:d6:8b:41:37:c9:5d:64:03:73:38:2a:
32:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B1:CA:F8:18:58:B8:1D:91:AC:26:37:83:7E:8A:10:39:DF:67:CC
X509v3 Authority Key Identifier:
keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/kLHK-BhYuB2RrCY3g36KEDnfZ8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.228.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:04:cc:df:2d:36:9f:3b:14:1d:32:9c:73:cc:ca:1a:45:f2:
84:d9:3b:cd:93:66:1f:4e:f1:9c:0c:7f:b5:cf:1c:bf:3b:79:
80:ed:ed:23:d1:b6:55:55:c2:3a:9f:07:42:32:7a:18:26:53:
85:4b:01:34:00:5e:3e:4e:45:0e:2c:a6:f4:71:26:08:a4:5c:
5d:b6:18:83:d1:90:f3:66:2c:39:cc:97:63:65:3b:21:43:8c:
2c:da:40:5c:29:bd:a2:0d:b9:5c:26:41:c3:61:63:13:1e:a8:
cd:b5:0d:ab:d1:17:c5:8d:04:13:d8:d8:e8:1e:c7:00:3b:bb:
6b:40:64:36:62:ce:53:b2:21:12:98:f7:4c:86:ee:8f:2b:8d:
98:aa:c9:a9:5a:8c:cf:54:85:63:bd:93:e2:c4:29:8f:40:61:
b6:78:3d:ff:7a:d7:65:f0:d6:a3:84:ed:43:3c:c7:38:7e:e4:
2b:62:a5:f1:e4:4d:2c:c2:21:d3:85:d9:89:86:b1:3b:af:01:
69:7c:61:60:06:b8:95:51:06:d5:7e:97:61:4b:0a:e3:5d:a7:
c2:8c:7b:b1:da:70:de:7f:46:0c:a7:90:71:03:8e:24:a9:e8:
4f:55:05:85:40:ec:3c:6e:88:42:1a:18:73:5a:69:04:19:8b:
68:43:03:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVbBmo2Z6a9zYMOcO4f1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjMwMTAyMTE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGIxY2FmODE4NThiODFkOTFhYzI2Mzc4MzdlOGExMDM5ZGY2N2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEUTNTLnynQZ7a7IWCdGvm9o4aOT
WN/qF9/XoR0/bwuANnxZggYXwARC5EAOC1kkdnQxF7kcz2MN/5jSkmSDHieXFGs6
saDjc6Te1AzYB6U7C6f2d9ozz/Mc9LTWuSlk1y5hL4p9Pyc0D4T+NjK+J1KmqGp0
rqfawjDUKqxMxFlb7SvC9NPLPl3eNAjTEBpGTxrSVKTYTppakYoq+Nnq33VHcMjY
h9cvwPYzTLWVwbUpIQyGWa//hudFVxsGBzRNpbq/j30HK2k5gdamGVSckuB0UZXo
kiBiezRZaFhfYAPWDsRjsE4RX2pXJtuzSP1zzTsB1otBN8ldZANzOCoyGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCxyvgYWLgdkawmN4N+ihA532fMMB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEva0xISy1CaFl1QjJSckNZM2czNktFRG5mWjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuT9MA0G
CSqGSIb3DQEBCwUAA4IBAQBLBMzfLTafOxQdMpxzzMoaRfKE2TvNk2YfTvGcDH+1
zxy/O3mA7e0j0bZVVcI6nwdCMnoYJlOFSwE0AF4+TkUOLKb0cSYIpFxdthiD0ZDz
Ziw5zJdjZTshQ4ws2kBcKb2iDblcJkHDYWMTHqjNtQ2r0RfFjQQT2NjoHscAO7tr
QGQ2Ys5TsiESmPdMhu6PK42YqsmpWozPVIVjvZPixCmPQGG2eD3/etdl8NajhO1D
PMc4fuQrYqXx5E0swiHThdmJhrE7rwFpfGFgBriVUQbVfpdhSwrjXafCjHux2nDe
f0YMp5BxA44kqehPVQWFQOw8bohCGhhzWmkEGYtoQwP1
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:03 2024 by rpki-client on console-ams.rpki-client.org