Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/KT1iW4I-54PP5hlZZ3X2cn74p4Y.roa
File: KT1iW4I-54PP5hlZZ3X2cn74p4Y.roa (raw, json)
Hash identifier: fYswNSNChOHAlsCZM4AaSKL7usn02OOz54JjCRln7G8=
Subject key identifier: 29:3D:62:5B:82:3E:E7:83:CF:E6:19:59:67:75:F6:72:7E:F8:A7:86
Certificate issuer: /CN=ead799026094d60516b527d842b6166805668e9e
Certificate serial: 01893622636EEC7DB33F721C7E7B0F2D3EC9
Authority key identifier: EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/KT1iW4I-54PP5hlZZ3X2cn74p4Y.roa
Signing time: Sat 08 Jul 2023 15:32:50 +0000
ROA not before: Sat 08 Jul 2023 15:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43422
IP address blocks: 159.101.244.0/22 maxlen: 22
159.101.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:36:22:63:6e:ec:7d:b3:3f:72:1c:7e:7b:0f:2d:3e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ead799026094d60516b527d842b6166805668e9e
Validity
Not Before: Jul 8 15:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=293d625b823ee783cfe619596775f6727ef8a786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:82:76:59:cb:71:11:96:7c:2d:a6:4b:e5:42:
7a:6f:d2:49:6b:50:c5:1c:a6:2a:2a:cd:95:c6:ea:
10:8e:32:e4:ca:be:c3:03:52:f7:8f:6f:2a:fd:48:
73:ce:a7:cc:e9:ab:03:66:8c:15:ba:d4:42:aa:2b:
3a:77:5c:14:30:fa:bd:81:b3:5d:3d:ca:1e:4d:14:
08:cb:2b:af:f5:d9:f5:07:a8:8e:64:d1:c3:4b:30:
f2:b0:d2:60:52:0a:17:7d:98:f4:dc:00:4d:9a:1e:
49:30:f5:01:21:f7:e5:ef:7c:94:fd:9a:4e:ad:cf:
e8:55:88:a0:69:80:40:e4:1b:c0:bc:f2:4e:d7:9b:
62:54:b2:9e:c4:ed:8f:a2:5b:f1:dd:2b:84:d8:e4:
33:1b:d4:23:62:94:8d:68:cb:9e:a9:d1:5a:91:41:
68:09:98:03:3e:59:a7:63:f2:a2:59:4c:43:4e:0e:
2e:71:18:7f:76:72:16:7d:01:49:98:95:6d:3e:2d:
ee:ed:29:1a:fc:83:3f:94:16:62:3a:01:a2:ba:0d:
70:2d:ca:61:bd:e6:48:51:9f:5f:6b:b3:68:04:f2:
8a:69:45:cd:8e:07:04:4e:4c:54:e1:f7:f6:4b:22:
7f:8f:bb:04:97:a8:d1:c7:53:31:d8:d1:47:93:5b:
15:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3D:62:5B:82:3E:E7:83:CF:E6:19:59:67:75:F6:72:7E:F8:A7:86
X509v3 Authority Key Identifier:
keyid:EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/KT1iW4I-54PP5hlZZ3X2cn74p4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.101.244.0-159.101.251.255
Signature Algorithm: sha256WithRSAEncryption
bc:3f:cd:70:e0:a6:29:67:a1:e5:76:da:da:95:32:19:23:c5:
b8:fa:1e:e2:e1:7a:f4:41:74:d0:43:20:23:79:aa:35:5e:b7:
38:be:60:8f:8d:0b:8b:2b:9e:bd:a8:11:e0:3b:85:31:c6:25:
92:18:bf:f0:01:73:1d:f0:7b:7b:ca:8f:21:8c:77:13:54:97:
42:f5:52:8d:46:a1:70:b6:09:02:30:0f:9f:1d:e2:5b:87:a3:
96:43:17:4f:a4:50:28:8d:1c:29:52:4f:3e:58:b4:69:21:90:
93:e6:1d:9f:72:c7:45:b1:e1:da:ed:48:a5:b1:c0:86:7e:e0:
d6:34:2c:f2:79:c9:c6:0f:09:94:0f:f8:69:58:a6:cc:f1:fa:
a6:2f:f8:34:97:b1:07:8e:83:f1:51:74:d7:55:72:b4:c1:6b:
76:80:ad:44:0f:c1:26:e0:e7:66:20:a3:d9:c0:c7:61:7f:aa:
83:30:f6:af:79:53:0b:4b:04:d5:8e:45:a3:78:fd:2b:7d:b5:
f9:df:a0:a8:95:fd:34:37:b9:39:f5:89:b2:d8:4d:cf:1d:d9:
8e:38:89:ef:80:4e:04:4f:81:ad:51:57:ab:c5:5b:c3:e0:9c:
c7:c8:b7:d1:98:88:96:65:ab:bc:b5:af:88:2b:9e:e4:9e:cd:
2e:6d:72:53
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYk2ImNu7H2zP3IcfnsPLT7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZDc5OTAyNjA5NGQ2MDUxNmI1MjdkODQyYjYxNjY4MDU2
NjhlOWUwHhcNMjMwNzA4MTUzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNkNjI1YjgyM2VlNzgzY2ZlNjE5NTk2Nzc1ZjY3MjdlZjhhNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4J2WctxEZZ8LaZL5UJ6b9JJa1DF
HKYqKs2VxuoQjjLkyr7DA1L3j28q/UhzzqfM6asDZowVutRCqis6d1wUMPq9gbNd
PcoeTRQIyyuv9dn1B6iOZNHDSzDysNJgUgoXfZj03ABNmh5JMPUBIffl73yU/ZpO
rc/oVYigaYBA5BvAvPJO15tiVLKexO2Polvx3SuE2OQzG9QjYpSNaMueqdFakUFo
CZgDPlmnY/KiWUxDTg4ucRh/dnIWfQFJmJVtPi3u7Ska/IM/lBZiOgGiug1wLcph
veZIUZ9fa7NoBPKKaUXNjgcETkxU4ff2SyJ/j7sEl6jRx1Mx2NFHk1sVbwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCk9YluCPueDz+YZWWd19nJ++KeGMB8GA1UdIwQY
MBaAFOrXmQJglNYFFrUn2EK2FmgFZo6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgt
MzBjOWUyMDJlOTk1LzEvS1QxaVc0SS01NFBQNWhsWlozWDJjbjc0cDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgtMzBjOWUyMDJlOTk1
LzEvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKfZfQD
BAKfZfgwDQYJKoZIhvcNAQELBQADggEBALw/zXDgpilnoeV22tqVMhkjxbj6HuLh
evRBdNBDICN5qjVetzi+YI+NC4srnr2oEeA7hTHGJZIYv/ABcx3we3vKjyGMdxNU
l0L1Uo1GoXC2CQIwD58d4luHo5ZDF0+kUCiNHClSTz5YtGkhkJPmHZ9yx0Wx4drt
SKWxwIZ+4NY0LPJ5ycYPCZQP+GlYpszx+qYv+DSXsQeOg/FRdNdVcrTBa3aArUQP
wSbg52Ygo9nAx2F/qoMw9q95UwtLBNWORaN4/St9tfnfoKiV/TQ3uTn1ibLYTc8d
2Y44ie+ATgRPga1RV6vFW8PgnMfIt9GYiJZlq7y1r4grnuSezS5tclM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org