Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/KtX_PJZvnWu8lpgsktFT_j4KjSg.roa
File: KtX_PJZvnWu8lpgsktFT_j4KjSg.roa (raw, json)
Hash identifier: 3iPu8ye6n675RMfmsouKgCH3bpeNtVShxkhUcc80BdE=
Subject key identifier: 2A:D5:FF:3C:96:6F:9D:6B:BC:96:98:2C:92:D1:53:FE:3E:0A:8D:28
Certificate issuer: /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial: 018CC56E5AE6632844487EF2836DA9F92BF0
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/KtX_PJZvnWu8lpgsktFT_j4KjSg.roa
Signing time: Mon 01 Jan 2024 14:29:52 +0000
ROA not before: Mon 01 Jan 2024 14:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 185.43.192.0/24 maxlen: 24
185.43.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:5a:e6:63:28:44:48:7e:f2:83:6d:a9:f9:2b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Validity
Not Before: Jan 1 14:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ad5ff3c966f9d6bbc96982c92d153fe3e0a8d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:72:31:a9:24:ac:17:76:64:a3:b4:b6:54:8f:
3b:e6:58:7a:22:b3:9b:ab:60:b6:49:a4:3f:af:8d:
7c:e0:07:2f:48:9a:e4:51:68:f9:4d:4d:94:f8:ba:
6d:3a:24:bd:d8:e5:a8:f5:20:11:7b:b1:b1:dd:b7:
26:d5:be:e9:d0:14:fa:13:dd:01:9e:13:fd:16:d4:
6a:8f:23:d5:38:76:28:98:8d:d2:b2:32:c8:a1:0b:
dc:f4:2f:f2:49:ec:c7:0b:7c:56:40:4e:e1:cb:1e:
d2:93:b0:25:7e:55:f1:56:b0:a2:07:88:66:f1:ae:
01:87:e2:99:33:e1:b6:44:e9:25:48:31:32:82:98:
9c:f7:00:b0:74:19:79:c5:2b:c2:fa:74:3d:2b:2c:
9a:c8:52:d4:1c:20:29:4e:fe:61:d1:f9:9e:17:9d:
a1:87:c5:3f:f0:b4:ff:2d:91:e2:bc:56:6f:bc:97:
4f:01:d3:32:65:59:ea:3f:1e:2a:31:d1:38:64:7f:
26:af:15:5c:c6:ea:4c:73:82:24:7b:68:25:12:0a:
85:3d:db:ff:db:c9:3b:1c:8b:2d:d9:42:c3:f4:56:
1d:f5:9b:a0:6e:57:d8:b2:e6:6a:3c:b9:ce:6c:f2:
d2:52:cc:05:f6:ec:e3:ef:62:b0:0c:a0:3b:c2:68:
3a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D5:FF:3C:96:6F:9D:6B:BC:96:98:2C:92:D1:53:FE:3E:0A:8D:28
X509v3 Authority Key Identifier:
keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/KtX_PJZvnWu8lpgsktFT_j4KjSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.192.0/23
Signature Algorithm: sha256WithRSAEncryption
98:22:bf:e2:4f:13:8a:f3:70:3b:e0:4d:a7:c1:2a:9e:a5:fb:
e9:03:26:93:0f:c2:ed:cc:32:e3:f6:77:98:81:11:76:07:3e:
d8:a1:c3:35:55:a4:1a:7d:4f:f3:2e:9c:9a:43:89:74:90:89:
18:33:59:2c:c6:8e:a4:ac:1e:ab:d9:e6:fa:15:d0:b7:7d:72:
15:74:54:63:dd:3d:39:e2:92:d2:04:57:d9:43:ec:83:51:9f:
30:ab:e1:6e:70:1f:b6:99:fa:65:ca:a2:be:03:b4:04:97:b5:
cc:ae:72:42:1e:83:e8:64:ae:b7:04:27:71:aa:e5:41:31:61:
07:74:ac:ef:ed:10:e2:7e:2e:15:64:d3:9b:7a:af:76:78:15:
ee:2d:12:5d:a3:69:33:c6:12:12:18:79:70:06:7c:d9:06:cc:
a8:aa:32:6e:eb:20:30:fb:6b:24:9d:d8:5e:0c:c7:7b:45:74:
1e:56:35:88:cd:8b:2e:4d:65:19:a8:17:b1:d8:25:b9:95:be:
8e:70:af:97:22:df:fb:8d:fe:31:20:9d:7a:80:13:fd:e3:6a:
83:a7:a0:90:35:d7:e2:8b:2b:9f:bf:3e:a6:9f:38:bd:94:52:
76:c0:32:f8:72:5c:09:3b:ab:a2:f7:ac:e8:0f:0a:de:41:b8:
bd:85:83:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFblrmYyhESH7yg22p+SvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDI3MjFmMmUyYmQwMTFiOGE2ODYwYWQyNTcyYzQwNWMw
YjU0MGYwHhcNMjQwMTAxMTQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQ1ZmYzYzk2NmY5ZDZiYmM5Njk4MmM5MmQxNTNmZTNlMGE4ZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXIxqSSsF3Zko7S2VI875lh6IrOb
q2C2SaQ/r4184AcvSJrkUWj5TU2U+LptOiS92OWo9SARe7Gx3bcm1b7p0BT6E90B
nhP9FtRqjyPVOHYomI3SsjLIoQvc9C/ySezHC3xWQE7hyx7Sk7AlflXxVrCiB4hm
8a4Bh+KZM+G2ROklSDEygpic9wCwdBl5xSvC+nQ9KyyayFLUHCApTv5h0fmeF52h
h8U/8LT/LZHivFZvvJdPAdMyZVnqPx4qMdE4ZH8mrxVcxupMc4Ike2glEgqFPdv/
28k7HIst2ULD9FYd9ZugblfYsuZqPLnObPLSUswF9uzj72KwDKA7wmg60wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrV/zyWb51rvJaYLJLRU/4+Co0oMB8GA1UdIwQY
MBaAFOnSch8uK9ARuKaGCtJXLEBcC1QPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTkt
YzQ1OTAzYzNiMzI5LzEvS3RYX1BKWnZuV3U4bHBnc2t0RlRfajRLalNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTktYzQ1OTAzYzNiMzI5
LzEvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSvAMA0G
CSqGSIb3DQEBCwUAA4IBAQCYIr/iTxOK83A74E2nwSqepfvpAyaTD8LtzDLj9neY
gRF2Bz7YocM1VaQafU/zLpyaQ4l0kIkYM1ksxo6krB6r2eb6FdC3fXIVdFRj3T05
4pLSBFfZQ+yDUZ8wq+FucB+2mfplyqK+A7QEl7XMrnJCHoPoZK63BCdxquVBMWEH
dKzv7RDifi4VZNObeq92eBXuLRJdo2kzxhISGHlwBnzZBsyoqjJu6yAw+2skndhe
DMd7RXQeVjWIzYsuTWUZqBex2CW5lb6OcK+XIt/7jf4xIJ16gBP942qDp6CQNdfi
iyufvz6mnzi9lFJ2wDL4clwJO6ui96zoDwreQbi9hYO1
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:26 2025 by rpki-client