Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KKXEBAaFYIpJG9ggxbb_elMiHHk.roa
File: KKXEBAaFYIpJG9ggxbb_elMiHHk.roa (raw, json)
Hash identifier: ulrpvotE0W4p8ikwiwpjppLYJruAA5M+Ly/jOukiVzM=
Subject key identifier: 28:A5:C4:04:06:85:60:8A:49:1B:D8:20:C5:B6:FF:7A:53:22:1C:79
Certificate issuer: /CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Certificate serial: 018CC64B634FD7FCBB78A2D78D72CE7C099C
Authority key identifier: 29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KKXEBAaFYIpJG9ggxbb_elMiHHk.roa
Signing time: Mon 01 Jan 2024 18:31:18 +0000
ROA not before: Mon 01 Jan 2024 18:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210579
IP address blocks: 217.13.111.0/24 maxlen: 24
91.227.138.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 31 Jul 2024 12:16:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:63:4f:d7:fc:bb:78:a2:d7:8d:72:ce:7c:09:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Validity
Not Before: Jan 1 18:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28a5c4040685608a491bd820c5b6ff7a53221c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:2e:6f:c0:94:6b:d4:4d:9d:19:2b:73:2d:
70:11:31:6a:9f:4c:c7:1f:2d:be:72:5a:47:a5:c5:
2d:fb:84:39:ba:66:4b:63:d9:c6:a5:d8:a1:a5:1c:
66:fb:74:dc:74:84:b9:88:72:73:ad:f4:3c:8a:d7:
b9:e7:47:3b:5e:e1:7e:4e:ef:f4:f8:28:9d:07:72:
e0:8b:f1:c7:8b:20:e5:6e:84:60:e9:90:43:85:03:
48:24:c6:03:01:a2:79:c4:67:aa:1c:fd:88:ec:42:
78:1e:3f:b2:47:19:d6:f1:2f:66:81:eb:96:72:79:
27:d4:a9:5f:02:08:e4:b6:7d:ca:73:de:71:13:dd:
89:89:c5:c6:e7:20:7f:0f:bd:22:52:10:f4:c7:55:
5c:95:2f:d1:d6:10:07:81:76:13:fd:fc:7a:ae:4c:
ad:fd:5b:37:a2:ae:f1:12:1e:fd:ba:b7:37:e2:d3:
44:31:b5:d3:b0:15:6a:22:39:0e:59:df:5d:2b:64:
e5:c7:51:15:21:45:f8:7e:39:07:ba:56:ea:cf:d1:
8f:27:10:db:c2:78:e1:41:36:10:eb:25:e4:11:f5:
ee:43:3c:33:73:fb:78:8f:87:40:b0:1c:34:80:bc:
17:bf:de:a5:99:9f:40:8b:67:02:9d:cc:20:fa:ff:
24:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A5:C4:04:06:85:60:8A:49:1B:D8:20:C5:B6:FF:7A:53:22:1C:79
X509v3 Authority Key Identifier:
keyid:29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KKXEBAaFYIpJG9ggxbb_elMiHHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KQzE0K1dr8J6pONC-oDjSBToRcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.138.0/23
217.13.111.0/24
Signature Algorithm: sha256WithRSAEncryption
48:32:65:47:66:47:1f:ca:3e:9e:88:b1:31:88:93:f7:fa:5a:
e3:38:99:a3:3b:fa:b0:dd:2b:a6:bd:c9:81:13:e1:73:9a:8e:
53:5c:cd:3f:b5:a4:0c:08:30:90:40:e4:c5:e0:5c:d5:fd:d7:
df:61:35:e5:fd:6c:07:dc:24:ee:a5:22:cf:e1:2d:db:3e:a8:
32:ac:42:b7:be:20:65:c8:89:03:93:8d:6d:da:76:85:9f:0b:
00:4c:8e:7f:0c:66:18:3d:a3:a1:09:7d:7c:f7:50:c7:7a:bf:
b7:77:ac:b5:01:e2:a2:99:01:ca:84:df:de:a6:dd:5d:1c:ef:
3f:ea:a1:a4:1a:70:ec:f2:9c:6f:d7:16:31:44:fd:32:4f:11:
35:cd:9a:b4:78:f0:6c:12:89:66:3b:2a:b3:b5:91:e4:55:24:
5b:9d:50:d3:09:47:1e:59:44:e8:a4:c9:6c:3b:cb:af:d0:56:
b9:7f:ef:92:35:15:9f:20:88:23:38:6e:01:3e:b9:21:ae:ff:
81:82:03:de:ea:4b:33:c5:69:e4:fd:b7:63:31:5f:fb:ed:ce:
46:25:9b:cb:2f:b1:67:e6:2d:45:46:76:34:67:81:26:05:eb:
eb:58:b5:30:83:29:56:1c:c2:81:04:b8:f8:05:0a:52:fd:23:
fd:54:7b:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS2NP1/y7eKLXjXLOfAmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGNjNGQwYWQ1ZGFmYzI3YWE0ZTM0MmZhODBlMzQ4MTRl
ODQ1YzMwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE1YzQwNDA2ODU2MDhhNDkxYmQ4MjBjNWI2ZmY3YTUzMjIxYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvQub8CUa9RNnRkrcy1wETFqn0zH
Hy2+clpHpcUt+4Q5umZLY9nGpdihpRxm+3TcdIS5iHJzrfQ8ite550c7XuF+Tu/0
+CidB3Lgi/HHiyDlboRg6ZBDhQNIJMYDAaJ5xGeqHP2I7EJ4Hj+yRxnW8S9mgeuW
cnkn1KlfAgjktn3Kc95xE92JicXG5yB/D70iUhD0x1VclS/R1hAHgXYT/fx6rkyt
/Vs3oq7xEh79urc34tNEMbXTsBVqIjkOWd9dK2Tlx1EVIUX4fjkHulbqz9GPJxDb
wnjhQTYQ6yXkEfXuQzwzc/t4j4dAsBw0gLwXv96lmZ9Ai2cCncwg+v8kLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCilxAQGhWCKSRvYIMW2/3pTIhx5MB8GA1UdIwQY
MBaAFCkMxNCtXa/CeqTjQvqA40gU6EXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYt
MmUwMDc4Y2VlMTgyLzEvS0tYRUJBYUZZSXBKRzlnZ3hiYl9lbE1pSEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYtMmUwMDc4Y2VlMTgy
LzEvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+OKAwQA
2Q1vMA0GCSqGSIb3DQEBCwUAA4IBAQBIMmVHZkcfyj6eiLExiJP3+lrjOJmjO/qw
3SumvcmBE+Fzmo5TXM0/taQMCDCQQOTF4FzV/dffYTXl/WwH3CTupSLP4S3bPqgy
rEK3viBlyIkDk41t2naFnwsATI5/DGYYPaOhCX1891DHer+3d6y1AeKimQHKhN/e
pt1dHO8/6qGkGnDs8pxv1xYxRP0yTxE1zZq0ePBsEolmOyqztZHkVSRbnVDTCUce
WUTopMlsO8uv0Fa5f++SNRWfIIgjOG4BPrkhrv+BggPe6kszxWnk/bdjMV/77c5G
JZvLL7Fn5i1FRnY0Z4EmBevrWLUwgylWHMKBBLj4BQpS/SP9VHsq
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:06:08 2025 by rpki-client