Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/KKc0NhZiqbowJCSJzp06s8LYEI4.roa
File: KKc0NhZiqbowJCSJzp06s8LYEI4.roa (raw, json)
Hash identifier: ekwnJ3Yxk18XSY4u8sqU+wwBGR6PZ3WtG3zoc6jmMh8=
Subject key identifier: 28:A7:34:36:16:62:A9:BA:30:24:24:89:CE:9D:3A:B3:C2:D8:10:8E
Certificate issuer: /CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Certificate serial: 018FAC384F5030ABD1188F00AEBC7787F92D
Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/KKc0NhZiqbowJCSJzp06s8LYEI4.roa
Signing time: Fri 24 May 2024 20:08:42 +0000
ROA not before: Fri 24 May 2024 20:08:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.31.198.0/24 maxlen: 24
91.188.253.0/24 maxlen: 24
91.188.254.0/24 maxlen: 24
91.188.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 08:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ac:38:4f:50:30:ab:d1:18:8f:00:ae:bc:77:87:f9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Validity
Not Before: May 24 20:08:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28a734361662a9ba30242489ce9d3ab3c2d8108e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:15:33:73:27:6d:6d:cd:6f:61:2b:a2:69:
e2:fc:7d:9d:2e:eb:cd:ab:d7:46:1c:ba:ed:28:eb:
0e:29:80:a3:77:73:25:4f:88:87:97:3a:ab:a9:de:
e9:5a:45:5e:c9:e5:ac:36:bd:39:ad:c0:56:44:8c:
8d:d5:b4:aa:77:01:91:a1:f1:66:87:f0:31:d4:c2:
00:ab:43:95:69:fe:a8:eb:cd:38:bd:18:f2:2c:93:
25:78:30:ea:ed:0c:dd:2f:58:4f:b8:48:65:4e:27:
f9:f6:d8:26:53:43:61:7c:1c:36:fb:ab:af:a4:e8:
a7:46:81:5f:0f:3a:90:0c:61:c6:4b:81:04:c6:10:
39:03:e4:bb:a3:a4:64:01:d6:aa:a8:e5:67:ec:b5:
2b:65:60:86:db:f4:2d:4c:4f:c9:07:64:9e:4c:af:
9d:8a:8f:af:f6:19:05:3d:ad:aa:b4:87:f1:aa:08:
ca:58:24:5a:23:c9:95:a0:5d:2c:24:8e:f8:e8:c6:
22:9f:3b:81:e6:08:eb:5b:45:ce:1f:e6:07:4c:3b:
6c:23:ff:cf:64:b6:f8:53:8e:8f:d5:5e:a1:75:fe:
d7:ff:07:36:5f:2c:9e:5b:97:2c:0d:3e:33:92:e1:
bc:7b:0b:7a:b8:58:72:62:5b:09:79:de:65:65:37:
61:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A7:34:36:16:62:A9:BA:30:24:24:89:CE:9D:3A:B3:C2:D8:10:8E
X509v3 Authority Key Identifier:
keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/KKc0NhZiqbowJCSJzp06s8LYEI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.198.0/24
91.188.253.0-91.188.255.255
Signature Algorithm: sha256WithRSAEncryption
62:d1:d0:61:2b:65:c8:ba:f4:ef:78:52:08:1f:b4:80:f4:6a:
37:45:2b:0d:a4:66:e8:27:03:25:f4:1f:29:7c:e5:c0:05:8b:
62:93:60:33:75:1c:ff:8e:3d:7c:ed:a4:06:9d:01:41:9e:bf:
9d:95:46:27:af:39:f3:41:9b:df:f8:16:bf:d8:97:53:59:c8:
14:e2:d7:60:a7:1e:6a:1a:fc:4f:6f:b7:f0:23:42:0f:57:61:
c2:10:ef:ee:29:19:cd:58:e0:13:a1:75:ad:14:4d:f1:46:e0:
0f:af:d1:5a:d9:d4:74:a4:84:ff:b3:a7:ff:32:ab:5e:ca:ab:
79:52:49:ec:40:c7:51:dc:50:f4:42:12:92:77:ca:57:d3:df:
25:45:33:56:81:95:66:82:11:bb:69:81:37:2c:b2:db:2a:18:
0e:b2:c5:7c:2a:f5:7e:33:9b:ff:72:8f:c2:45:7f:0e:5e:d0:
33:d6:3b:46:19:1e:8b:19:b0:64:99:d1:0b:6a:d4:ec:2d:26:
72:f2:ba:61:34:52:81:a2:86:42:5c:76:81:e2:3f:dc:3a:34:
0d:99:59:48:70:b9:09:48:7a:d4:41:23:ef:93:63:6a:21:5a:
e1:89:81:31:fd:88:e8:77:f5:37:7f:2e:6d:5b:16:87:17:cf:
b7:a6:5a:f0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY+sOE9QMKvRGI8Arrx3h/ktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy
NDMxZjQwHhcNMjQwNTI0MjAwODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE3MzQzNjE2NjJhOWJhMzAyNDI0ODljZTlkM2FiM2MyZDgxMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV4VM3MnbW3Nb2Eromni/H2dLuvN
q9dGHLrtKOsOKYCjd3MlT4iHlzqrqd7pWkVeyeWsNr05rcBWRIyN1bSqdwGRofFm
h/Ax1MIAq0OVaf6o6804vRjyLJMleDDq7QzdL1hPuEhlTif59tgmU0NhfBw2+6uv
pOinRoFfDzqQDGHGS4EExhA5A+S7o6RkAdaqqOVn7LUrZWCG2/QtTE/JB2SeTK+d
io+v9hkFPa2qtIfxqgjKWCRaI8mVoF0sJI746MYinzuB5gjrW0XOH+YHTDtsI//P
ZLb4U46P1V6hdf7X/wc2XyyeW5csDT4zkuG8ewt6uFhyYlsJed5lZTdhIwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCinNDYWYqm6MCQkic6dOrPC2BCOMB8GA1UdIwQY
MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et
OTJjM2JmNzRhOTdiLzEvS0tjME5oWmlxYm93SkNTSnpwMDZzOExZRUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi
LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQAUR/GMAsD
BABbvP0DAwBbvDANBgkqhkiG9w0BAQsFAAOCAQEAYtHQYStlyLr073hSCB+0gPRq
N0UrDaRm6CcDJfQfKXzlwAWLYpNgM3Uc/449fO2kBp0BQZ6/nZVGJ68580Gb3/gW
v9iXU1nIFOLXYKceahr8T2+38CNCD1dhwhDv7ikZzVjgE6F1rRRN8UbgD6/RWtnU
dKSE/7On/zKrXsqreVJJ7EDHUdxQ9EISknfKV9PfJUUzVoGVZoIRu2mBNyyy2yoY
DrLFfCr1fjOb/3KPwkV/Dl7QM9Y7RhkeixmwZJnRC2rU7C0mcvK6YTRSgaKGQlx2
geI/3Do0DZlZSHC5CUh61EEj75NjaiFa4YmBMf2I6Hf1N38ubVsWhxfPt6Za8A==
-----END CERTIFICATE-----
Generated at Mon Jun 24 13:02:53 2024 by rpki-client on console-fra.rpki-client.org