Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KNel6IG5g9XoUbaY7ckQhmwlmwY.roa
File: KNel6IG5g9XoUbaY7ckQhmwlmwY.roa (raw, json)
Hash identifier: 41FqmxZnBbTgF2jeR3kCwVDuK9MbMxesbpXHc1O+FiI=
Subject key identifier: 28:D7:A5:E8:81:B9:83:D5:E8:51:B6:98:ED:C9:10:86:6C:25:9B:06
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018ECCBD6131C5656368333A9A2BA89B08DD
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KNel6IG5g9XoUbaY7ckQhmwlmwY.roa
Signing time: Thu 11 Apr 2024 10:39:06 +0000
ROA not before: Thu 11 Apr 2024 10:39:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60544
IP address blocks: 62.76.205.0/24 maxlen: 32
195.209.149.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 24 Oct 2024 13:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:bd:61:31:c5:65:63:68:33:3a:9a:2b:a8:9b:08:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Apr 11 10:39:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28d7a5e881b983d5e851b698edc910866c259b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ea:bb:6b:b8:5f:ea:7d:78:cb:7d:15:de:c3:
25:16:23:c1:0a:36:a9:0e:a0:30:e6:83:24:ba:bf:
47:7c:49:e2:26:5a:40:4e:73:ea:33:b9:8c:3d:b1:
42:00:26:9a:b4:15:8c:60:ee:ae:c0:82:b3:a3:7b:
7e:b5:16:cf:76:a9:53:5d:ba:00:a3:e5:20:63:48:
92:34:44:bb:9b:0c:b4:58:4e:3a:6e:47:db:0b:4f:
3a:1b:47:bb:b5:65:dd:e1:0b:42:26:c3:cb:7e:7d:
e3:25:6f:8a:49:30:f1:38:1c:77:34:d4:da:c1:46:
2d:8a:dd:41:6a:5d:e2:73:42:b2:50:7a:22:c0:80:
4c:74:0d:db:0b:2b:a3:d2:93:ba:13:36:ef:c7:95:
a0:bc:d2:f4:7a:de:76:fe:be:13:58:91:91:72:34:
ef:69:f1:82:1e:90:07:92:09:bb:d3:3b:3b:0d:79:
24:19:1c:3c:db:e1:54:21:7b:e9:35:f2:71:a9:d9:
c2:27:e0:c0:00:f1:30:39:88:e4:06:77:bc:a3:90:
3f:a6:0f:71:cf:b8:b8:2c:6a:77:01:b8:ad:e6:cc:
88:04:6d:ad:d7:76:e5:94:26:79:3f:fb:60:10:82:
cc:15:a7:c7:ba:e4:8f:7d:d0:1e:88:2d:6c:08:ac:
27:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D7:A5:E8:81:B9:83:D5:E8:51:B6:98:ED:C9:10:86:6C:25:9B:06
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KNel6IG5g9XoUbaY7ckQhmwlmwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.205.0/24
195.209.149.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:bb:74:74:6a:fd:fb:97:91:66:0b:39:25:45:20:c1:b3:ab:
61:0a:7b:74:7e:a7:5c:f2:23:b5:04:72:4b:68:46:bc:45:29:
b0:d5:60:ba:94:75:2d:1d:17:e0:00:9f:55:e3:26:1f:f6:84:
52:3a:04:5b:ee:cc:a6:72:eb:cd:b9:08:3a:46:ff:20:1d:41:
19:b8:81:f7:5c:ca:6b:d1:99:f6:bd:cd:d2:86:17:a9:b8:bd:
14:5a:5e:e2:ff:8d:1d:30:e3:d3:cc:a6:82:b4:a0:17:48:10:
0e:27:80:1d:25:3d:6b:16:5e:77:5f:04:17:b5:d3:66:3b:4c:
cf:a8:ba:3c:52:76:87:ce:3d:56:36:97:f7:42:7e:7b:85:80:
fc:8a:dd:8c:f3:34:e4:cf:fd:2c:72:22:03:c2:b3:2f:a5:d4:
c1:f6:39:c5:31:45:38:ba:8b:72:7e:8d:a1:4b:52:7c:64:d6:
85:a4:d2:9b:70:aa:cb:9a:bd:0a:3d:f3:42:72:15:f2:d6:86:
b5:e4:1d:2c:dd:70:b2:47:27:e5:fb:a1:fc:51:ce:28:11:3f:
9b:c1:de:64:7f:8a:ef:fb:a9:cf:3c:92:b9:06:46:07:43:3a:
56:88:10:7b:df:4e:49:f6:90:db:9e:6c:45:94:8b:61:10:c2:
59:bf:cd:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7MvWExxWVjaDM6miuomwjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwNDExMTAzOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ3YTVlODgxYjk4M2Q1ZTg1MWI2OThlZGM5MTA4NjZjMjU5YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuq7a7hf6n14y30V3sMlFiPBCjap
DqAw5oMkur9HfEniJlpATnPqM7mMPbFCACaatBWMYO6uwIKzo3t+tRbPdqlTXboA
o+UgY0iSNES7mwy0WE46bkfbC086G0e7tWXd4QtCJsPLfn3jJW+KSTDxOBx3NNTa
wUYtit1Bal3ic0KyUHoiwIBMdA3bCyuj0pO6Ezbvx5WgvNL0et52/r4TWJGRcjTv
afGCHpAHkgm70zs7DXkkGRw82+FUIXvpNfJxqdnCJ+DAAPEwOYjkBne8o5A/pg9x
z7i4LGp3Abit5syIBG2t13bllCZ5P/tgEILMFafHuuSPfdAeiC1sCKwnxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCjXpeiBuYPV6FG2mO3JEIZsJZsGMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvS05lbDZJRzVnOVhvVWJhWTdja1FobXdsbXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkzNAwQA
w9GVMA0GCSqGSIb3DQEBCwUAA4IBAQAvu3R0av37l5FmCzklRSDBs6thCnt0fqdc
8iO1BHJLaEa8RSmw1WC6lHUtHRfgAJ9V4yYf9oRSOgRb7symcuvNuQg6Rv8gHUEZ
uIH3XMpr0Zn2vc3ShhepuL0UWl7i/40dMOPTzKaCtKAXSBAOJ4AdJT1rFl53XwQX
tdNmO0zPqLo8UnaHzj1WNpf3Qn57hYD8it2M8zTkz/0sciIDwrMvpdTB9jnFMUU4
uotyfo2hS1J8ZNaFpNKbcKrLmr0KPfNCchXy1oa15B0s3XCyRyfl+6H8Uc4oET+b
wd5kf4rv+6nPPJK5BkYHQzpWiBB7305J9pDbnmxFlIthEMJZv80J
-----END CERTIFICATE-----
Generated at Thu Oct 24 19:18:19 2024 by rpki-client on console-ams.rpki-client.org