Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/KpknqUXuZPPXqzzCA4tj--2yE8w.roa
File: KpknqUXuZPPXqzzCA4tj--2yE8w.roa (raw, json)
Hash identifier: wDSIw1mWK5wPOL5B3g9Yo9xiJKcM2GMsjZitNKrNo8s=
Subject key identifier: 2A:99:27:A9:45:EE:64:F3:D7:AB:3C:C2:03:8B:63:FB:ED:B2:13:CC
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0186B5E26D832988F906B612A6DBDD8110BF
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/KpknqUXuZPPXqzzCA4tj--2yE8w.roa
Signing time: Mon 06 Mar 2023 07:46:00 +0000
ROA not before: Mon 06 Mar 2023 07:46:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207702
IP address blocks: 185.226.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:e2:6d:83:29:88:f9:06:b6:12:a6:db:dd:81:10:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Mar 6 07:46:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a9927a945ee64f3d7ab3cc2038b63fbedb213cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:c7:97:72:df:43:f4:2c:8c:33:dd:9a:07:
25:78:78:42:c7:1c:4e:c3:1b:ac:60:b1:5e:e0:b0:
4c:39:b1:8d:8d:8b:14:e2:23:2d:5d:7c:ce:98:b4:
5c:8b:88:ea:23:95:65:28:18:81:9d:3d:61:de:97:
0b:26:25:a1:f2:04:f8:45:b8:78:52:eb:5b:80:f2:
05:b2:3c:6d:ea:dd:92:b8:65:17:be:d0:78:41:72:
b1:89:3b:06:fe:a3:6a:70:11:72:e1:d6:5a:62:d8:
b6:39:20:c5:78:09:20:6e:17:ab:a2:d4:86:8a:35:
fa:ae:4b:68:8d:b7:6b:dc:5a:aa:eb:82:10:fc:ef:
4b:7f:9a:d7:fa:2e:1d:99:2b:68:7a:9b:91:5f:2c:
16:53:b7:24:33:f4:4a:aa:49:a0:83:e3:ed:68:85:
b2:0e:6c:48:6d:9b:89:62:91:10:cc:5a:60:e7:d3:
8d:7a:bc:10:d6:b3:97:ba:d2:80:eb:0f:d2:fb:ca:
b6:1a:5a:19:4e:97:99:b9:18:15:bf:c0:fa:d1:b9:
c7:72:27:62:ee:bf:ec:d8:13:8d:61:ee:d0:71:e6:
23:76:23:3b:e2:0c:75:28:79:b6:03:53:60:3a:52:
07:d2:e6:d3:b6:6e:8b:2b:35:ea:ec:b6:5c:7f:48:
6d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:99:27:A9:45:EE:64:F3:D7:AB:3C:C2:03:8B:63:FB:ED:B2:13:CC
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/KpknqUXuZPPXqzzCA4tj--2yE8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.230.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:75:37:d6:c2:03:01:4f:7e:2e:d0:02:a0:e3:28:fd:a9:7e:
0f:23:de:c0:d5:23:40:5e:f8:58:0b:bd:4a:d0:f2:5b:d4:7f:
50:ab:f3:d5:33:08:08:58:f7:69:7d:25:54:01:49:70:35:f3:
0c:2a:65:1f:be:9f:ee:0a:38:45:d2:fc:ff:9d:06:87:39:33:
19:15:f0:9d:22:f6:9c:df:b5:f4:4c:d8:a9:6a:68:58:cd:c4:
3b:40:b0:ac:2a:67:06:c3:44:37:92:a1:41:6e:9a:ab:58:98:
f0:98:6a:5c:42:0f:a6:6b:a0:df:14:78:9b:ec:bc:41:28:de:
26:ae:5b:54:2b:75:58:2a:b2:83:4e:d5:ce:e3:04:ea:bf:82:
ad:c2:29:e9:ec:6b:7e:94:33:cc:07:0c:0a:9d:d7:c0:42:a4:
ff:73:c2:15:48:23:e8:4b:51:a0:2a:c6:0f:b2:d2:d1:7d:94:
0b:86:ef:8a:e7:59:da:46:b1:2a:3a:9e:96:1b:d1:8a:d1:04:
22:b9:55:3e:8b:21:52:ef:a2:23:50:fe:03:6d:e1:5a:af:a2:
b7:45:a8:8f:c8:3a:fa:99:fe:cf:a2:f4:f2:66:69:72:de:04:
b6:36:ff:87:5e:ab:2f:c6:9c:d0:e2:2a:ff:0f:56:7b:ce:85:
c2:e9:2d:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa14m2DKYj5BrYSptvdgRC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwMzA2MDc0NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk5MjdhOTQ1ZWU2NGYzZDdhYjNjYzIwMzhiNjNmYmVkYjIxM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArETHl3LfQ/QsjDPdmgcleHhCxxxO
wxusYLFe4LBMObGNjYsU4iMtXXzOmLRci4jqI5VlKBiBnT1h3pcLJiWh8gT4Rbh4
UutbgPIFsjxt6t2SuGUXvtB4QXKxiTsG/qNqcBFy4dZaYti2OSDFeAkgbherotSG
ijX6rktojbdr3Fqq64IQ/O9Lf5rX+i4dmStoepuRXywWU7ckM/RKqkmgg+PtaIWy
DmxIbZuJYpEQzFpg59ONerwQ1rOXutKA6w/S+8q2GloZTpeZuRgVv8D60bnHcidi
7r/s2BONYe7QceYjdiM74gx1KHm2A1NgOlIH0ubTtm6LKzXq7LZcf0ht7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqZJ6lF7mTz16s8wgOLY/vtshPMMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvS3BrbnFVWHVaUFBYcXp6Q0E0dGotLTJ5RTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueLmMA0G
CSqGSIb3DQEBCwUAA4IBAQBrdTfWwgMBT34u0AKg4yj9qX4PI97A1SNAXvhYC71K
0PJb1H9Qq/PVMwgIWPdpfSVUAUlwNfMMKmUfvp/uCjhF0vz/nQaHOTMZFfCdIvac
37X0TNipamhYzcQ7QLCsKmcGw0Q3kqFBbpqrWJjwmGpcQg+ma6DfFHib7LxBKN4m
rltUK3VYKrKDTtXO4wTqv4Ktwinp7Gt+lDPMBwwKndfAQqT/c8IVSCPoS1GgKsYP
stLRfZQLhu+K51naRrEqOp6WG9GK0QQiuVU+iyFS76IjUP4DbeFar6K3RaiPyDr6
mf7PovTyZmly3gS2Nv+HXqsvxpzQ4ir/D1Z7zoXC6S06
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org