Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/KmNC_h0Az5YrNdV6QalxTpAtYhA.roa
File: KmNC_h0Az5YrNdV6QalxTpAtYhA.roa (raw, json)
Hash identifier: J03Hmpj46uc7JnfVFSGPnhPo8PqYDXSb482irs+Q9C4=
Subject key identifier: 2A:63:42:FE:1D:00:CF:96:2B:35:D5:7A:41:A9:71:4E:90:2D:62:10
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D6640C8F2716E129677C14920A02953
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/KmNC_h0Az5YrNdV6QalxTpAtYhA.roa
Signing time: Sun 01 Jan 2023 12:54:55 +0000
ROA not before: Sun 01 Jan 2023 12:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24640
IP address blocks: 80.86.182.0/23 maxlen: 23
80.86.181.0/24 maxlen: 24
81.209.180.0/22 maxlen: 22
81.209.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:40:c8:f2:71:6e:12:96:77:c1:49:20:a0:29:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a6342fe1d00cf962b35d57a41a9714e902d6210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:00:ad:5e:20:54:06:4b:17:6a:21:de:eb:44:
ce:1e:4a:7d:eb:f4:71:6c:9a:1d:ca:5f:9e:de:6f:
54:24:37:44:83:0d:e8:10:7c:93:ce:94:ed:93:f4:
46:22:36:16:ba:79:05:54:d0:5f:89:7c:af:75:fa:
27:21:74:e4:76:2d:e0:83:e7:07:3e:62:c5:1e:98:
c5:dd:85:e1:9f:b3:5f:6f:ab:14:2a:2b:4e:f4:aa:
a7:72:26:9a:e3:3d:41:98:4e:08:10:ac:01:04:70:
3f:dc:33:64:4a:d5:c8:48:83:e0:03:93:41:cd:bb:
c8:f9:0a:a0:5e:8d:8c:e8:3b:e4:13:9d:8c:cd:9f:
e4:e2:39:51:6e:17:b0:a2:f8:97:ab:4c:6a:19:f7:
47:7e:03:b4:e1:16:b1:d7:46:25:6b:49:f3:b4:84:
aa:ba:2b:aa:66:fb:4d:41:6c:84:64:9e:04:dd:eb:
cf:bd:f3:46:49:0e:b0:da:ca:0e:8c:38:04:ee:68:
55:6c:4d:3d:2a:04:ae:5d:e8:83:e6:d0:bb:9f:eb:
8b:7f:e9:a9:60:73:8c:15:44:78:fc:2e:c7:56:59:
fe:3a:f2:fb:6a:be:27:2f:64:af:0e:80:20:db:5c:
f8:f4:52:8c:61:7f:e6:03:f9:4e:8f:0e:a1:c3:55:
ed:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:63:42:FE:1D:00:CF:96:2B:35:D5:7A:41:A9:71:4E:90:2D:62:10
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/KmNC_h0Az5YrNdV6QalxTpAtYhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.181.0-80.86.183.255
81.209.180.0/22
81.209.196.0/22
Signature Algorithm: sha256WithRSAEncryption
27:70:d8:d0:78:dd:84:b3:4d:91:85:26:a9:b5:40:c9:96:84:
e8:da:2e:d2:65:58:de:8e:78:3c:a6:3b:f9:da:8f:77:44:62:
35:be:40:bf:fd:f9:b9:72:24:8a:b2:ba:82:0e:c6:c0:1c:a7:
bb:a3:5b:d4:b3:bd:f0:93:0d:72:6a:ee:fb:eb:25:65:d9:8f:
10:a7:83:27:18:ba:53:58:7f:3f:4a:17:cf:40:e7:a7:3b:e3:
e8:ee:dc:61:80:53:81:b6:58:18:11:9f:ca:e2:fe:6c:f8:77:
fe:21:67:39:f5:06:ab:6a:b9:be:a1:7f:27:87:5e:1d:0d:c4:
84:6e:95:fa:e2:a5:29:41:f0:eb:75:39:59:46:19:ce:d8:c7:
e7:7d:8a:86:9c:0c:6d:d5:95:07:27:48:90:39:ee:76:4b:41:
f9:03:ef:6b:06:f4:3b:b2:1e:4c:ea:87:59:c6:c4:fa:d5:4b:
b0:ab:bb:a1:4d:ae:78:c4:dd:ef:85:71:99:e5:f4:17:4c:5e:
97:6c:9b:20:f1:63:30:db:78:24:82:46:3d:9b:e2:8f:fd:83:
79:a7:e5:12:31:64:27:ed:95:74:ba:e8:3f:a8:5b:37:40:0f:
9a:f4:ec:b3:84:0e:95:05:79:66:96:43:40:de:cd:33:f9:dd:
1a:44:81:32
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVtZkDI8nFuEpZ3wUkgoClTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTYzNDJmZTFkMDBjZjk2MmIzNWQ1N2E0MWE5NzE0ZTkwMmQ2MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QCtXiBUBksXaiHe60TOHkp96/Rx
bJodyl+e3m9UJDdEgw3oEHyTzpTtk/RGIjYWunkFVNBfiXyvdfonIXTkdi3gg+cH
PmLFHpjF3YXhn7Nfb6sUKitO9Kqnciaa4z1BmE4IEKwBBHA/3DNkStXISIPgA5NB
zbvI+QqgXo2M6DvkE52MzZ/k4jlRbhewoviXq0xqGfdHfgO04Rax10Yla0nztISq
uiuqZvtNQWyEZJ4E3evPvfNGSQ6w2soOjDgE7mhVbE09KgSuXeiD5tC7n+uLf+mp
YHOMFUR4/C7HVln+OvL7ar4nL2SvDoAg21z49FKMYX/mA/lOjw6hw1XtxQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCpjQv4dAM+WKzXVekGpcU6QLWIQMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvS21OQ19oMEF6NVlyTmRWNlFhbHhUcEF0WWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABQVrUD
BANQVrADBAJR0bQDBAJR0cQwDQYJKoZIhvcNAQELBQADggEBACdw2NB43YSzTZGF
Jqm1QMmWhOjaLtJlWN6OeDymO/naj3dEYjW+QL/9+blyJIqyuoIOxsAcp7ujW9Sz
vfCTDXJq7vvrJWXZjxCngycYulNYfz9KF89A56c74+ju3GGAU4G2WBgRn8ri/mz4
d/4hZzn1Bqtqub6hfyeHXh0NxIRulfripSlB8Ot1OVlGGc7Yx+d9ioacDG3VlQcn
SJA57nZLQfkD72sG9DuyHkzqh1nGxPrVS7Cru6FNrnjE3e+FcZnl9BdMXpdsmyDx
YzDbeCSCRj2b4o/9g3mn5RIxZCftlXS66D+oWzdAD5r07LOEDpUFeWaWQ0DezTP5
3RpEgTI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:10 2024 by rpki-client on console-ams.rpki-client.org