Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/kKcYG_pL1W15_8Ic3EnuxltUIzQ.roa
File: kKcYG_pL1W15_8Ic3EnuxltUIzQ.roa (raw, json)
Hash identifier: bPnZQ48AnAEF1t5EzJi4I8PUH8DSzJnhurnlDPGItWM=
Subject key identifier: 90:A7:18:1B:FA:4B:D5:6D:79:FF:C2:1C:DC:49:EE:C6:5B:54:23:34
Certificate issuer: /CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Certificate serial: 0187033F85D4BA6485C5D47FE11402BB0669
Authority key identifier: D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/kKcYG_pL1W15_8Ic3EnuxltUIzQ.roa
Signing time: Tue 21 Mar 2023 08:18:27 +0000
ROA not before: Tue 21 Mar 2023 08:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39010
IP address blocks: 185.118.25.0/24 maxlen: 24
185.118.27.0/24 maxlen: 24
185.118.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:3f:85:d4:ba:64:85:c5:d4:7f:e1:14:02:bb:06:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Validity
Not Before: Mar 21 08:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90a7181bfa4bd56d79ffc21cdc49eec65b542334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d9:b1:9f:df:06:e8:1f:15:b1:b8:63:55:b5:
84:9a:6f:99:f5:6a:e3:02:9e:c0:4e:55:88:47:89:
42:6c:46:af:fe:56:43:1f:7e:b8:e3:6f:de:4a:96:
62:61:e8:4b:ed:26:89:f7:f0:69:e5:19:e8:d6:12:
6e:92:1d:ed:87:24:a4:08:f5:f4:72:d8:02:93:57:
da:1a:be:f8:2f:e2:28:b7:08:5d:91:ae:66:25:06:
9f:9f:43:77:01:71:7b:51:c6:ce:e7:55:05:4d:47:
20:5f:58:d8:2c:42:81:ce:c4:be:c0:23:46:a7:45:
db:b8:8f:3d:56:6e:db:18:10:34:c2:35:86:6b:b2:
30:7a:af:05:9a:bb:86:5f:b0:71:6d:fb:be:b1:e5:
82:e9:76:90:dc:e3:7e:9b:ac:f5:22:82:20:30:09:
0e:0f:26:39:c6:cf:c1:b2:0a:01:9a:ea:1d:8d:2a:
2a:59:08:08:66:17:1b:eb:98:1b:81:0f:61:24:5d:
c8:4f:65:1c:a7:cf:f7:fa:97:19:78:a3:ed:71:30:
b8:04:21:94:49:6f:3d:6c:09:51:c1:66:1f:b2:62:
b2:f3:d5:99:ef:db:39:b9:2f:01:bd:3c:4a:2e:c8:
61:4f:4a:86:c3:5a:8e:3b:1a:bc:7d:e1:3e:94:13:
e0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A7:18:1B:FA:4B:D5:6D:79:FF:C2:1C:DC:49:EE:C6:5B:54:23:34
X509v3 Authority Key Identifier:
keyid:D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/kKcYG_pL1W15_8Ic3EnuxltUIzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/1_fxawWhEjFRpnekesLY2QYd85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.24.0/23
185.118.27.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:05:9e:ac:15:1e:de:67:ae:e2:83:32:b5:48:d4:20:88:2b:
9a:70:47:53:8f:de:55:db:77:dd:8b:d5:2b:d1:60:15:8e:3c:
84:69:27:e9:6f:43:0e:8b:f0:37:60:19:b8:32:b5:02:7a:23:
d7:6f:26:a5:08:95:2e:2a:50:f1:80:df:b8:99:22:cb:61:4f:
5c:d8:74:62:e1:26:7a:24:d8:39:e9:5f:40:4f:af:dd:2c:61:
60:e1:12:5d:76:79:4a:3b:d1:e1:2c:67:c2:c2:31:6b:68:dd:
af:89:2a:65:17:2b:d8:33:3d:e9:db:94:f7:dc:ed:32:a9:68:
44:90:6d:dd:cb:06:13:e5:bd:ec:cb:b2:5b:01:db:5d:d3:06:
2f:25:c8:42:27:08:fa:51:19:30:d3:97:7c:0b:06:4c:f5:77:
ba:fd:55:d1:24:d4:a7:af:38:70:d2:33:df:d6:ff:f9:d9:c7:
da:46:b2:45:67:bb:cf:0a:53:44:db:0b:b2:a3:a7:b6:19:44:
34:f6:b5:c2:97:e9:7f:56:6f:6f:c5:c0:fb:ed:8a:fe:f7:a8:
f0:b6:6f:ce:c9:20:8f:e4:6d:a5:3c:b6:48:d4:4e:a2:5d:40:
58:94:c3:d3:e1:9f:d6:43:56:45:5e:d4:96:d0:63:4b:0a:cb:
2d:e1:01:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcDP4XUumSFxdR/4RQCuwZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjdmMTZiMDVhMTEyMzE1MWE2NzdhNDdhYzJkOGQ5MDYx
ZGYzOTAwHhcNMjMwMzIxMDgxODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE3MTgxYmZhNGJkNTZkNzlmZmMyMWNkYzQ5ZWVjNjViNTQyMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNmxn98G6B8VsbhjVbWEmm+Z9Wrj
Ap7ATlWIR4lCbEav/lZDH36442/eSpZiYehL7SaJ9/Bp5Rno1hJukh3thySkCPX0
ctgCk1faGr74L+Iotwhdka5mJQafn0N3AXF7UcbO51UFTUcgX1jYLEKBzsS+wCNG
p0XbuI89Vm7bGBA0wjWGa7Iweq8FmruGX7Bxbfu+seWC6XaQ3ON+m6z1IoIgMAkO
DyY5xs/BsgoBmuodjSoqWQgIZhcb65gbgQ9hJF3IT2Ucp8/3+pcZeKPtcTC4BCGU
SW89bAlRwWYfsmKy89WZ79s5uS8BvTxKLshhT0qGw1qOOxq8feE+lBPgqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJCnGBv6S9Vtef/CHNxJ7sZbVCM0MB8GA1UdIwQY
MBaAFNf38WsFoRIxUaZ3pHrC2NkGHfOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYt
NmNiZTk0OTUzMmU0LzEva0tjWUdfcEwxVzE1XzhJYzNFbnV4bHRVSXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYtNmNiZTk0OTUzMmU0
LzEvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuXYYAwQA
uXYbMA0GCSqGSIb3DQEBCwUAA4IBAQBMBZ6sFR7eZ67igzK1SNQgiCuacEdTj95V
23fdi9Ur0WAVjjyEaSfpb0MOi/A3YBm4MrUCeiPXbyalCJUuKlDxgN+4mSLLYU9c
2HRi4SZ6JNg56V9AT6/dLGFg4RJddnlKO9HhLGfCwjFraN2viSplFyvYMz3p25T3
3O0yqWhEkG3dywYT5b3sy7JbAdtd0wYvJchCJwj6URkw05d8CwZM9Xe6/VXRJNSn
rzhw0jPf1v/52cfaRrJFZ7vPClNE2wuyo6e2GUQ09rXCl+l/Vm9vxcD77Yr+96jw
tm/OySCP5G2lPLZI1E6iXUBYlMPT4Z/WQ1ZFXtSW0GNLCsst4QG2
-----END CERTIFICATE-----
Generated at Wed Dec 27 14:22:47 2023 by rpki-client on console-fra.rpki-client.org