Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/kKRcJJ3nO7nQSXHZBGJsdQNPdik.roa
File: kKRcJJ3nO7nQSXHZBGJsdQNPdik.roa (raw, json)
Hash identifier: 7Y40gHNwAHIMv2PPeHbJWUicItspfRGaFE8pRCsvEVU=
Subject key identifier: 90:A4:5C:24:9D:E7:3B:B9:D0:49:71:D9:04:62:6C:75:03:4F:76:29
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 01856C0A2B864A2839C740452D8CE127ADAF
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/kKRcJJ3nO7nQSXHZBGJsdQNPdik.roa
Signing time: Sun 01 Jan 2023 06:34:43 +0000
ROA not before: Sun 01 Jan 2023 06:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15511
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:2b:86:4a:28:39:c7:40:45:2d:8c:e1:27:ad:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 06:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90a45c249de73bb9d04971d904626c75034f7629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a6:4d:c7:25:33:2f:e7:09:1f:bf:09:63:36:
9f:23:f7:82:b9:bc:b5:02:b9:e5:19:f0:99:84:de:
33:d2:be:5f:cc:35:98:6e:a7:48:03:b1:85:32:67:
25:49:3b:f4:9e:4d:9a:69:45:69:a5:db:7d:ab:3d:
a3:e0:69:f5:91:35:aa:96:25:d0:b8:eb:60:ef:3f:
bc:da:b9:bd:37:41:d8:de:6d:3f:49:c2:79:14:a5:
47:01:64:20:a2:af:31:60:6f:37:fa:11:0b:75:16:
d2:71:b2:cd:41:10:2e:65:c6:92:e4:17:a7:ba:55:
f6:03:40:f7:17:b6:55:7e:9e:c3:7f:da:ad:dd:a1:
55:5c:7b:27:e6:07:fa:13:fc:1d:95:b5:98:15:36:
b1:83:f4:4e:49:01:7d:5d:64:b1:30:1e:b0:fd:c5:
cc:1c:29:3c:6d:2c:5e:52:9f:33:55:5a:07:cd:a0:
d0:12:71:80:60:9f:0e:b1:bc:c6:28:bb:c4:38:d6:
a3:09:2d:6b:bd:98:66:08:f9:1f:ac:1a:8d:f2:2d:
df:45:41:2d:6e:b8:77:95:01:cf:34:7e:3f:3e:fe:
6f:6e:07:3d:cd:5a:fe:58:21:41:9a:61:8e:48:9e:
9d:70:2d:bb:7b:72:94:fe:5a:d4:7d:83:8e:09:d9:
72:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A4:5C:24:9D:E7:3B:B9:D0:49:71:D9:04:62:6C:75:03:4F:76:29
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/kKRcJJ3nO7nQSXHZBGJsdQNPdik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:25:9b:eb:29:35:1d:f7:2d:ba:2e:10:8c:3e:48:71:49:ef:
93:77:70:1c:04:c4:83:4a:29:3a:ce:7b:8f:a0:26:4e:f9:62:
62:a2:73:de:e5:53:ee:41:f7:94:b1:a8:76:2b:df:ec:97:71:
1b:24:a7:85:13:fa:54:19:47:79:e8:aa:78:b9:56:94:22:26:
f3:c5:18:60:dd:8d:fa:b2:6e:40:85:f5:02:7f:47:32:3d:f3:
bb:8a:f9:2a:45:95:49:1c:f9:3f:f4:98:df:33:de:bf:ce:86:
86:fb:67:5e:5e:55:33:69:d0:7a:ce:44:d4:b1:f9:4a:66:a4:
9c:8e:f8:f2:07:36:fe:58:4d:48:70:d8:c4:15:f4:d2:11:b7:
d1:54:d4:cd:a3:87:f8:36:e8:c4:e8:79:2a:f9:72:51:72:39:
6a:bf:da:86:a2:1f:e9:65:8f:99:81:27:d4:c6:0f:e8:4d:01:
ca:f3:e5:0e:fd:7f:5a:71:f2:ba:74:e6:0f:82:cd:ea:e8:7f:
4b:17:5e:ee:ad:81:aa:45:c3:13:e3:1e:13:4d:d5:79:cf:90:
ea:0e:34:07:77:b5:a7:a1:74:d1:7a:2a:84:18:01:bc:ef:b9:
60:8d:12:41:8e:93:e7:29:ba:98:1e:ec:65:c2:bc:ef:de:f8:
41:18:75:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCiuGSig5x0BFLYzhJ62vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjMwMTAxMDYzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE0NWMyNDlkZTczYmI5ZDA0OTcxZDkwNDYyNmM3NTAzNGY3NjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqZNxyUzL+cJH78JYzafI/eCuby1
ArnlGfCZhN4z0r5fzDWYbqdIA7GFMmclSTv0nk2aaUVppdt9qz2j4Gn1kTWqliXQ
uOtg7z+82rm9N0HY3m0/ScJ5FKVHAWQgoq8xYG83+hELdRbScbLNQRAuZcaS5Ben
ulX2A0D3F7ZVfp7Df9qt3aFVXHsn5gf6E/wdlbWYFTaxg/ROSQF9XWSxMB6w/cXM
HCk8bSxeUp8zVVoHzaDQEnGAYJ8OsbzGKLvEONajCS1rvZhmCPkfrBqN8i3fRUEt
brh3lQHPNH4/Pv5vbgc9zVr+WCFBmmGOSJ6dcC27e3KU/lrUfYOOCdly1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJCkXCSd5zu50Elx2QRibHUDT3YpMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEva0tSY0pKM25PN25RU1hIWkJHSnNkUU5QZGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQC/JZvrKTUd9y26LhCMPkhxSe+Td3AcBMSD
Sik6znuPoCZO+WJionPe5VPuQfeUsah2K9/sl3EbJKeFE/pUGUd56Kp4uVaUIibz
xRhg3Y36sm5AhfUCf0cyPfO7ivkqRZVJHPk/9JjfM96/zoaG+2deXlUzadB6zkTU
sflKZqScjvjyBzb+WE1IcNjEFfTSEbfRVNTNo4f4NujE6Hkq+XJRcjlqv9qGoh/p
ZY+ZgSfUxg/oTQHK8+UO/X9acfK6dOYPgs3q6H9LF17urYGqRcMT4x4TTdV5z5Dq
DjQHd7WnoXTReiqEGAG877lgjRJBjpPnKbqYHuxlwrzv3vhBGHXv
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:20 2024 by rpki-client on console-ams.rpki-client.org