Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/Kn0i7LWYmF2w0vFn3tI9Gdv5OV8.roa
File: Kn0i7LWYmF2w0vFn3tI9Gdv5OV8.roa (raw, json)
Hash identifier: 1pbec8MWv6iFiueVDhpbvwrjzyopYzs0+fZahBn76U8=
Subject key identifier: 2A:7D:22:EC:B5:98:98:5D:B0:D2:F1:67:DE:D2:3D:19:DB:F9:39:5F
Certificate issuer: /CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Certificate serial: 01856EC20020EAC569267D8272783EACB3BC
Authority key identifier: E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/Kn0i7LWYmF2w0vFn3tI9Gdv5OV8.roa
Signing time: Sun 01 Jan 2023 19:14:45 +0000
ROA not before: Sun 01 Jan 2023 19:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3246
IP address blocks: 185.143.148.0/22 maxlen: 22
91.142.112.0/20 maxlen: 20
2a00:17b0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:00:20:ea:c5:69:26:7d:82:72:78:3e:ac:b3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Validity
Not Before: Jan 1 19:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a7d22ecb598985db0d2f167ded23d19dbf9395f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5b:98:c6:a7:de:07:9e:99:77:79:d8:7d:4e:
29:97:6a:c4:50:f0:78:e2:0e:d2:eb:8d:32:a0:d4:
2f:c3:14:8a:cf:b4:99:af:d5:cd:9e:9c:0c:58:59:
c2:1d:9f:03:67:61:a2:b1:f2:48:c3:a1:7f:e6:ea:
31:5f:47:01:0e:3e:c9:98:56:07:5e:13:05:27:ec:
79:b9:7b:b9:06:df:2b:84:d7:31:32:d1:0d:ce:0d:
24:5b:09:d0:2b:82:aa:df:4a:e4:0f:fb:06:8e:ad:
18:05:49:ba:f3:45:96:0d:02:c1:02:d0:83:2d:7f:
a6:b0:1d:d6:f6:06:09:0b:96:6e:6e:1d:42:f9:5c:
22:73:28:0b:d8:76:b9:4a:d3:03:b9:68:00:4e:f0:
f6:85:3d:48:ef:e9:8b:1f:20:97:b6:fb:b3:13:73:
4b:7b:05:34:07:9b:56:10:90:a3:6e:22:e2:72:72:
8d:98:09:5d:c7:86:2d:01:63:eb:e9:d9:ab:1c:a6:
df:68:e7:57:73:47:e9:68:4d:69:90:70:25:46:3a:
80:90:1a:de:3c:04:c6:d7:fa:4a:ec:6e:e0:69:15:
f1:30:7f:16:61:0c:42:44:0a:57:79:01:ac:82:19:
71:70:35:68:ca:9d:6a:8e:82:d2:94:53:de:a0:9c:
5f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7D:22:EC:B5:98:98:5D:B0:D2:F1:67:DE:D2:3D:19:DB:F9:39:5F
X509v3 Authority Key Identifier:
keyid:E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/Kn0i7LWYmF2w0vFn3tI9Gdv5OV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/6KMuimrG9uw3hg7nwH6435MUd3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.112.0/20
185.143.148.0/22
IPv6:
2a00:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
16:0e:82:0d:86:03:a2:6c:c1:00:1d:9a:f6:18:55:f0:e9:d0:
9c:88:db:1b:ee:16:79:99:1c:66:bc:56:e5:fc:66:a0:c4:86:
51:59:f2:0b:df:f9:56:51:b2:4c:17:18:70:28:30:68:cf:00:
5e:e7:21:80:52:90:9e:29:7d:65:2d:95:e5:6d:1e:8c:ce:4d:
a5:9d:f9:73:f9:2d:86:3b:0b:08:34:3f:34:fe:eb:f8:5c:bc:
46:b2:82:c6:1c:74:e7:42:70:7f:3f:35:be:81:13:28:1c:cf:
20:23:52:73:fb:e2:39:c5:18:ba:19:71:1c:c9:a2:14:3e:61:
e2:33:bc:d5:76:f6:ef:8a:e8:80:96:64:69:0f:37:78:ff:ce:
65:9f:03:65:77:e6:5e:de:d9:44:6a:bd:51:0b:26:2e:da:a9:
a3:b7:6c:41:81:e6:e7:35:9d:82:98:1a:86:79:82:15:77:ef:
4e:8c:23:03:83:73:2f:91:7c:38:63:50:09:d9:15:58:5c:c3:
92:a7:a9:42:ab:49:9e:19:a7:63:7d:d1:c8:63:1c:33:9b:b9:
37:3d:01:d9:01:b8:ba:0c:02:34:e3:e1:02:55:ec:42:bd:a4:
1a:e6:09:3c:cc:4a:c0:c2:99:bc:8b:de:3e:99:aa:c8:fc:fd:
f5:38:20:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuwgAg6sVpJn2Ccng+rLO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTMyZThhNmFjNmY2ZWMzNzg2MGVlN2MwN2ViOGRmOTMx
NDc3NzkwHhcNMjMwMTAxMTkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdkMjJlY2I1OTg5ODVkYjBkMmYxNjdkZWQyM2QxOWRiZjkzOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFuYxqfeB56Zd3nYfU4pl2rEUPB4
4g7S640yoNQvwxSKz7SZr9XNnpwMWFnCHZ8DZ2GisfJIw6F/5uoxX0cBDj7JmFYH
XhMFJ+x5uXu5Bt8rhNcxMtENzg0kWwnQK4Kq30rkD/sGjq0YBUm680WWDQLBAtCD
LX+msB3W9gYJC5Zubh1C+VwicygL2Ha5StMDuWgATvD2hT1I7+mLHyCXtvuzE3NL
ewU0B5tWEJCjbiLicnKNmAldx4YtAWPr6dmrHKbfaOdXc0fpaE1pkHAlRjqAkBre
PATG1/pK7G7gaRXxMH8WYQxCRApXeQGsghlxcDVoyp1qjoLSlFPeoJxfuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCp9Iuy1mJhdsNLxZ97SPRnb+TlfMB8GA1UdIwQY
MBaAFOijLopqxvbsN4YO58B+uN+TFHd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEt
NGZhNTM3ZGJlMmU5LzEvS24waTdMV1ltRjJ3MHZGbjN0STlHZHY1T1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEtNGZhNTM3ZGJlMmU5
LzEvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEW45wAwQC
uY+UMA0EAgACMAcDBQAqABewMA0GCSqGSIb3DQEBCwUAA4IBAQAWDoINhgOibMEA
HZr2GFXw6dCciNsb7hZ5mRxmvFbl/GagxIZRWfIL3/lWUbJMFxhwKDBozwBe5yGA
UpCeKX1lLZXlbR6Mzk2lnflz+S2GOwsIND80/uv4XLxGsoLGHHTnQnB/PzW+gRMo
HM8gI1Jz++I5xRi6GXEcyaIUPmHiM7zVdvbviuiAlmRpDzd4/85lnwNld+Ze3tlE
ar1RCyYu2qmjt2xBgebnNZ2CmBqGeYIVd+9OjCMDg3MvkXw4Y1AJ2RVYXMOSp6lC
q0meGadjfdHIYxwzm7k3PQHZAbi6DAI04+ECVexCvaQa5gk8zErAwpm8i94+marI
/P31OCBV
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:35 2024 by rpki-client on console-ams.rpki-client.org