Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b0f31d-b4bf-450d-9acd-0a6b536c4394/1/KwzuvzwWR07QZeobnVqgwtU448M.roa
File: KwzuvzwWR07QZeobnVqgwtU448M.roa (raw, json)
Hash identifier: YXM8AC3NNmMeAr33XsG1TKcYbZMQEwiOGbMb090rFZw=
Subject key identifier: 2B:0C:EE:BF:3C:16:47:4E:D0:65:EA:1B:9D:5A:A0:C2:D5:38:E3:C3
Certificate issuer: /CN=7d9656d5867b43ce506445290bba705722260586
Certificate serial: 01856C25E43D902CDC04B9293C3F9654EFC6
Authority key identifier: 7D:96:56:D5:86:7B:43:CE:50:64:45:29:0B:BA:70:57:22:26:05:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZZW1YZ7Q85QZEUpC7pwVyImBYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0f31d-b4bf-450d-9acd-0a6b536c4394/1/KwzuvzwWR07QZeobnVqgwtU448M.roa
Signing time: Sun 01 Jan 2023 07:05:00 +0000
ROA not before: Sun 01 Jan 2023 07:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 91.230.244.0/23 maxlen: 24
91.233.105.0/24 maxlen: 24
194.33.112.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:e4:3d:90:2c:dc:04:b9:29:3c:3f:96:54:ef:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d9656d5867b43ce506445290bba705722260586
Validity
Not Before: Jan 1 07:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b0ceebf3c16474ed065ea1b9d5aa0c2d538e3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f3:8d:ec:d5:d0:7c:1a:16:90:4a:ce:b6:54:
77:af:28:01:ec:a1:94:56:1b:90:db:0d:24:5a:31:
45:34:32:e6:1d:0f:14:8e:ec:94:62:ad:94:7d:33:
23:34:fb:c5:2a:d7:e7:ed:09:de:8b:09:50:1f:ee:
e9:e3:9e:f6:85:ce:9d:1d:c5:19:f2:ed:74:9a:3a:
91:49:9a:01:d6:e6:de:57:fd:6d:57:e4:6b:b5:18:
9f:55:1b:06:b6:e5:83:42:46:51:a9:0c:77:47:ca:
47:98:ab:2d:bc:04:ae:99:ef:fe:3d:01:f8:bc:43:
dd:17:65:e9:19:fb:b4:1a:2a:b7:3a:11:a2:33:1c:
e3:66:d4:65:9a:9a:cc:8d:32:ee:91:60:c4:20:db:
7b:3e:32:3e:65:f0:d2:96:71:58:1e:34:b8:a6:e2:
f3:ef:b8:ad:4d:94:84:30:29:5e:e3:e2:18:b9:ca:
3a:49:63:09:d8:02:b9:d6:6a:8e:19:f8:d7:4c:f3:
63:e2:90:74:a0:27:32:4b:c4:fe:2e:cb:ee:58:aa:
5f:19:ff:cf:15:3d:e0:78:ac:0e:a8:ff:d3:40:5c:
d5:b7:48:4a:ac:7e:0f:1e:6f:ec:ed:70:ec:92:97:
3d:fe:e8:ae:44:ff:28:7f:38:84:fa:05:19:b2:af:
8f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0C:EE:BF:3C:16:47:4E:D0:65:EA:1B:9D:5A:A0:C2:D5:38:E3:C3
X509v3 Authority Key Identifier:
keyid:7D:96:56:D5:86:7B:43:CE:50:64:45:29:0B:BA:70:57:22:26:05:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZW1YZ7Q85QZEUpC7pwVyImBYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0f31d-b4bf-450d-9acd-0a6b536c4394/1/KwzuvzwWR07QZeobnVqgwtU448M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0f31d-b4bf-450d-9acd-0a6b536c4394/1/fZZW1YZ7Q85QZEUpC7pwVyImBYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.244.0/23
91.233.105.0/24
194.33.112.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:2d:69:93:12:cc:a4:e5:d1:0e:91:d5:64:9e:7f:34:5e:3f:
d0:ad:d4:f5:ed:02:39:16:9a:61:c8:59:e7:c9:5b:1d:72:53:
36:41:1c:d8:db:4d:0c:f6:54:ee:d8:15:70:ac:60:09:d2:ab:
dd:97:08:47:17:09:09:36:a7:8c:80:3b:37:ea:77:ae:d0:3b:
c8:60:65:b8:d7:67:60:2f:96:25:bf:3a:a1:fa:d2:75:48:3c:
7d:4e:e1:fb:29:88:8c:a2:cb:4b:2a:c2:0d:c7:cc:eb:e4:ee:
51:74:02:6d:9f:6a:49:3f:b3:16:bd:3e:f3:8e:84:d0:9c:01:
24:2d:c0:ef:3c:15:39:d8:02:d1:1d:3e:6b:2f:99:96:fe:b0:
7e:de:45:0d:53:c0:21:26:d4:75:8f:05:ee:12:e2:9c:e2:3b:
ee:2b:c8:be:04:51:40:15:59:b3:41:01:d6:fe:17:24:e5:3e:
4a:4e:3a:c1:4f:86:ac:2f:3f:7a:36:67:9e:cd:77:76:c7:b3:
39:43:81:7c:0c:65:de:3f:50:64:6b:3f:8a:c5:d0:29:01:e5:
0a:7a:af:4e:2c:35:87:27:49:f6:af:b5:1f:c0:75:b9:03:98:
06:b0:18:71:2a:6a:85:3a:d0:d7:fc:d1:5e:21:9f:50:44:2f:
82:c4:fd:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsJeQ9kCzcBLkpPD+WVO/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1NmQ1ODY3YjQzY2U1MDY0NDUyOTBiYmE3MDU3MjIy
NjA1ODYwHhcNMjMwMTAxMDcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBjZWViZjNjMTY0NzRlZDA2NWVhMWI5ZDVhYTBjMmQ1MzhlM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPON7NXQfBoWkErOtlR3rygB7KGU
VhuQ2w0kWjFFNDLmHQ8UjuyUYq2UfTMjNPvFKtfn7QneiwlQH+7p4572hc6dHcUZ
8u10mjqRSZoB1ubeV/1tV+RrtRifVRsGtuWDQkZRqQx3R8pHmKstvASume/+PQH4
vEPdF2XpGfu0Giq3OhGiMxzjZtRlmprMjTLukWDEINt7PjI+ZfDSlnFYHjS4puLz
77itTZSEMCle4+IYuco6SWMJ2AK51mqOGfjXTPNj4pB0oCcyS8T+LsvuWKpfGf/P
FT3geKwOqP/TQFzVt0hKrH4PHm/s7XDskpc9/uiuRP8ofziE+gUZsq+P0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCsM7r88FkdO0GXqG51aoMLVOOPDMB8GA1UdIwQY
MBaAFH2WVtWGe0POUGRFKQu6cFciJgWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaVzFZWjdRODVRWkVVcEM3cHdWeUltQllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMGYzMWQtYjRiZi00NTBkLTlhY2Qt
MGE2YjUzNmM0Mzk0LzEvS3d6dXZ6d1dSMDdRWmVvYm5WcWd3dFU0NDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMGYzMWQtYjRiZi00NTBkLTlhY2QtMGE2YjUzNmM0Mzk0
LzEvZlpaVzFZWjdRODVRWkVVcEM3cHdWeUltQllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+b0AwQA
W+lpAwQBwiFwMA0GCSqGSIb3DQEBCwUAA4IBAQAdLWmTEsyk5dEOkdVknn80Xj/Q
rdT17QI5FpphyFnnyVsdclM2QRzY200M9lTu2BVwrGAJ0qvdlwhHFwkJNqeMgDs3
6neu0DvIYGW412dgL5Ylvzqh+tJ1SDx9TuH7KYiMostLKsINx8zr5O5RdAJtn2pJ
P7MWvT7zjoTQnAEkLcDvPBU52ALRHT5rL5mW/rB+3kUNU8AhJtR1jwXuEuKc4jvu
K8i+BFFAFVmzQQHW/hck5T5KTjrBT4asLz96NmeezXd2x7M5Q4F8DGXeP1Bkaz+K
xdApAeUKeq9OLDWHJ0n2r7UfwHW5A5gGsBhxKmqFOtDX/NFeIZ9QRC+CxP0I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:31 2024 by rpki-client on console-fra.rpki-client.org