Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/kjq_ERpE2mi-sdKaMIFmpTMTp9A.roa
File: kjq_ERpE2mi-sdKaMIFmpTMTp9A.roa (raw, json)
Hash identifier: /mcBdBxzFfxsr53a+ABje0GkQyN7Y3sang7B35MDncA=
Subject key identifier: 92:3A:BF:11:1A:44:DA:68:BE:B1:D2:9A:30:81:66:A5:33:13:A7:D0
Certificate issuer: /CN=fdad61d8e8c1abda8596930e21f18211a517681f
Certificate serial: 018A0855F20A6570B04F81ABF64C6383D4C3
Authority key identifier: FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/kjq_ERpE2mi-sdKaMIFmpTMTp9A.roa
Signing time: Fri 18 Aug 2023 11:09:24 +0000
ROA not before: Fri 18 Aug 2023 11:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51178
IP address blocks: 91.219.64.0/22 maxlen: 23
5.61.14.0/23 maxlen: 24
5.61.13.0/24 maxlen: 24
188.68.184.0/22 maxlen: 23
185.218.68.0/23 maxlen: 23
92.249.4.0/24 maxlen: 24
185.218.70.0/24 maxlen: 24
2a00:9801::/32 maxlen: 32
2a0b:d0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 07 Dec 2023 14:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:55:f2:0a:65:70:b0:4f:81:ab:f6:4c:63:83:d4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdad61d8e8c1abda8596930e21f18211a517681f
Validity
Not Before: Aug 18 11:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=923abf111a44da68beb1d29a308166a53313a7d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3f:30:8d:99:4c:95:03:16:34:48:d3:9b:22:
91:07:a9:42:3c:8b:cd:92:84:05:85:1f:c1:57:07:
b9:9f:69:f4:bb:22:55:d5:5d:eb:70:b3:ff:c3:a4:
03:2a:c3:d1:8e:2a:26:fc:81:dc:4e:f1:98:56:dc:
59:66:f7:e1:fc:4f:e6:f5:72:74:07:24:97:53:6d:
9c:8d:31:e0:f5:5e:bb:71:42:6f:ca:a7:14:4b:bf:
97:78:01:41:b1:a6:38:ff:f7:21:cc:34:f5:17:6e:
73:c5:d7:91:c2:16:53:52:7f:e8:98:dd:6d:68:7a:
de:c5:44:9d:0a:c6:b6:1d:56:28:c0:f5:76:6a:83:
5c:84:46:61:00:a1:53:80:a2:2c:d8:2c:ed:4d:bb:
37:75:71:56:63:c5:8f:5c:c8:2f:40:2e:7a:4f:5f:
e8:c7:ef:82:c2:40:21:29:08:02:32:e1:70:97:32:
ca:77:41:d1:66:04:5b:ea:92:a1:b1:ac:f2:1f:fc:
6a:76:63:d7:45:a9:e2:5e:47:5c:47:66:07:c6:78:
fa:73:56:04:d3:ea:4f:94:96:5e:cc:0e:97:3d:39:
34:27:39:aa:a3:f4:fb:60:0b:18:8b:f1:e1:e0:c7:
a3:90:9e:db:e4:2f:22:c7:b9:d3:66:bb:4c:7a:8d:
bf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3A:BF:11:1A:44:DA:68:BE:B1:D2:9A:30:81:66:A5:33:13:A7:D0
X509v3 Authority Key Identifier:
keyid:FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/kjq_ERpE2mi-sdKaMIFmpTMTp9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.13.0-5.61.15.255
91.219.64.0/22
92.249.4.0/24
185.218.68.0-185.218.70.255
188.68.184.0/22
IPv6:
2a00:9801::/32
2a0b:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:ce:f6:d8:18:40:23:f6:fc:24:71:73:be:86:6f:d8:98:66:
cb:9a:fe:5d:84:8c:6e:86:e1:3e:4b:64:44:3d:61:ca:04:16:
75:b1:bc:1b:7e:5b:e5:09:0c:d3:8b:31:86:52:b0:c7:bf:90:
51:27:d0:c7:64:da:32:d5:af:da:af:7a:62:5d:26:1a:a2:d2:
ca:06:61:89:1e:72:10:4b:0f:9f:fc:4d:89:ed:87:4c:e7:2a:
6b:c3:53:15:30:ca:08:ce:e3:1d:da:87:80:f2:4d:c2:b0:20:
ae:ed:0c:30:9a:78:71:62:13:42:6e:8c:19:ab:0c:ae:1e:e6:
8d:3c:1d:3a:24:fe:62:06:7e:cd:8c:44:71:f3:b0:06:c3:a2:
97:28:5d:66:94:c0:d2:b0:d0:1d:2f:97:cf:5a:a1:bd:1d:1e:
47:68:75:33:02:2a:be:e0:7d:69:e8:22:d8:9f:d3:b9:48:34:
00:02:23:33:1a:78:2a:1b:65:31:ec:77:13:51:0b:5a:aa:7e:
63:aa:2b:b7:35:24:ba:8e:c6:6c:7c:b7:02:b3:0f:01:a7:d6:
0d:be:07:d0:5d:67:34:7a:14:16:5a:16:64:9b:35:e2:7c:7e:
2f:b1:b7:bd:c9:ff:94:a2:9d:25:b1:2d:34:fb:61:bb:b5:84:
6d:3a:cd:bf
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYoIVfIKZXCwT4Gr9kxjg9TDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYWQ2MWQ4ZThjMWFiZGE4NTk2OTMwZTIxZjE4MjExYTUx
NzY4MWYwHhcNMjMwODE4MTEwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNhYmYxMTFhNDRkYTY4YmViMWQyOWEzMDgxNjZhNTMzMTNhN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj8wjZlMlQMWNEjTmyKRB6lCPIvN
koQFhR/BVwe5n2n0uyJV1V3rcLP/w6QDKsPRjiom/IHcTvGYVtxZZvfh/E/m9XJ0
BySXU22cjTHg9V67cUJvyqcUS7+XeAFBsaY4//chzDT1F25zxdeRwhZTUn/omN1t
aHrexUSdCsa2HVYowPV2aoNchEZhAKFTgKIs2CztTbs3dXFWY8WPXMgvQC56T1/o
x++CwkAhKQgCMuFwlzLKd0HRZgRb6pKhsazyH/xqdmPXRaniXkdcR2YHxnj6c1YE
0+pPlJZezA6XPTk0Jzmqo/T7YAsYi/Hh4MejkJ7b5C8ix7nTZrtMeo2/oQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJI6vxEaRNpovrHSmjCBZqUzE6fQMB8GA1UdIwQY
MBaAFP2tYdjowavahZaTDiHxghGlF2gfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2Et
ODRlZTIyYTNlZTViLzEva2pxX0VScEUybWktc2RLYU1JRm1wVE1UcDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2EtODRlZTIyYTNlZTVi
LzEvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA0BAIAATAuMAwDBAAFPQ0D
BAQFPQADBAJb20ADBABc+QQwDAMEArnaRAMEALnaRgMEArxEuDAUBAIAAjAOAwUA
KgCYAQMFAyoL0MAwDQYJKoZIhvcNAQELBQADggEBAD7O9tgYQCP2/CRxc76Gb9iY
Zsua/l2EjG6G4T5LZEQ9YcoEFnWxvBt+W+UJDNOLMYZSsMe/kFEn0Mdk2jLVr9qv
emJdJhqi0soGYYkechBLD5/8TYnth0znKmvDUxUwygjO4x3ah4DyTcKwIK7tDDCa
eHFiE0JujBmrDK4e5o08HTok/mIGfs2MRHHzsAbDopcoXWaUwNKw0B0vl89aob0d
HkdodTMCKr7gfWnoItif07lINAACIzMaeCobZTHsdxNRC1qqfmOqK7c1JLqOxmx8
twKzDwGn1g2+B9BdZzR6FBZaFmSbNeJ8fi+xt73J/5SinSWxLTT7Ybu1hG06zb8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:47 2024 by rpki-client on console-fra.rpki-client.org