Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ac124c-5bd3-4b15-b088-a18a0512776c/1/kZLV13bN8e3zoGfTdu1ew_KWY-I.roa
File: kZLV13bN8e3zoGfTdu1ew_KWY-I.roa (raw, json)
Hash identifier: y2iy380MW5+xw9Lw/t0F8UIJ5kt+b7TaH4uqCsrgXiY=
Subject key identifier: 91:92:D5:D7:76:CD:F1:ED:F3:A0:67:D3:76:ED:5E:C3:F2:96:63:E2
Certificate issuer: /CN=406e906f82b3d5155659dae4d086769ef12a8214
Certificate serial: 01856DE67612589CBFA5FA9495097F3160E9
Authority key identifier: 40:6E:90:6F:82:B3:D5:15:56:59:DA:E4:D0:86:76:9E:F1:2A:82:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG6Qb4Kz1RVWWdrk0IZ2nvEqghQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/ac124c-5bd3-4b15-b088-a18a0512776c/1/kZLV13bN8e3zoGfTdu1ew_KWY-I.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206372
IP address blocks: 185.175.36.0/22 maxlen: 24
2a0b:cd00::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:76:12:58:9c:bf:a5:fa:94:95:09:7f:31:60:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406e906f82b3d5155659dae4d086769ef12a8214
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9192d5d776cdf1edf3a067d376ed5ec3f29663e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:eb:de:d3:8b:f9:9c:bb:58:60:a6:1c:6e:f8:
15:d7:3e:e4:5c:ac:de:1c:57:10:f6:da:cd:fc:25:
ef:94:cc:51:06:3d:e4:8e:c3:d1:58:7e:2e:78:0e:
7a:3f:e1:48:fe:4b:f7:a4:2b:81:78:0f:91:2c:97:
1f:ca:7d:0f:f6:57:b2:18:85:f4:3b:54:3e:96:48:
76:6b:2b:82:bd:f3:c2:49:54:3d:78:5d:31:df:5d:
d8:bd:a4:d8:54:45:48:d6:3d:64:25:f7:75:44:9b:
70:09:15:7c:93:ed:84:bd:29:56:e9:23:52:bc:63:
68:f5:d3:a5:8e:20:89:35:dd:c9:1b:2b:86:ab:76:
0a:fe:ed:00:e0:1f:a0:4e:34:aa:45:5b:90:7b:3a:
4d:34:38:f1:91:d1:69:dd:a7:ed:ab:7f:78:73:55:
39:f7:f4:99:b4:58:cd:47:2b:ba:19:e8:d4:ce:0e:
af:8d:90:07:ed:b9:86:1d:8d:90:08:d0:af:04:e6:
ed:bf:9d:dc:ed:20:ac:88:e8:fe:c9:87:cc:fd:c1:
89:39:4e:bf:40:dd:74:72:c7:0c:70:44:8e:79:07:
43:58:30:ca:e0:59:71:18:2c:04:73:4e:e9:b8:45:
dd:b7:51:69:bf:63:63:c6:7b:23:1d:a6:9c:9d:f0:
59:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:92:D5:D7:76:CD:F1:ED:F3:A0:67:D3:76:ED:5E:C3:F2:96:63:E2
X509v3 Authority Key Identifier:
keyid:40:6E:90:6F:82:B3:D5:15:56:59:DA:E4:D0:86:76:9E:F1:2A:82:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG6Qb4Kz1RVWWdrk0IZ2nvEqghQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ac124c-5bd3-4b15-b088-a18a0512776c/1/kZLV13bN8e3zoGfTdu1ew_KWY-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ac124c-5bd3-4b15-b088-a18a0512776c/1/QG6Qb4Kz1RVWWdrk0IZ2nvEqghQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.36.0/22
IPv6:
2a0b:cd00::/29
Signature Algorithm: sha256WithRSAEncryption
0e:5d:8a:8c:a6:54:88:09:d6:80:8d:ee:62:b6:3c:04:19:bc:
45:a2:7a:fa:d8:a7:fb:84:13:19:58:43:3f:9f:f7:33:5b:32:
c3:36:bd:a8:fd:84:39:53:71:86:d7:c3:10:36:3a:99:9d:c9:
4f:54:66:68:c2:16:f2:5d:eb:f3:0d:fb:c0:fe:d3:23:3f:e9:
0f:9d:34:62:b0:eb:2f:1a:30:d4:98:a1:c3:6a:71:48:dc:89:
28:3e:11:a3:0e:09:9d:75:d3:02:fd:8b:13:cc:55:9b:74:1e:
39:23:d4:25:02:ca:23:36:d8:92:90:30:52:b4:4d:d4:0a:4d:
f8:16:19:16:db:0c:00:db:da:6d:dd:bc:b4:20:23:4c:96:70:
c0:43:c5:6f:c4:ea:0c:16:a9:ac:46:ba:fa:7f:c0:b9:06:95:
7e:56:5d:40:ca:38:a8:80:52:94:fc:59:26:62:e2:3b:d5:0d:
e5:25:fa:fc:9e:f2:d1:53:75:8a:2a:08:f6:0d:55:1b:29:c3:
7a:c6:ed:62:ca:70:53:df:ea:13:d0:e2:ed:dc:93:64:d1:de:
68:bd:d7:22:fa:f3:1e:82:bc:1f:e8:be:16:a9:0f:07:e4:de:
0b:38:8a:c7:ec:00:8d:a2:f3:9b:c7:31:fb:20:09:55:c6:87:
3e:c8:7f:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt5nYSWJy/pfqUlQl/MWDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmU5MDZmODJiM2Q1MTU1NjU5ZGFlNGQwODY3NjllZjEy
YTgyMTQwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTkyZDVkNzc2Y2RmMWVkZjNhMDY3ZDM3NmVkNWVjM2YyOTY2M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuve04v5nLtYYKYcbvgV1z7kXKze
HFcQ9trN/CXvlMxRBj3kjsPRWH4ueA56P+FI/kv3pCuBeA+RLJcfyn0P9leyGIX0
O1Q+lkh2ayuCvfPCSVQ9eF0x313YvaTYVEVI1j1kJfd1RJtwCRV8k+2EvSlW6SNS
vGNo9dOljiCJNd3JGyuGq3YK/u0A4B+gTjSqRVuQezpNNDjxkdFp3aftq394c1U5
9/SZtFjNRyu6GejUzg6vjZAH7bmGHY2QCNCvBObtv53c7SCsiOj+yYfM/cGJOU6/
QN10cscMcESOeQdDWDDK4FlxGCwEc07puEXdt1Fpv2NjxnsjHaacnfBZdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJGS1dd2zfHt86Bn03btXsPylmPiMB8GA1UdIwQY
MBaAFEBukG+Cs9UVVlna5NCGdp7xKoIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUc2UWI0S3oxUlZXV2RyazBJWjJudkVxZ2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hYzEyNGMtNWJkMy00YjE1LWIwODgt
YTE4YTA1MTI3NzZjLzEva1pMVjEzYk44ZTN6b0dmVGR1MWV3X0tXWS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hYzEyNGMtNWJkMy00YjE1LWIwODgtYTE4YTA1MTI3NzZj
LzEvUUc2UWI0S3oxUlZXV2RyazBJWjJudkVxZ2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua8kMA0E
AgACMAcDBQMqC80AMA0GCSqGSIb3DQEBCwUAA4IBAQAOXYqMplSICdaAje5itjwE
GbxFonr62Kf7hBMZWEM/n/czWzLDNr2o/YQ5U3GG18MQNjqZnclPVGZowhbyXevz
DfvA/tMjP+kPnTRisOsvGjDUmKHDanFI3IkoPhGjDgmdddMC/YsTzFWbdB45I9Ql
AsojNtiSkDBStE3UCk34FhkW2wwA29pt3by0ICNMlnDAQ8VvxOoMFqmsRrr6f8C5
BpV+Vl1AyjiogFKU/FkmYuI71Q3lJfr8nvLRU3WKKgj2DVUbKcN6xu1iynBT3+oT
0OLt3JNk0d5ovdci+vMegrwf6L4WqQ8H5N4LOIrH7ACNovObxzH7IAlVxoc+yH9p
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:22 2024 by rpki-client on console-ams.rpki-client.org