Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/KJ9SnLUTp76lCRM-uPeRnkXmgI0.roa
File: KJ9SnLUTp76lCRM-uPeRnkXmgI0.roa (raw, json)
Hash identifier: o2/rz0BxE6KiiDy4PZZT7hr8sw+QTR3MVjtdRVS/950=
Subject key identifier: 28:9F:52:9C:B5:13:A7:BE:A5:09:13:3E:B8:F7:91:9E:45:E6:80:8D
Certificate issuer: /CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Certificate serial: 0186B76871982A8D1A07D07642E9CE8478C9
Authority key identifier: 4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/KJ9SnLUTp76lCRM-uPeRnkXmgI0.roa
Signing time: Mon 06 Mar 2023 14:52:00 +0000
ROA not before: Mon 06 Mar 2023 14:52:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207503
IP address blocks: 185.102.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 07 Mar 2023 10:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:68:71:98:2a:8d:1a:07:d0:76:42:e9:ce:84:78:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Validity
Not Before: Mar 6 14:52:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289f529cb513a7bea509133eb8f7919e45e6808d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:89:90:77:59:c6:61:4e:95:45:99:79:8f:
5e:26:03:f6:c8:3d:f4:c6:2f:b3:b6:07:40:50:7a:
0b:4f:a6:a6:d8:58:a3:e6:1c:98:c0:21:a7:fb:d0:
0d:62:74:49:a6:a9:7b:43:b8:09:c0:24:4b:a6:ce:
77:fb:f4:ed:03:37:cd:a0:26:e8:4b:db:93:48:20:
be:61:51:3a:36:e4:bf:7f:b4:4d:35:ee:0c:fe:1c:
fe:99:84:5f:f3:02:c8:f2:0b:b4:69:b4:f8:60:5a:
07:c3:0e:db:6c:04:96:0f:c3:05:f7:f9:61:6e:ed:
57:bf:9e:b5:d8:0e:df:a1:2b:ae:60:85:0f:aa:fd:
48:e0:25:66:56:76:96:61:8d:64:8a:e4:b8:4d:2f:
c0:b0:f5:84:b7:6e:d5:e3:29:e7:54:1f:70:a5:5e:
7b:44:63:0f:2b:4c:96:39:9d:c5:27:0d:d1:48:15:
e0:11:27:cf:65:ef:b1:cb:a5:73:62:d5:b9:08:1d:
5d:b3:07:89:c8:7b:1e:0d:55:e8:11:98:ee:18:41:
14:da:e9:d7:51:76:a8:86:ee:80:8d:3c:37:2d:c0:
3f:35:73:78:c3:4a:86:24:be:13:a7:bc:c1:26:fc:
0d:b6:81:bd:bc:67:6a:fd:b6:5c:56:5f:07:08:6b:
e8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9F:52:9C:B5:13:A7:BE:A5:09:13:3E:B8:F7:91:9E:45:E6:80:8D
X509v3 Authority Key Identifier:
keyid:4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/KJ9SnLUTp76lCRM-uPeRnkXmgI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/SornhxUlvi6k0N_9rk86i_83JJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.240.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:90:aa:de:71:c1:2b:67:8c:d4:bb:9c:11:8b:38:c6:68:17:
8f:ec:7a:90:5c:60:53:c6:80:4d:9b:a3:a3:15:f9:68:a6:93:
0a:dd:4e:1a:b8:9a:54:b9:0f:ec:7e:b1:ca:e8:6d:2d:07:4d:
ad:8c:04:61:3b:6b:38:e1:3b:e6:4d:d8:27:fc:a1:2e:21:05:
90:9d:70:d3:85:49:de:66:5c:4b:5a:e5:6d:5c:a1:b3:3e:b4:
3e:29:79:e8:95:5e:5c:39:e7:ed:5d:58:59:20:e7:68:86:19:
27:80:8c:ea:f7:0e:15:f5:d6:4e:7e:bb:79:30:20:9e:05:18:
29:eb:05:16:c9:c3:42:ad:49:d9:a2:25:fa:59:95:7c:1c:0e:
d6:20:f9:d2:70:ea:fb:3c:3b:82:d5:34:d7:5e:c9:c9:3c:81:
da:84:77:68:5b:e4:11:d6:d9:1b:e6:e0:52:e9:52:60:d5:1a:
dd:74:97:b6:e1:61:0e:25:20:72:21:78:f7:83:c2:41:e0:96:
bb:a5:d9:3e:cf:2f:7f:20:be:0f:01:7c:41:24:48:b5:34:b3:
f4:cb:32:7f:1c:65:a8:c1:d4:44:ea:18:b1:00:41:df:d1:c6:
27:9c:ab:e6:4c:50:0f:62:a0:3a:38:c6:58:5d:6b:ee:7f:c3:
81:95:e7:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa3aHGYKo0aB9B2QunOhHjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGFlNzg3MTUyNWJlMmVhNGQwZGZmZGFlNGYzYThiZmYz
NzI0OTYwHhcNMjMwMzA2MTQ1MjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODlmNTI5Y2I1MTNhN2JlYTUwOTEzM2ViOGY3OTE5ZTQ1ZTY4MDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFiJkHdZxmFOlUWZeY9eJgP2yD30
xi+ztgdAUHoLT6am2Fij5hyYwCGn+9ANYnRJpql7Q7gJwCRLps53+/TtAzfNoCbo
S9uTSCC+YVE6NuS/f7RNNe4M/hz+mYRf8wLI8gu0abT4YFoHww7bbASWD8MF9/lh
bu1Xv5612A7foSuuYIUPqv1I4CVmVnaWYY1kiuS4TS/AsPWEt27V4ynnVB9wpV57
RGMPK0yWOZ3FJw3RSBXgESfPZe+xy6VzYtW5CB1dsweJyHseDVXoEZjuGEEU2unX
UXaohu6AjTw3LcA/NXN4w0qGJL4Tp7zBJvwNtoG9vGdq/bZcVl8HCGvoSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCifUpy1E6e+pQkTPrj3kZ5F5oCNMB8GA1UdIwQY
MBaAFEqK54cVJb4upNDf/a5POov/NySWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU29ybmh4VWx2aTZrME5fOXJrODZpXzgzSkpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9mYTZjYzItMjdhZi00MTZjLWExMzQt
OThmNzQ1NGJhNmNlLzEvS0o5U25MVVRwNzZsQ1JNLXVQZVJua1htZ0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9mYTZjYzItMjdhZi00MTZjLWExMzQtOThmNzQ1NGJhNmNl
LzEvU29ybmh4VWx2aTZrME5fOXJrODZpXzgzSkpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWbwMA0G
CSqGSIb3DQEBCwUAA4IBAQB9kKreccErZ4zUu5wRizjGaBeP7HqQXGBTxoBNm6Oj
FfloppMK3U4auJpUuQ/sfrHK6G0tB02tjARhO2s44TvmTdgn/KEuIQWQnXDThUne
ZlxLWuVtXKGzPrQ+KXnolV5cOeftXVhZIOdohhkngIzq9w4V9dZOfrt5MCCeBRgp
6wUWycNCrUnZoiX6WZV8HA7WIPnScOr7PDuC1TTXXsnJPIHahHdoW+QR1tkb5uBS
6VJg1RrddJe24WEOJSByIXj3g8JB4Ja7pdk+zy9/IL4PAXxBJEi1NLP0yzJ/HGWo
wdRE6hixAEHf0cYnnKvmTFAPYqA6OMZYXWvuf8OBleeO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:56 2024 by rpki-client on console-fra.rpki-client.org