Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/KBKNZ1YFRFPZISlCf98IJmf1h7c.roa
File: KBKNZ1YFRFPZISlCf98IJmf1h7c.roa (raw, json)
Hash identifier: 4xWAa7hzQlyttd4vjaUIiW5ocWv+QDiX7xgnB9Ogc+w=
Subject key identifier: 28:12:8D:67:56:05:44:53:D9:21:29:42:7F:DF:08:26:67:F5:87:B7
Certificate issuer: /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial: 018CC348BF183ED455FF7ECE8239F76C4972
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/KBKNZ1YFRFPZISlCf98IJmf1h7c.roa
Signing time: Mon 01 Jan 2024 04:29:33 +0000
ROA not before: Mon 01 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51262
IP address blocks: 185.147.8.0/24 maxlen: 24
185.147.11.0/24 maxlen: 24
185.147.10.0/24 maxlen: 24
185.147.10.0/23 maxlen: 23
185.147.9.0/24 maxlen: 24
2a0a:dc01::/32 maxlen: 32
2a0a:dc05::/32 maxlen: 32
2a0a:dc02::/32 maxlen: 32
2a0a:dc00::/32 maxlen: 32
2a0a:dc06::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Mar 2024 11:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:bf:18:3e:d4:55:ff:7e:ce:82:39:f7:6c:49:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Validity
Not Before: Jan 1 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28128d6756054453d92129427fdf082667f587b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:58:8c:59:f5:aa:50:99:b0:ef:ca:e4:86:1c:
f8:08:8c:f8:23:a0:40:75:e1:1e:cd:2b:ca:19:27:
77:88:0d:63:71:7c:13:74:48:c9:e8:0e:0f:b6:0a:
0c:1f:31:a0:c1:b6:12:da:2e:53:3b:cd:dd:29:7a:
89:db:4b:0b:23:cc:00:dd:46:36:0b:24:42:ce:38:
85:74:72:73:f6:ed:51:43:fd:97:21:13:c4:f4:a6:
64:f6:53:6f:38:ef:4a:6e:df:d2:5b:a0:6b:09:28:
90:52:a1:4b:01:8c:36:af:67:d0:4c:11:eb:96:12:
b3:53:63:95:4b:d3:f6:3b:5c:95:3f:a0:c6:86:b3:
98:7d:44:5a:35:a4:d5:e0:e3:70:8c:e0:e0:87:3a:
c7:2b:1f:b7:f7:c3:c0:2f:7e:05:52:af:74:cb:14:
9e:63:76:8a:7a:f5:ad:aa:b2:86:70:e2:61:e0:7d:
4f:00:eb:67:a1:f4:00:3e:db:65:4f:ca:80:d5:b5:
a1:73:79:d1:8a:42:d0:d7:46:0b:51:9c:b9:e6:90:
09:70:ff:6d:21:8b:97:24:78:43:c6:7c:37:64:92:
31:b5:79:e9:16:c8:b5:73:92:cc:98:54:dc:ce:dd:
c3:45:14:bc:2a:41:6c:2d:43:a6:b5:ce:94:35:77:
46:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:12:8D:67:56:05:44:53:D9:21:29:42:7F:DF:08:26:67:F5:87:B7
X509v3 Authority Key Identifier:
keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/KBKNZ1YFRFPZISlCf98IJmf1h7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.8.0/22
IPv6:
2a0a:dc00::-2a0a:dc02:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:dc05::-2a0a:dc06:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
53:8f:a9:3c:4f:6c:63:d9:e3:82:db:3f:97:1a:f5:6e:da:08:
1a:90:0c:ae:8b:d9:9b:78:7e:cb:8a:f8:b8:76:82:d2:09:e3:
4f:e0:52:b4:3a:91:ec:42:f0:c0:4f:eb:35:24:49:90:4b:e9:
52:fd:7a:9c:76:11:ee:e7:5c:93:ca:27:be:56:7b:78:0c:89:
85:54:57:bf:ca:4d:b4:60:be:18:24:60:c8:4a:47:b0:2c:fb:
f7:16:c0:ef:48:33:23:40:60:f5:8b:7d:f8:52:37:5c:1b:27:
41:cf:42:0d:60:13:8b:af:dc:69:9b:9e:be:fa:bb:f7:5a:77:
34:8c:a6:b9:4a:10:51:57:b0:21:06:33:68:97:5e:8e:29:5c:
11:33:c2:3a:f9:6f:bd:01:e8:8e:09:36:cc:7b:e5:09:e8:71:
f0:d1:33:39:2a:fe:11:37:50:36:3b:e4:e0:35:c4:b5:09:1b:
d3:f3:4f:e3:84:9f:28:40:a1:cf:bc:c9:65:81:e1:08:03:8b:
10:c0:89:73:f2:61:1c:a8:61:12:67:e5:cf:a4:4b:35:0e:b6:
d2:4d:e2:90:e3:7a:9a:af:ed:45:7f:53:77:d2:83:b4:ef:4f:
19:23:5c:d9:80:86:89:93:30:48:22:20:d4:64:2d:c9:51:ee:
79:8c:6a:9c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDSL8YPtRV/37Ogjn3bElyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjQwMTAxMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEyOGQ2NzU2MDU0NDUzZDkyMTI5NDI3ZmRmMDgyNjY3ZjU4N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgliMWfWqUJmw78rkhhz4CIz4I6BA
deEezSvKGSd3iA1jcXwTdEjJ6A4PtgoMHzGgwbYS2i5TO83dKXqJ20sLI8wA3UY2
CyRCzjiFdHJz9u1RQ/2XIRPE9KZk9lNvOO9Kbt/SW6BrCSiQUqFLAYw2r2fQTBHr
lhKzU2OVS9P2O1yVP6DGhrOYfURaNaTV4ONwjODghzrHKx+398PAL34FUq90yxSe
Y3aKevWtqrKGcOJh4H1PAOtnofQAPttlT8qA1bWhc3nRikLQ10YLUZy55pAJcP9t
IYuXJHhDxnw3ZJIxtXnpFsi1c5LMmFTczt3DRRS8KkFsLUOmtc6UNXdGfwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCgSjWdWBURT2SEpQn/fCCZn9Ye3MB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEvS0JLTloxWUZSRlBaSVNsQ2Y5OElKbWYxaDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAMBAIAATAGAwQCuZMIMCUE
AgACMB8wDQMEAioK3AMFACoK3AIwDgMFACoK3AUDBQAqCtwGMA0GCSqGSIb3DQEB
CwUAA4IBAQBTj6k8T2xj2eOC2z+XGvVu2ggakAyui9mbeH7Livi4doLSCeNP4FK0
OpHsQvDAT+s1JEmQS+lS/XqcdhHu51yTyie+Vnt4DImFVFe/yk20YL4YJGDISkew
LPv3FsDvSDMjQGD1i334UjdcGydBz0INYBOLr9xpm56++rv3Wnc0jKa5ShBRV7Ah
BjNol16OKVwRM8I6+W+9AeiOCTbMe+UJ6HHw0TM5Kv4RN1A2O+TgNcS1CRvT80/j
hJ8oQKHPvMllgeEIA4sQwIlz8mEcqGESZ+XPpEs1DrbSTeKQ43qar+1Ff1N30oO0
708ZI1zZgIaJkzBIIiDUZC3JUe55jGqc
-----END CERTIFICATE-----
Generated at Tue Mar 5 15:06:31 2024 by rpki-client on console-fra.rpki-client.org