Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/kApzUti3e1cfsI6KkpCPavlhHt4.roa
File: kApzUti3e1cfsI6KkpCPavlhHt4.roa (raw, json)
Hash identifier: iQo+BIr+uFa3w15WNoxIBlwPO6T2vfIrBXDqMtJK69k=
Subject key identifier: 90:0A:73:52:D8:B7:7B:57:1F:B0:8E:8A:92:90:8F:6A:F9:61:1E:DE
Certificate issuer: /CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Certificate serial: 01857014FE3F823FC46F4420E867EF4071F4
Authority key identifier: C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/kApzUti3e1cfsI6KkpCPavlhHt4.roa
Signing time: Mon 02 Jan 2023 01:25:02 +0000
ROA not before: Mon 02 Jan 2023 01:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136744
IP address blocks: 185.192.20.0/23 maxlen: 23
185.192.22.0/24 maxlen: 24
185.192.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Mar 2023 11:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:14:fe:3f:82:3f:c4:6f:44:20:e8:67:ef:40:71:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Validity
Not Before: Jan 2 01:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=900a7352d8b77b571fb08e8a92908f6af9611ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:20:57:12:f5:7b:22:12:f2:8e:d7:29:6f:32:
8f:17:be:0a:62:35:76:2f:bf:fb:c2:44:30:57:fe:
bb:a5:78:d4:50:5b:ac:b6:30:4d:86:fc:be:39:36:
af:20:e8:29:e0:a8:14:db:16:c7:e3:20:33:a5:8b:
da:78:b3:1d:8d:4e:b0:eb:16:8e:6a:01:60:41:c4:
86:80:42:b8:0b:50:f0:66:83:40:14:6d:28:91:68:
3c:5b:e6:99:f7:0e:4c:d0:fd:2d:cc:a0:5b:57:1d:
6b:56:7b:75:7d:9e:c2:f0:73:b5:d1:20:1c:41:da:
84:1a:fb:d4:3c:c7:3c:bf:03:1a:dc:fd:ef:ab:d0:
a5:0e:0a:2b:99:f2:70:6c:e9:4e:89:39:1d:25:98:
0d:99:bc:e9:06:58:72:55:32:6b:48:b8:6c:21:ad:
e9:c3:99:61:76:b0:e1:b8:81:48:71:c0:87:39:7d:
1c:0c:38:10:3e:49:7f:ff:a7:5c:a7:af:60:fe:bf:
7e:93:65:62:3b:ae:41:f3:6d:1d:a6:a8:d4:6b:ce:
d3:04:21:ee:17:9d:f5:1d:a3:56:0a:19:64:7b:d3:
46:cf:5a:7a:e4:a8:2c:e7:60:6f:20:8d:42:b6:f7:
de:71:29:37:09:d7:9d:ca:ca:09:57:43:71:81:a5:
12:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0A:73:52:D8:B7:7B:57:1F:B0:8E:8A:92:90:8F:6A:F9:61:1E:DE
X509v3 Authority Key Identifier:
keyid:C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/kApzUti3e1cfsI6KkpCPavlhHt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.20.0/22
Signature Algorithm: sha256WithRSAEncryption
95:a0:41:d7:56:66:3b:ce:a2:a5:81:3c:b9:2f:a1:07:15:5d:
b5:ef:a5:41:83:08:0d:c5:cd:54:56:6d:08:85:f1:a1:c4:93:
16:2e:2a:3e:0e:ba:c6:ed:20:45:6d:3b:8c:24:6d:ec:35:9b:
d7:99:fe:24:7d:86:0f:34:20:da:f3:8d:f2:c1:8f:0f:3d:0e:
41:a9:cc:96:0f:d3:53:7b:7b:8d:af:01:2b:10:8e:a7:d5:3e:
4d:48:27:e1:5f:4b:3a:f4:a5:a3:4b:d2:ca:40:02:57:02:a2:
2b:db:61:b6:fb:9b:f6:36:93:d8:e5:6d:bb:79:a5:e0:62:ff:
eb:e5:c2:ad:18:b9:86:da:36:12:e3:a2:c1:36:7a:19:23:bb:
7f:8f:92:2f:e5:2c:bb:2d:7e:0b:89:52:fc:5c:34:34:67:1b:
85:60:1f:86:31:7b:a6:9b:c3:5f:b4:1b:1d:61:a5:99:f0:2b:
4f:f5:58:3e:05:f9:90:ae:7f:22:48:ea:8c:5e:69:33:b1:d0:
c6:4f:a4:84:bc:a0:a2:3d:17:14:80:a2:b1:db:ad:88:2d:de:
20:b6:0f:6a:0b:69:63:09:e9:56:f4:f8:0f:ad:1c:39:70:9c:
d4:ce:1f:18:0f:ac:f9:2e:e9:6e:ec:6a:26:d0:9d:d5:d1:bb:
60:e5:73:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFP4/gj/Eb0Qg6GfvQHH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTY5NzE2ZDBhZTY0MDY4NzAzMTQwYWEzNzMwZTM3ODhm
ZGQ0YzYwHhcNMjMwMTAyMDEyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBhNzM1MmQ4Yjc3YjU3MWZiMDhlOGE5MjkwOGY2YWY5NjExZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCBXEvV7IhLyjtcpbzKPF74KYjV2
L7/7wkQwV/67pXjUUFustjBNhvy+OTavIOgp4KgU2xbH4yAzpYvaeLMdjU6w6xaO
agFgQcSGgEK4C1DwZoNAFG0okWg8W+aZ9w5M0P0tzKBbVx1rVnt1fZ7C8HO10SAc
QdqEGvvUPMc8vwMa3P3vq9ClDgormfJwbOlOiTkdJZgNmbzpBlhyVTJrSLhsIa3p
w5lhdrDhuIFIccCHOX0cDDgQPkl//6dcp69g/r9+k2ViO65B820dpqjUa87TBCHu
F531HaNWChlke9NGz1p65Kgs52BvII1CtvfecSk3CdedysoJV0NxgaUS8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAKc1LYt3tXH7COipKQj2r5YR7eMB8GA1UdIwQY
MBaAFMYWlxbQrmQGhwMUCqNzDjeI/dTGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2Yt
MDQyNDQ2YjcwZmIxLzEva0FwelV0aTNlMWNmc0k2S2twQ1BhdmxoSHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2YtMDQyNDQ2YjcwZmIx
LzEveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucAUMA0G
CSqGSIb3DQEBCwUAA4IBAQCVoEHXVmY7zqKlgTy5L6EHFV2176VBgwgNxc1UVm0I
hfGhxJMWLio+DrrG7SBFbTuMJG3sNZvXmf4kfYYPNCDa843ywY8PPQ5BqcyWD9NT
e3uNrwErEI6n1T5NSCfhX0s69KWjS9LKQAJXAqIr22G2+5v2NpPY5W27eaXgYv/r
5cKtGLmG2jYS46LBNnoZI7t/j5Iv5Sy7LX4LiVL8XDQ0ZxuFYB+GMXumm8NftBsd
YaWZ8CtP9Vg+BfmQrn8iSOqMXmkzsdDGT6SEvKCiPRcUgKKx262ILd4gtg9qC2lj
CelW9PgPrRw5cJzUzh8YD6z5Lulu7Gom0J3V0btg5XPC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:34 2024 by rpki-client on console-fra.rpki-client.org