Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Kb8ZXFehhtD4e5bJiQGUzZ-MS-k.roa
File: Kb8ZXFehhtD4e5bJiQGUzZ-MS-k.roa (raw, json)
Hash identifier: e/4/8rxyehjgd/f45phsgnryDMMfI3q6WWBE/kcNgYM=
Subject key identifier: 29:BF:19:5C:57:A1:86:D0:F8:7B:96:C9:89:01:94:CD:9F:8C:4B:E9
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018DD0F18F46D15A6E0ADFC24AB03E18DF40
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Kb8ZXFehhtD4e5bJiQGUzZ-MS-k.roa
Signing time: Thu 22 Feb 2024 13:11:48 +0000
ROA not before: Thu 22 Feb 2024 13:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14670
IP address blocks: 65.181.111.0/24 maxlen: 24
192.243.110.0/24 maxlen: 24
192.250.225.0/24 maxlen: 24
192.250.231.0/24 maxlen: 24
199.103.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 13:41:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:f1:8f:46:d1:5a:6e:0a:df:c2:4a:b0:3e:18:df:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Feb 22 13:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29bf195c57a186d0f87b96c9890194cd9f8c4be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:ea:7f:2d:bd:90:a4:e3:6c:fd:47:35:a6:
c8:14:b1:51:81:ad:38:fd:38:d2:55:9d:a9:8c:cd:
46:ee:db:d5:22:4b:c4:47:e7:11:39:37:49:5b:45:
59:20:05:31:3f:3f:cf:be:5b:12:3d:64:30:83:f3:
be:62:7c:d0:4f:0d:cc:c3:9c:30:42:2d:0d:5e:d0:
d6:15:97:a9:2c:d2:e4:ea:e5:ab:21:a8:9a:41:25:
9b:64:22:69:a6:f2:c5:c4:89:f2:81:32:b0:6c:53:
ab:9a:a9:8c:c5:a8:a4:43:f5:5e:51:4e:36:b8:72:
53:55:15:74:67:c7:ef:aa:5d:d9:ac:94:98:f8:3c:
62:43:27:c2:14:be:07:05:58:83:b3:71:07:33:b2:
32:fa:17:a4:22:87:9d:c1:9e:4e:f7:09:fd:68:0d:
86:15:75:68:ca:08:60:71:03:b5:34:98:bc:ff:4c:
6c:c1:e6:e5:71:15:74:7d:94:a2:25:d1:2d:4e:b7:
5c:d1:31:a8:45:e6:a5:b5:5a:d6:46:f5:cc:b8:df:
26:f5:2a:9c:f6:6f:7d:24:1d:77:88:0a:e9:85:96:
38:73:b1:59:3a:bd:2f:f4:e5:b9:d9:78:5d:65:a2:
f8:37:b1:80:1a:ad:79:3c:81:e6:5a:23:53:ae:78:
2c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BF:19:5C:57:A1:86:D0:F8:7B:96:C9:89:01:94:CD:9F:8C:4B:E9
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Kb8ZXFehhtD4e5bJiQGUzZ-MS-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.111.0/24
192.243.110.0/24
192.250.225.0/24
192.250.231.0/24
199.103.58.0/24
Signature Algorithm: sha256WithRSAEncryption
21:2f:28:10:e3:71:9f:8a:6c:e8:4b:6c:b0:97:1c:e0:aa:2b:
63:e5:2b:7e:36:1d:81:bc:c3:32:79:1b:25:c1:de:c8:0e:4f:
ee:73:e6:fa:ed:ab:6b:42:7d:4a:0c:f1:ce:b8:74:dd:09:bc:
62:86:d9:58:b8:57:85:35:db:77:ab:6a:f0:c7:33:40:75:76:
bd:3b:e8:3c:c6:97:1c:71:ab:76:6c:32:7f:dd:97:d0:25:d6:
62:f2:4f:82:93:34:19:6f:a8:e3:68:2f:29:5a:13:41:b4:52:
f5:4e:8c:ae:70:48:f1:3b:ab:75:70:42:93:0a:88:cb:b3:f9:
d0:b5:01:c9:40:dd:69:07:d7:ec:21:57:18:13:85:fe:c7:b5:
b2:24:06:81:25:5a:ac:6f:40:02:20:e1:00:15:8f:25:84:6a:
a6:54:f9:69:20:64:b3:b4:68:0f:57:5b:f6:fc:22:f6:7e:c7:
81:67:96:42:71:9a:20:b2:08:c7:28:df:4b:75:74:33:e0:67:
a0:d4:ef:e9:a2:5a:df:6c:e1:4c:21:12:0f:09:fa:58:71:3c:
f1:9e:c5:8c:45:e3:1b:48:43:11:69:da:58:e2:b5:f2:bf:e8:
95:f2:5d:34:58:7b:7f:0d:2b:1c:ad:d1:92:cd:c3:97:eb:32:
2d:67:9e:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3Q8Y9G0VpuCt/CSrA+GN9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwMjIyMTMxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJmMTk1YzU3YTE4NmQwZjg3Yjk2Yzk4OTAxOTRjZDlmOGM0YmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqTqfy29kKTjbP1HNabIFLFRga04
/TjSVZ2pjM1G7tvVIkvER+cROTdJW0VZIAUxPz/PvlsSPWQwg/O+YnzQTw3Mw5ww
Qi0NXtDWFZepLNLk6uWrIaiaQSWbZCJppvLFxInygTKwbFOrmqmMxaikQ/VeUU42
uHJTVRV0Z8fvql3ZrJSY+DxiQyfCFL4HBViDs3EHM7Iy+hekIoedwZ5O9wn9aA2G
FXVoyghgcQO1NJi8/0xsweblcRV0fZSiJdEtTrdc0TGoRealtVrWRvXMuN8m9Sqc
9m99JB13iArphZY4c7FZOr0v9OW52XhdZaL4N7GAGq15PIHmWiNTrngsUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCm/GVxXoYbQ+HuWyYkBlM2fjEvpMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvS2I4WlhGZWhodEQ0ZTViSmlRR1V6Wi1NUy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAQbVvAwQA
wPNuAwQAwPrhAwQAwPrnAwQAx2c6MA0GCSqGSIb3DQEBCwUAA4IBAQAhLygQ43Gf
imzoS2ywlxzgqitj5St+Nh2BvMMyeRslwd7IDk/uc+b67atrQn1KDPHOuHTdCbxi
htlYuFeFNdt3q2rwxzNAdXa9O+g8xpcccat2bDJ/3ZfQJdZi8k+CkzQZb6jjaC8p
WhNBtFL1ToyucEjxO6t1cEKTCojLs/nQtQHJQN1pB9fsIVcYE4X+x7WyJAaBJVqs
b0ACIOEAFY8lhGqmVPlpIGSztGgPV1v2/CL2fseBZ5ZCcZogsgjHKN9LdXQz4Geg
1O/polrfbOFMIRIPCfpYcTzxnsWMReMbSEMRadpY4rXyv+iV8l00WHt/DSscrdGS
zcOX6zItZ55H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:49 2024 by rpki-client on console-fra.rpki-client.org