Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/KjAU5hSFxGZJabz98RGcJy1gNzs.roa
File: KjAU5hSFxGZJabz98RGcJy1gNzs.roa (raw, json)
Hash identifier: t0HU3uWFnO29TpL7bqUuj+v1u70l8Kbcmc5O1dM+piw=
Subject key identifier: 2A:30:14:E6:14:85:C4:66:49:69:BC:FD:F1:11:9C:27:2D:60:37:3B
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0188DD76E41DBD9030C72671C85462DA3F45
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/KjAU5hSFxGZJabz98RGcJy1gNzs.roa
Signing time: Wed 21 Jun 2023 10:18:56 +0000
ROA not before: Wed 21 Jun 2023 10:18:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:76:e4:1d:bd:90:30:c7:26:71:c8:54:62:da:3f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jun 21 10:18:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a3014e61485c4664969bcfdf1119c272d60373b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:03:9b:58:b6:78:c5:2a:b3:75:2e:8e:72:4b:
b2:c3:34:64:6c:98:70:9e:98:c6:e2:71:64:18:8a:
0d:c2:54:a6:33:a6:96:03:dd:ce:36:41:92:9d:06:
16:f2:cd:26:ba:da:b9:a9:44:ed:ff:70:7d:9f:82:
8f:20:ba:51:8d:ca:17:3b:2a:4a:28:a7:74:52:07:
a7:ae:c1:3e:61:98:b1:12:28:99:c8:bd:79:0d:66:
f4:f4:c1:9e:a8:4a:63:5e:d5:68:a7:fc:75:93:ad:
62:5e:5e:7f:8b:27:0f:17:09:a5:8d:ad:f6:f6:d6:
f7:ce:10:ae:68:32:bc:c1:17:e4:87:68:a3:61:4f:
db:da:a5:4b:79:2c:9f:b2:e2:5c:ce:3c:61:ab:19:
88:1f:5d:aa:ff:71:5c:4c:6f:7b:54:9b:c0:fd:21:
73:f0:3f:99:b2:65:0a:ea:be:c0:15:1f:d8:2b:53:
b9:c3:28:e7:90:d2:5d:d7:88:12:2f:d3:55:2a:58:
e7:2b:9d:ae:6b:44:c7:87:ee:04:40:0a:53:33:3b:
f3:05:15:21:42:c1:c4:4b:9b:f0:39:db:f3:6e:f7:
4f:7d:a7:ff:eb:34:e1:7b:1c:0e:a7:42:64:4b:ff:
f9:1b:43:d5:4e:2b:80:50:a1:96:9c:68:4e:48:87:
99:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:30:14:E6:14:85:C4:66:49:69:BC:FD:F1:11:9C:27:2D:60:37:3B
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/KjAU5hSFxGZJabz98RGcJy1gNzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:1a:59:fb:42:5e:f6:01:00:7e:b0:07:7e:02:fd:4f:04:1a:
a0:d2:36:77:26:29:12:c5:98:51:d8:72:8c:28:8a:7d:64:95:
2d:92:3d:ba:e5:12:f4:a7:3f:2a:dd:5e:c2:16:07:b2:79:05:
28:1a:73:ea:8c:8c:ca:3c:6c:a0:40:b1:b2:74:25:7e:22:9c:
53:a2:8d:5f:d7:5b:e4:13:ac:3d:71:03:e9:42:40:e7:87:fc:
3f:1d:6b:9e:b3:e4:12:32:05:af:e7:ec:1b:e7:26:18:51:9a:
27:5c:fd:64:c2:cc:59:15:4d:1a:e0:9d:82:6c:e1:b6:35:69:
22:38:c8:9b:37:29:cf:58:8f:32:ff:8f:21:ad:1d:1b:e8:67:
02:ea:85:ff:12:d8:ed:b4:e0:5d:10:95:17:4e:00:36:2f:b1:
6f:5a:7a:fc:bd:ec:98:83:10:b1:50:f5:c8:86:ac:03:d6:39:
a3:a4:bf:cd:e9:a1:9e:54:26:ae:ad:10:52:c0:df:0e:42:bc:
cc:99:af:00:0c:66:c7:8c:8b:10:61:2f:20:2f:63:03:29:2b:
fa:89:de:c0:df:34:78:7a:ba:5e:72:ff:6b:03:1d:19:64:c8:
7b:dd:de:8b:5c:11:d2:a2:f3:0a:b2:e1:2f:59:c6:14:a1:50:
4f:29:f6:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjdduQdvZAwxyZxyFRi2j9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjMwNjIxMTAxODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMwMTRlNjE0ODVjNDY2NDk2OWJjZmRmMTExOWMyNzJkNjAzNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAObWLZ4xSqzdS6OckuywzRkbJhw
npjG4nFkGIoNwlSmM6aWA93ONkGSnQYW8s0mutq5qUTt/3B9n4KPILpRjcoXOypK
KKd0UgenrsE+YZixEiiZyL15DWb09MGeqEpjXtVop/x1k61iXl5/iycPFwmlja32
9tb3zhCuaDK8wRfkh2ijYU/b2qVLeSyfsuJczjxhqxmIH12q/3FcTG97VJvA/SFz
8D+ZsmUK6r7AFR/YK1O5wyjnkNJd14gSL9NVKljnK52ua0THh+4EQApTMzvzBRUh
QsHES5vwOdvzbvdPfaf/6zThexwOp0JkS//5G0PVTiuAUKGWnGhOSIeZ8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCowFOYUhcRmSWm8/fERnCctYDc7MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvS2pBVTVoU0Z4R1pKYWJ6OThSR2NKeTFnTnpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQARTmsMA0G
CSqGSIb3DQEBCwUAA4IBAQCPGln7Ql72AQB+sAd+Av1PBBqg0jZ3JikSxZhR2HKM
KIp9ZJUtkj265RL0pz8q3V7CFgeyeQUoGnPqjIzKPGygQLGydCV+IpxToo1f11vk
E6w9cQPpQkDnh/w/HWues+QSMgWv5+wb5yYYUZonXP1kwsxZFU0a4J2CbOG2NWki
OMibNynPWI8y/48hrR0b6GcC6oX/EtjttOBdEJUXTgA2L7FvWnr8veyYgxCxUPXI
hqwD1jmjpL/N6aGeVCaurRBSwN8OQrzMma8ADGbHjIsQYS8gL2MDKSv6id7A3zR4
erpecv9rAx0ZZMh73d6LXBHSovMKsuEvWcYUoVBPKfb0
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:26 2024 by rpki-client on console-ams.rpki-client.org