Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/KlgZucyXGgMZhaNHBlx8nPZNYng.roa
File: KlgZucyXGgMZhaNHBlx8nPZNYng.roa (raw, json)
Hash identifier: hO+3n/1pw4I2xE2r1zTB2RR7SIoB8+E5wZ6XcyoF7Xg=
Subject key identifier: 2A:58:19:B9:CC:97:1A:03:19:85:A3:47:06:5C:7C:9C:F6:4D:62:78
Certificate issuer: /CN=c6abd373cc595060f1a33076b53e1162512c3cd7
Certificate serial: 01856F5DAB3891377E43DD96764C33127B03
Authority key identifier: C6:AB:D3:73:CC:59:50:60:F1:A3:30:76:B5:3E:11:62:51:2C:3C:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqvTc8xZUGDxozB2tT4RYlEsPNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/KlgZucyXGgMZhaNHBlx8nPZNYng.roa
Signing time: Sun 01 Jan 2023 22:04:47 +0000
ROA not before: Sun 01 Jan 2023 22:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52070
IP address blocks: 178.21.41.0/24 maxlen: 24
178.21.40.0/24 maxlen: 24
178.21.40.0/23 maxlen: 23
2a01:9800::/35 maxlen: 35
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:ab:38:91:37:7e:43:dd:96:76:4c:33:12:7b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6abd373cc595060f1a33076b53e1162512c3cd7
Validity
Not Before: Jan 1 22:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a5819b9cc971a031985a347065c7c9cf64d6278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:9e:9f:9d:6f:85:db:c6:84:9a:d3:ef:a8:
91:10:5b:d7:f4:e4:64:10:84:3d:13:10:32:3c:ab:
62:6a:08:0d:b2:7b:84:e2:01:4c:ac:b1:b8:a1:6c:
ed:2a:f3:08:77:65:01:f3:6c:78:a9:90:29:e2:b8:
4f:3a:33:e6:30:40:a5:ac:2e:c8:64:c1:4e:80:77:
1d:78:80:d4:f0:01:6a:7e:1c:98:29:6e:8e:2f:55:
b2:e6:70:7e:13:c2:7c:45:3b:ce:1a:28:47:4d:46:
b3:93:39:82:1b:ca:11:a8:f7:e3:c6:68:66:3c:ad:
21:49:06:36:54:25:85:0a:45:23:fc:92:df:76:76:
79:3a:85:b5:02:ee:80:cd:3e:79:87:b8:48:58:ba:
5d:f7:23:db:11:24:d0:5f:f5:a5:fe:ac:41:f8:97:
ab:04:98:63:51:41:c7:67:c8:0f:b0:02:79:f1:9b:
60:a4:b0:58:ba:f4:b0:27:35:a1:f4:54:72:d5:88:
12:bf:c5:37:83:a9:6b:48:3a:c4:22:35:d2:db:16:
17:13:37:02:5c:9a:24:fd:05:a9:70:c4:96:f5:0d:
87:86:2a:c6:5c:18:70:5d:fa:cf:77:8d:77:5c:62:
cf:23:86:2f:5d:d3:c4:4d:69:cf:30:a2:33:44:01:
ce:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:58:19:B9:CC:97:1A:03:19:85:A3:47:06:5C:7C:9C:F6:4D:62:78
X509v3 Authority Key Identifier:
keyid:C6:AB:D3:73:CC:59:50:60:F1:A3:30:76:B5:3E:11:62:51:2C:3C:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqvTc8xZUGDxozB2tT4RYlEsPNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/KlgZucyXGgMZhaNHBlx8nPZNYng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/xqvTc8xZUGDxozB2tT4RYlEsPNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.40.0/23
IPv6:
2a01:9800::/35
Signature Algorithm: sha256WithRSAEncryption
05:96:a1:6c:3b:f9:a4:77:10:2f:d4:b3:52:77:bc:c7:08:a2:
3b:5c:4e:fe:e3:0f:06:fe:66:24:03:c4:96:54:b0:02:4c:7f:
cc:49:e0:c4:7f:2e:1f:ac:03:10:43:5a:b9:2b:bc:df:4a:39:
1f:43:8c:2a:62:fe:7e:e4:85:8b:7c:b8:eb:1d:6d:e7:40:8b:
ec:6b:fc:bc:0b:20:1c:83:ca:df:36:f3:72:60:69:28:f4:10:
68:c0:4b:38:59:0c:9e:c7:df:a1:1c:06:4b:df:cb:ff:5d:4a:
24:cb:93:7c:9d:d3:7b:d9:98:d7:24:b8:07:59:f1:da:fb:df:
13:2a:49:58:51:88:57:67:3a:a9:1b:37:20:23:32:77:b2:c4:
b8:bf:db:a0:b4:f3:68:80:03:20:2d:ff:3a:08:87:37:e3:93:
8b:b6:13:c6:e7:d1:c8:a3:1c:23:b0:b1:70:24:0b:70:e2:30:
ca:50:08:33:ad:b4:25:b7:d9:96:e4:12:8b:4e:a3:13:36:9f:
53:8c:c2:18:27:bf:cf:2c:70:f4:66:2f:da:11:5c:df:fe:d5:
7a:30:57:c1:56:06:4d:ba:10:a0:aa:4f:57:7e:3a:1b:20:ea:
93:2b:07:2f:30:31:8f:a1:7c:b0:cb:dd:c8:0b:5f:29:c4:4a:
93:e1:e4:dd
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvXas4kTd+Q92WdkwzEnsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWJkMzczY2M1OTUwNjBmMWEzMzA3NmI1M2UxMTYyNTEy
YzNjZDcwHhcNMjMwMTAxMjIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU4MTliOWNjOTcxYTAzMTk4NWEzNDcwNjVjN2M5Y2Y2NGQ2Mjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVmen51vhdvGhJrT76iREFvX9ORk
EIQ9ExAyPKtiaggNsnuE4gFMrLG4oWztKvMId2UB82x4qZAp4rhPOjPmMEClrC7I
ZMFOgHcdeIDU8AFqfhyYKW6OL1Wy5nB+E8J8RTvOGihHTUazkzmCG8oRqPfjxmhm
PK0hSQY2VCWFCkUj/JLfdnZ5OoW1Au6AzT55h7hIWLpd9yPbESTQX/Wl/qxB+Jer
BJhjUUHHZ8gPsAJ58ZtgpLBYuvSwJzWh9FRy1YgSv8U3g6lrSDrEIjXS2xYXEzcC
XJok/QWpcMSW9Q2HhirGXBhwXfrPd413XGLPI4YvXdPETWnPMKIzRAHORwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCpYGbnMlxoDGYWjRwZcfJz2TWJ4MB8GA1UdIwQY
MBaAFMar03PMWVBg8aMwdrU+EWJRLDzXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHF2VGM4eFpVR0R4b3pCMnRUNFJZbEVzUE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kZDJjZGQtOTY4NC00MWNhLTgwMTUt
OWYxNTBjOGVhOTcxLzEvS2xnWnVjeVhHZ01aaGFOSEJseDhuUFpOWW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kZDJjZGQtOTY4NC00MWNhLTgwMTUtOWYxNTBjOGVhOTcx
LzEveHF2VGM4eFpVR0R4b3pCMnRUNFJZbEVzUE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBshUoMA4E
AgACMAgDBgUqAZgAADANBgkqhkiG9w0BAQsFAAOCAQEABZahbDv5pHcQL9SzUne8
xwiiO1xO/uMPBv5mJAPEllSwAkx/zEngxH8uH6wDEENauSu830o5H0OMKmL+fuSF
i3y46x1t50CL7Gv8vAsgHIPK3zbzcmBpKPQQaMBLOFkMnsffoRwGS9/L/11KJMuT
fJ3Te9mY1yS4B1nx2vvfEypJWFGIV2c6qRs3ICMyd7LEuL/boLTzaIADIC3/OgiH
N+OTi7YTxufRyKMcI7CxcCQLcOIwylAIM620JbfZluQSi06jEzafU4zCGCe/zyxw
9GYv2hFc3/7VejBXwVYGTboQoKpPV346GyDqkysHLzAxj6F8sMvdyAtfKcRKk+Hk
3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:54 2024 by rpki-client on console-fra.rpki-client.org