Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/KfnPPURIWnsVc2yu6mS2He1Sq_c.roa
File: KfnPPURIWnsVc2yu6mS2He1Sq_c.roa (raw, json)
Hash identifier: IIAcd91sbnpH0dFNktelm/6vKQJIFZm3I5R2wg8P7hk=
Subject key identifier: 29:F9:CF:3D:44:48:5A:7B:15:73:6C:AE:EA:64:B6:1D:ED:52:AB:F7
Certificate issuer: /CN=a8847f64567e4aa4ad5cb7fc22f22df4e2bc6978
Certificate serial: 01856E81ED81DA1CFFF0B42886CF0130AF54
Authority key identifier: A8:84:7F:64:56:7E:4A:A4:AD:5C:B7:FC:22:F2:2D:F4:E2:BC:69:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIR_ZFZ-SqStXLf8IvIt9OK8aXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/KfnPPURIWnsVc2yu6mS2He1Sq_c.roa
Signing time: Sun 01 Jan 2023 18:04:46 +0000
ROA not before: Sun 01 Jan 2023 18:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208221
IP address blocks: 45.153.12.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:ed:81:da:1c:ff:f0:b4:28:86:cf:01:30:af:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8847f64567e4aa4ad5cb7fc22f22df4e2bc6978
Validity
Not Before: Jan 1 18:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29f9cf3d44485a7b15736caeea64b61ded52abf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b9:97:23:b1:c2:0a:94:bc:d8:01:3c:72:38:
a9:53:89:6d:44:ad:42:e1:bd:38:df:ba:9f:39:23:
47:e9:78:f9:26:4e:b7:1f:e3:a2:35:31:9c:f2:7d:
0a:7f:20:2f:cf:9e:1f:fb:6c:9a:e3:1b:3a:63:31:
c0:72:23:c6:23:da:43:2b:46:33:bf:d5:5d:71:9d:
53:66:2d:fd:cd:ca:e2:18:49:6d:74:50:5b:e5:15:
76:8c:6f:1f:25:a5:0d:79:f6:09:be:0a:2c:aa:7b:
99:30:5c:68:43:aa:b9:4a:2c:57:ca:ac:b5:6c:8d:
b5:de:0e:5f:33:ee:81:fc:a2:d6:78:94:5e:05:c8:
a5:31:02:3c:f8:87:49:37:30:e3:9b:b8:1c:28:51:
fe:8c:a8:2a:98:ed:76:5e:b6:5a:fb:08:33:e2:c9:
41:ec:fe:1f:cb:92:61:e4:13:49:34:20:22:68:07:
9f:13:29:65:9f:73:0b:1f:7e:59:94:81:2c:ff:29:
fe:64:3a:4a:12:7d:bf:b4:d9:4c:e6:08:87:43:bc:
6f:08:85:68:a1:d4:a5:46:59:01:58:28:74:20:6f:
53:f2:1a:7f:76:af:13:55:25:d4:da:1e:d2:55:db:
ff:87:45:22:4f:41:08:c4:b2:13:19:67:72:06:53:
54:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F9:CF:3D:44:48:5A:7B:15:73:6C:AE:EA:64:B6:1D:ED:52:AB:F7
X509v3 Authority Key Identifier:
keyid:A8:84:7F:64:56:7E:4A:A4:AD:5C:B7:FC:22:F2:2D:F4:E2:BC:69:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIR_ZFZ-SqStXLf8IvIt9OK8aXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/KfnPPURIWnsVc2yu6mS2He1Sq_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/17af94-7214-4adb-b304-10255718a185/1/qIR_ZFZ-SqStXLf8IvIt9OK8aXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.12.0/22
Signature Algorithm: sha256WithRSAEncryption
73:0e:9f:f3:cd:a8:1c:4d:1c:ad:19:e8:9b:88:15:8c:8b:6f:
00:d4:a5:1c:f3:e7:9e:00:3e:94:fd:0a:47:33:96:bd:6d:55:
a0:9f:ac:c9:44:c0:5d:78:bc:fa:6b:53:f5:91:92:77:57:13:
97:b2:b8:7e:a2:3a:9f:5c:c8:9f:14:09:34:a3:22:5c:aa:e6:
6d:31:33:4e:75:9b:41:3f:1e:4a:c4:64:19:47:63:02:8b:a9:
7d:e2:c4:b3:1f:76:c3:35:aa:7d:1a:6f:03:4b:b5:f6:72:6f:
3e:7c:f8:2a:08:9e:dc:9b:39:01:1e:3c:f9:20:75:e8:4a:29:
42:c8:3b:e4:29:c6:07:93:46:30:7f:b7:66:c5:47:29:31:ff:
6e:42:6f:18:66:ef:79:c5:4d:87:d1:9e:54:6f:ce:7f:1e:f6:
be:3c:e1:2a:1b:e1:62:da:25:70:9b:78:2d:b9:ff:32:c7:91:
41:4a:ce:3c:45:05:54:87:97:d2:a1:5e:6d:63:7d:2a:97:8d:
88:9f:95:b0:e1:6c:c4:02:be:7f:c0:60:1c:30:db:ee:72:45:
86:45:3f:5c:10:2c:eb:23:97:57:63:80:88:f2:20:ed:b5:a9:
3b:d4:a6:78:12:f9:19:31:05:69:7e:3a:23:f8:89:87:77:35:
63:d4:b9:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuge2B2hz/8LQohs8BMK9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODQ3ZjY0NTY3ZTRhYTRhZDVjYjdmYzIyZjIyZGY0ZTJi
YzY5NzgwHhcNMjMwMTAxMTgwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY5Y2YzZDQ0NDg1YTdiMTU3MzZjYWVlYTY0YjYxZGVkNTJhYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbmXI7HCCpS82AE8cjipU4ltRK1C
4b0437qfOSNH6Xj5Jk63H+OiNTGc8n0KfyAvz54f+2ya4xs6YzHAciPGI9pDK0Yz
v9VdcZ1TZi39zcriGEltdFBb5RV2jG8fJaUNefYJvgosqnuZMFxoQ6q5SixXyqy1
bI213g5fM+6B/KLWeJReBcilMQI8+IdJNzDjm7gcKFH+jKgqmO12XrZa+wgz4slB
7P4fy5Jh5BNJNCAiaAefEylln3MLH35ZlIEs/yn+ZDpKEn2/tNlM5giHQ7xvCIVo
odSlRlkBWCh0IG9T8hp/dq8TVSXU2h7SVdv/h0UiT0EIxLITGWdyBlNUZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCn5zz1ESFp7FXNsrupkth3tUqv3MB8GA1UdIwQY
MBaAFKiEf2RWfkqkrVy3/CLyLfTivGl4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlSX1pGWi1TcVN0WExmOEl2SXQ5T0s4YVhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xN2FmOTQtNzIxNC00YWRiLWIzMDQt
MTAyNTU3MThhMTg1LzEvS2ZuUFBVUklXbnNWYzJ5dTZtUzJIZTFTcV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xN2FmOTQtNzIxNC00YWRiLWIzMDQtMTAyNTU3MThhMTg1
LzEvcUlSX1pGWi1TcVN0WExmOEl2SXQ5T0s4YVhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZkMMA0G
CSqGSIb3DQEBCwUAA4IBAQBzDp/zzagcTRytGeibiBWMi28A1KUc8+eeAD6U/QpH
M5a9bVWgn6zJRMBdeLz6a1P1kZJ3VxOXsrh+ojqfXMifFAk0oyJcquZtMTNOdZtB
Px5KxGQZR2MCi6l94sSzH3bDNap9Gm8DS7X2cm8+fPgqCJ7cmzkBHjz5IHXoSilC
yDvkKcYHk0Ywf7dmxUcpMf9uQm8YZu95xU2H0Z5Ub85/Hva+POEqG+Fi2iVwm3gt
uf8yx5FBSs48RQVUh5fSoV5tY30ql42In5Ww4WzEAr5/wGAcMNvuckWGRT9cECzr
I5dXY4CI8iDttak71KZ4EvkZMQVpfjoj+ImHdzVj1LkQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:26 2024 by rpki-client on console-ams.rpki-client.org