Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/KTT9hh47G0X35JoXsXu8vl0PN4A.roa
File: KTT9hh47G0X35JoXsXu8vl0PN4A.roa (raw, json)
Hash identifier: 8PgRu1nhfxEmwYKegrbqo5yMBW/XNZD32U0y5zVLCNI=
Subject key identifier: 29:34:FD:86:1E:3B:1B:45:F7:E4:9A:17:B1:7B:BC:BE:5D:0F:37:80
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 0190DE67214D31D1881D9CA6C37ABB3DB18A
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/KTT9hh47G0X35JoXsXu8vl0PN4A.roa
Signing time: Tue 23 Jul 2024 07:03:38 +0000
ROA not before: Tue 23 Jul 2024 07:03:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 185.98.130.0/24 maxlen: 24
185.135.132.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 08 Aug 2024 06:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:de:67:21:4d:31:d1:88:1d:9c:a6:c3:7a:bb:3d:b1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jul 23 07:03:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2934fd861e3b1b45f7e49a17b17bbcbe5d0f3780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1a:c9:d9:96:9f:dd:86:fb:f2:be:ef:56:45:
42:9e:73:6b:1e:b9:75:53:83:ae:64:ca:97:bb:ee:
2c:12:1d:9d:0a:a1:ff:4f:03:8c:42:27:b9:66:f2:
9f:b6:a0:26:97:d6:6e:c2:ae:b4:5f:2f:e9:a9:a2:
6c:92:5f:18:a8:3c:3b:f6:91:f3:38:6d:c0:dc:05:
22:38:43:31:1b:c1:2b:ca:e8:a5:71:f6:0e:61:87:
95:c5:4a:c9:07:61:76:b0:8c:ce:93:52:91:4f:91:
c6:52:9f:01:2d:69:d5:4f:db:9f:3f:29:f2:13:8d:
c5:cc:52:3a:ec:11:05:56:32:15:40:69:7f:2e:cd:
e5:68:53:5a:6b:f9:bb:4c:82:6b:87:53:15:ad:9f:
1a:14:31:b7:fa:ee:bc:45:04:3f:64:a0:09:db:c9:
a4:d1:ba:60:c5:9f:ce:13:3b:0f:90:7b:45:77:94:
91:d3:ef:14:5e:32:b4:66:69:68:03:1c:4f:5c:d3:
02:d2:e3:3c:dc:8e:4e:fe:03:2c:38:2c:4d:34:ea:
eb:81:6c:0d:01:2f:2b:89:cd:61:b4:1c:e4:61:42:
e7:98:9b:a6:b8:63:36:e1:f7:8d:cb:6a:ad:57:4d:
aa:66:11:33:04:18:36:d5:9d:5f:0a:76:53:b3:d3:
55:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:34:FD:86:1E:3B:1B:45:F7:E4:9A:17:B1:7B:BC:BE:5D:0F:37:80
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/KTT9hh47G0X35JoXsXu8vl0PN4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.130.0/24
185.135.132.0/23
Signature Algorithm: sha256WithRSAEncryption
85:63:3c:d7:6d:99:29:3a:5f:8d:e2:41:0e:bf:64:7f:50:79:
77:9e:ed:f6:9f:b4:39:cd:46:fc:49:9f:7e:4d:62:20:a0:bb:
81:2f:5f:44:23:60:47:a3:6a:42:da:4c:fa:3d:b7:76:e3:5c:
8c:d7:9a:ae:ab:ee:93:f0:83:49:0c:0b:e3:6b:14:db:cb:43:
4f:51:57:ce:2d:90:b9:d2:74:8a:fc:5a:5c:b8:61:a2:15:71:
53:4f:38:5e:5f:34:1c:c2:2e:48:57:7f:0a:9a:57:ce:5d:0d:
40:b5:18:be:40:96:61:fe:21:c5:13:bd:b0:23:ce:ef:18:3d:
dc:cb:63:d1:f2:e7:c1:1c:be:c8:de:73:e8:42:c7:45:7b:4f:
8b:de:bd:32:c0:3d:95:6c:16:19:60:ca:b6:98:07:20:98:93:
cd:23:81:3d:e5:6d:b1:c1:b7:3b:5a:45:24:88:7a:4e:f1:ab:
e1:45:7f:43:94:76:b4:d0:da:9f:bd:0e:0b:54:2a:f9:f7:d4:
7d:b8:8a:79:aa:9f:59:d5:f0:58:b2:71:53:69:88:ea:e2:e9:
32:fa:7f:43:f0:59:df:64:5c:32:2a:92:ab:dd:75:55:7f:3a:
d4:df:8f:20:8d:7e:a9:1b:c1:84:37:39:b7:d4:64:76:0d:c6:
46:ea:f7:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDeZyFNMdGIHZymw3q7PbGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjQwNzIzMDcwMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM0ZmQ4NjFlM2IxYjQ1ZjdlNDlhMTdiMTdiYmNiZTVkMGYzNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBrJ2Zaf3Yb78r7vVkVCnnNrHrl1
U4OuZMqXu+4sEh2dCqH/TwOMQie5ZvKftqAml9Zuwq60Xy/pqaJskl8YqDw79pHz
OG3A3AUiOEMxG8EryuilcfYOYYeVxUrJB2F2sIzOk1KRT5HGUp8BLWnVT9ufPyny
E43FzFI67BEFVjIVQGl/Ls3laFNaa/m7TIJrh1MVrZ8aFDG3+u68RQQ/ZKAJ28mk
0bpgxZ/OEzsPkHtFd5SR0+8UXjK0ZmloAxxPXNMC0uM83I5O/gMsOCxNNOrrgWwN
AS8ric1htBzkYULnmJumuGM24feNy2qtV02qZhEzBBg21Z1fCnZTs9NVCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCk0/YYeOxtF9+SaF7F7vL5dDzeAMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvS1RUOWhoNDdHMFgzNUpvWHNYdTh2bDBQTjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWKCAwQB
uYeEMA0GCSqGSIb3DQEBCwUAA4IBAQCFYzzXbZkpOl+N4kEOv2R/UHl3nu32n7Q5
zUb8SZ9+TWIgoLuBL19EI2BHo2pC2kz6Pbd241yM15quq+6T8INJDAvjaxTby0NP
UVfOLZC50nSK/FpcuGGiFXFTTzheXzQcwi5IV38KmlfOXQ1AtRi+QJZh/iHFE72w
I87vGD3cy2PR8ufBHL7I3nPoQsdFe0+L3r0ywD2VbBYZYMq2mAcgmJPNI4E95W2x
wbc7WkUkiHpO8avhRX9DlHa00NqfvQ4LVCr599R9uIp5qp9Z1fBYsnFTaYjq4uky
+n9D8FnfZFwyKpKr3XVVfzrU348gjX6pG8GENzm31GR2DcZG6veh
-----END CERTIFICATE-----
Generated at Thu Aug 8 08:00:14 2024 by rpki-client on console-ams.rpki-client.org