Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/kfJpS1-Vl0XxXBwZufY8qr8wsUw.roa
File: kfJpS1-Vl0XxXBwZufY8qr8wsUw.roa (raw, json)
Hash identifier: QcjrBkjDwcuoIgQYW19+4d3m5NysyZsIWRyG4t6oJ3A=
Subject key identifier: 91:F2:69:4B:5F:95:97:45:F1:5C:1C:19:B9:F6:3C:AA:BF:30:B1:4C
Certificate issuer: /CN=c2e3fa87eb3169a7d2dd74453283021a2703c769
Certificate serial: 01856B8A036D8B61FB5C1F92DA2D92FD0BBD
Authority key identifier: C2:E3:FA:87:EB:31:69:A7:D2:DD:74:45:32:83:02:1A:27:03:C7:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wuP6h-sxaafS3XRFMoMCGicDx2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/kfJpS1-Vl0XxXBwZufY8qr8wsUw.roa
Signing time: Sun 01 Jan 2023 04:14:44 +0000
ROA not before: Sun 01 Jan 2023 04:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44923
IP address blocks: 185.24.52.0/22 maxlen: 22
93.92.200.0/21 maxlen: 21
2a00:6f60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:03:6d:8b:61:fb:5c:1f:92:da:2d:92:fd:0b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2e3fa87eb3169a7d2dd74453283021a2703c769
Validity
Not Before: Jan 1 04:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91f2694b5f959745f15c1c19b9f63caabf30b14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:71:0c:19:52:b5:eb:b6:0d:63:d2:ed:69:2e:
75:16:1e:62:18:45:69:95:1a:52:33:13:e5:d8:49:
0e:f8:d8:7b:99:af:af:18:35:3a:49:68:24:ba:94:
30:7c:49:9f:0a:0e:5b:2f:c4:c9:8d:ae:00:4f:6f:
18:ab:e0:e2:e7:85:3b:57:81:0a:93:96:1c:63:24:
c7:09:91:1f:32:7b:68:3a:62:6f:c4:78:55:80:c3:
6e:b3:b0:3b:95:8a:58:5d:cd:ef:d5:7d:08:34:89:
b6:e0:86:39:03:53:dc:19:7d:3f:82:47:f1:f1:56:
f8:28:cc:68:eb:4a:39:6e:b6:fc:b6:0d:ba:96:d2:
34:60:fc:39:50:be:21:44:9c:62:2c:b9:1a:33:69:
cf:30:d9:a4:6a:03:7d:00:3b:27:d7:ec:34:4d:a9:
a6:9b:a2:88:31:b7:c3:f3:78:a3:1e:9a:6e:7e:d3:
72:ce:2d:ac:fb:cc:b1:16:1a:c6:51:30:be:af:12:
b6:14:13:05:91:20:e5:9b:b1:eb:e7:2c:51:6d:b4:
d6:f2:52:af:b8:56:45:59:4c:44:4a:a8:68:28:08:
f5:95:13:de:03:cf:0a:a7:be:41:50:e6:4e:c4:2e:
9a:92:ae:92:7b:9e:fa:70:cc:8d:12:fb:86:14:ac:
b1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F2:69:4B:5F:95:97:45:F1:5C:1C:19:B9:F6:3C:AA:BF:30:B1:4C
X509v3 Authority Key Identifier:
keyid:C2:E3:FA:87:EB:31:69:A7:D2:DD:74:45:32:83:02:1A:27:03:C7:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wuP6h-sxaafS3XRFMoMCGicDx2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/kfJpS1-Vl0XxXBwZufY8qr8wsUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/wuP6h-sxaafS3XRFMoMCGicDx2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.92.200.0/21
185.24.52.0/22
IPv6:
2a00:6f60::/32
Signature Algorithm: sha256WithRSAEncryption
9f:1c:50:86:da:b5:8f:7f:71:bd:fd:48:f7:08:3a:2c:37:a4:
df:e9:85:e9:70:80:50:3b:b4:d5:f1:c4:01:44:62:32:83:3d:
de:7d:b6:39:8a:b6:cc:59:2e:29:21:c8:d9:30:e5:b2:13:71:
44:f7:8b:dc:db:bc:bb:4c:67:b3:0b:83:65:39:71:80:0b:1c:
13:69:73:31:55:0d:07:f3:02:e1:7d:0e:22:bc:c2:e8:2f:6e:
36:34:6c:51:0f:c1:dd:8e:6f:a9:ea:4b:4e:0a:f6:31:34:6e:
53:80:94:2f:43:b0:57:2e:a2:d0:a3:2b:3c:c8:37:50:8a:65:
9c:1e:a9:bc:4f:52:1a:d6:c6:52:62:d3:32:eb:55:47:44:03:
da:1c:29:9c:94:ae:b6:71:ac:a9:4c:67:da:37:17:02:6b:95:
09:f7:ce:49:5d:5e:ad:f8:0e:e1:b7:83:e7:80:70:05:99:5a:
23:4b:4e:84:a1:26:1c:7a:a0:6b:66:b2:ea:8f:7d:a6:52:c6:
5a:be:b5:4b:13:2b:67:8b:76:a6:68:fc:cb:09:96:8a:b1:dc:
60:50:e4:36:18:0b:10:bd:58:28:0d:90:7b:14:12:21:3b:e1:
a4:71:cb:69:d7:06:a5:19:5d:c8:dc:cd:67:43:d4:2b:85:2e:
56:64:ee:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrigNti2H7XB+S2i2S/Qu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZTNmYTg3ZWIzMTY5YTdkMmRkNzQ0NTMyODMwMjFhMjcw
M2M3NjkwHhcNMjMwMTAxMDQxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYyNjk0YjVmOTU5NzQ1ZjE1YzFjMTliOWY2M2NhYWJmMzBiMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHEMGVK167YNY9LtaS51Fh5iGEVp
lRpSMxPl2EkO+Nh7ma+vGDU6SWgkupQwfEmfCg5bL8TJja4AT28Yq+Di54U7V4EK
k5YcYyTHCZEfMntoOmJvxHhVgMNus7A7lYpYXc3v1X0INIm24IY5A1PcGX0/gkfx
8Vb4KMxo60o5brb8tg26ltI0YPw5UL4hRJxiLLkaM2nPMNmkagN9ADsn1+w0Tamm
m6KIMbfD83ijHppuftNyzi2s+8yxFhrGUTC+rxK2FBMFkSDlm7Hr5yxRbbTW8lKv
uFZFWUxESqhoKAj1lRPeA88Kp75BUOZOxC6akq6Se576cMyNEvuGFKyx8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJHyaUtflZdF8VwcGbn2PKq/MLFMMB8GA1UdIwQY
MBaAFMLj+ofrMWmn0t10RTKDAhonA8dpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VQNmgtc3hhYWZTM1hSRk1vTUNHaWNEeDJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85OWJhMjAtOWJiNy00MTcxLWFmNTYt
ZGZlNTY2NDExMDE2LzEva2ZKcFMxLVZsMFh4WEJ3WnVmWThxcjh3c1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85OWJhMjAtOWJiNy00MTcxLWFmNTYtZGZlNTY2NDExMDE2
LzEvd3VQNmgtc3hhYWZTM1hSRk1vTUNHaWNEeDJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXVzIAwQC
uRg0MA0EAgACMAcDBQAqAG9gMA0GCSqGSIb3DQEBCwUAA4IBAQCfHFCG2rWPf3G9
/Uj3CDosN6Tf6YXpcIBQO7TV8cQBRGIygz3efbY5irbMWS4pIcjZMOWyE3FE94vc
27y7TGezC4NlOXGACxwTaXMxVQ0H8wLhfQ4ivMLoL242NGxRD8Hdjm+p6ktOCvYx
NG5TgJQvQ7BXLqLQoys8yDdQimWcHqm8T1Ia1sZSYtMy61VHRAPaHCmclK62cayp
TGfaNxcCa5UJ985JXV6t+A7ht4PngHAFmVojS06EoSYceqBrZrLqj32mUsZavrVL
Eytni3amaPzLCZaKsdxgUOQ2GAsQvVgoDZB7FBIhO+Gkcctp1walGV3I3M1nQ9Qr
hS5WZO6D
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org