Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/ba6b0b-382e-440f-8db9-35afb5c248b6/1/KtmRkInYH24l-Hxo8fb5ketwXn4.roa
File: KtmRkInYH24l-Hxo8fb5ketwXn4.roa (raw, json)
Hash identifier: 2elNuNpR19Moo9HHvU/18765QXQ2Pniz9335Pq+THTY=
Subject key identifier: 2A:D9:91:90:89:D8:1F:6E:25:F8:7C:68:F1:F6:F9:91:EB:70:5E:7E
Certificate issuer: /CN=44818ef06efd6e22d471404ab538a4b9c807efe0
Certificate serial: 018570796668A9197D6663F6ACFB40CBE167
Authority key identifier: 44:81:8E:F0:6E:FD:6E:22:D4:71:40:4A:B5:38:A4:B9:C8:07:EF:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIGO8G79biLUcUBKtTikucgH7-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/ba6b0b-382e-440f-8db9-35afb5c248b6/1/KtmRkInYH24l-Hxo8fb5ketwXn4.roa
Signing time: Mon 02 Jan 2023 03:14:42 +0000
ROA not before: Mon 02 Jan 2023 03:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12290
IP address blocks: 178.250.72.0/21 maxlen: 21
2a02:1658::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:66:68:a9:19:7d:66:63:f6:ac:fb:40:cb:e1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44818ef06efd6e22d471404ab538a4b9c807efe0
Validity
Not Before: Jan 2 03:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ad9919089d81f6e25f87c68f1f6f991eb705e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b0:4c:61:e4:0c:1f:ea:2e:09:31:ea:c5:9f:
f4:14:62:aa:28:ae:ef:50:12:51:fb:38:eb:fd:57:
dd:36:9d:41:a0:dc:9f:f4:14:f2:60:e4:f1:0b:fd:
71:aa:05:95:d3:f2:57:dd:66:6b:06:1b:5e:3b:20:
55:17:9e:ef:16:08:5a:90:f2:a4:d1:f1:39:6c:f1:
e2:9b:c0:cb:9c:92:3e:58:7e:23:2d:ff:64:55:e5:
c6:15:55:2b:33:da:6f:6c:45:1e:5f:cd:eb:4d:21:
8b:07:d2:9a:c6:2b:ab:a5:90:b4:41:19:8c:44:fa:
28:26:72:b6:d1:c8:89:82:83:36:2e:2c:fa:82:50:
b0:d2:ad:db:10:0f:73:2a:c7:8d:b9:57:ef:1e:ba:
4c:21:61:ab:56:ac:7c:95:70:cc:44:28:97:66:55:
e3:ff:71:78:1a:c7:ac:00:a6:32:bb:40:5c:50:42:
c4:3b:42:8a:5c:4a:1f:d1:af:8a:11:12:85:ef:f3:
d2:70:49:35:f7:dd:e6:08:60:ec:d9:74:11:14:24:
1e:2b:eb:12:13:8f:24:d5:82:9b:c9:79:a5:ee:bc:
c6:a5:fb:40:b5:28:58:11:c3:59:f8:07:6a:0d:b4:
19:e0:aa:34:0e:b6:ed:97:fd:cb:47:72:51:75:bf:
62:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D9:91:90:89:D8:1F:6E:25:F8:7C:68:F1:F6:F9:91:EB:70:5E:7E
X509v3 Authority Key Identifier:
keyid:44:81:8E:F0:6E:FD:6E:22:D4:71:40:4A:B5:38:A4:B9:C8:07:EF:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIGO8G79biLUcUBKtTikucgH7-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/ba6b0b-382e-440f-8db9-35afb5c248b6/1/KtmRkInYH24l-Hxo8fb5ketwXn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/ba6b0b-382e-440f-8db9-35afb5c248b6/1/RIGO8G79biLUcUBKtTikucgH7-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.72.0/21
IPv6:
2a02:1658::/32
Signature Algorithm: sha256WithRSAEncryption
9b:28:8c:33:41:10:0e:87:5b:da:e9:f7:00:c9:7e:4e:d5:50:
9d:1d:3c:04:d7:cc:1a:84:64:d6:40:9d:63:4c:d2:8d:5a:90:
c8:ae:f7:a1:43:b2:98:d9:2f:4f:26:35:07:54:60:89:b4:9b:
dc:0c:07:d8:da:59:7b:fe:bb:b8:02:b0:9e:e4:8a:f4:5c:6d:
62:0d:14:a1:20:7c:69:14:90:f9:79:0f:3b:cc:d4:c4:3e:b2:
08:7d:f5:78:9a:af:e0:1f:14:a3:9d:32:15:b9:c4:13:eb:cb:
1e:6d:1b:3d:65:cf:a4:d9:86:ef:b5:ce:b1:05:d5:ce:8e:ea:
79:a0:d1:7b:42:d0:01:e4:54:09:d0:ae:83:5c:cd:52:07:19:
45:17:a8:2d:5b:38:2e:61:8d:1b:88:09:3e:8a:5b:fc:21:50:
47:f9:a1:d7:9e:50:db:7f:e8:ea:c4:a2:02:38:2b:1b:eb:5c:
5e:e8:2e:55:b6:bb:84:68:05:5b:27:fb:c6:95:bc:be:da:e1:
71:93:d2:3e:3a:f5:f1:93:d0:29:f9:71:6b:08:db:7e:fa:57:
9a:bf:fa:b8:8d:73:6f:84:e5:6d:e9:32:33:f8:02:1b:d2:77:
af:d2:99:b0:3e:f6:ff:72:b8:ab:c4:04:13:cb:85:44:f7:76:
20:cd:19:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweWZoqRl9ZmP2rPtAy+FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ODE4ZWYwNmVmZDZlMjJkNDcxNDA0YWI1MzhhNGI5Yzgw
N2VmZTAwHhcNMjMwMTAyMDMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQ5OTE5MDg5ZDgxZjZlMjVmODdjNjhmMWY2Zjk5MWViNzA1ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrBMYeQMH+ouCTHqxZ/0FGKqKK7v
UBJR+zjr/VfdNp1BoNyf9BTyYOTxC/1xqgWV0/JX3WZrBhteOyBVF57vFghakPKk
0fE5bPHim8DLnJI+WH4jLf9kVeXGFVUrM9pvbEUeX83rTSGLB9KaxiurpZC0QRmM
RPooJnK20ciJgoM2Liz6glCw0q3bEA9zKseNuVfvHrpMIWGrVqx8lXDMRCiXZlXj
/3F4GsesAKYyu0BcUELEO0KKXEof0a+KERKF7/PScEk1993mCGDs2XQRFCQeK+sS
E48k1YKbyXml7rzGpftAtShYEcNZ+AdqDbQZ4Ko0Drbtl/3LR3JRdb9ilwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCrZkZCJ2B9uJfh8aPH2+ZHrcF5+MB8GA1UdIwQY
MBaAFESBjvBu/W4i1HFASrU4pLnIB+/gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUklHTzhHNzliaUxVY1VCS3RUaWt1Y2dINy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iYTZiMGItMzgyZS00NDBmLThkYjkt
MzVhZmI1YzI0OGI2LzEvS3RtUmtJbllIMjRsLUh4bzhmYjVrZXR3WG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iYTZiMGItMzgyZS00NDBmLThkYjktMzVhZmI1YzI0OGI2
LzEvUklHTzhHNzliaUxVY1VCS3RUaWt1Y2dINy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsvpIMA0E
AgACMAcDBQAqAhZYMA0GCSqGSIb3DQEBCwUAA4IBAQCbKIwzQRAOh1va6fcAyX5O
1VCdHTwE18wahGTWQJ1jTNKNWpDIrvehQ7KY2S9PJjUHVGCJtJvcDAfY2ll7/ru4
ArCe5Ir0XG1iDRShIHxpFJD5eQ87zNTEPrIIffV4mq/gHxSjnTIVucQT68sebRs9
Zc+k2Ybvtc6xBdXOjup5oNF7QtAB5FQJ0K6DXM1SBxlFF6gtWzguYY0biAk+ilv8
IVBH+aHXnlDbf+jqxKICOCsb61xe6C5VtruEaAVbJ/vGlby+2uFxk9I+OvXxk9Ap
+XFrCNt++leav/q4jXNvhOVt6TIz+AIb0nev0pmwPvb/crirxAQTy4VE93YgzRni
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:03 2024 by rpki-client on console-ams.rpki-client.org