Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/ksgdd0UeJfF9s9qSbphvWkg2j-o.roa
File: ksgdd0UeJfF9s9qSbphvWkg2j-o.roa (raw, json)
Hash identifier: TKTkSHjay0C57rpbwi/T17TJT0/6r2iLglYUh/OkWgw=
Subject key identifier: 92:C8:1D:77:45:1E:25:F1:7D:B3:DA:92:6E:98:6F:5A:48:36:8F:EA
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01856EAFDA60AD51221831372A34B76D9658
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/ksgdd0UeJfF9s9qSbphvWkg2j-o.roa
Signing time: Sun 01 Jan 2023 18:54:56 +0000
ROA not before: Sun 01 Jan 2023 18:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8778
IP address blocks: 195.80.160.0/19 maxlen: 19
195.28.64.0/19 maxlen: 19
2a00:9060::/32 maxlen: 32
2a02:dd8::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:da:60:ad:51:22:18:31:37:2a:34:b7:6d:96:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 18:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92c81d77451e25f17db3da926e986f5a48368fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:70:34:b0:a5:d7:dc:c9:84:93:05:14:d6:c5:
62:67:95:a1:ff:73:4e:be:a5:c2:9e:09:d1:3d:d7:
6e:be:b8:89:c5:36:87:f1:f7:5f:46:0d:9a:e9:3e:
03:ac:fb:ed:e0:2a:87:ed:68:84:f4:0c:20:75:fd:
66:46:b9:96:7a:82:94:e8:c7:98:03:c7:cf:1d:bc:
fc:8d:65:d4:15:bf:18:93:cf:4e:ec:74:68:cf:d4:
a0:f4:d3:f3:b0:5f:5d:5e:d7:bc:5a:22:a6:1e:0f:
85:bd:54:49:43:f4:ae:4f:b5:c1:75:dd:56:ae:52:
59:c0:18:ea:f1:22:9c:db:f7:93:21:a5:47:cc:ad:
36:81:0b:84:a6:35:84:4d:41:a8:54:14:4e:21:ec:
df:75:58:06:a1:65:26:38:b2:4d:6c:26:ee:9d:ea:
d2:08:00:22:ad:4e:89:42:94:e9:e5:cb:a3:22:8e:
86:34:e2:8c:c5:86:e4:a6:cd:e8:50:b1:e7:e7:22:
b8:af:ad:d8:38:e9:c0:35:fc:8f:b8:d2:18:22:e7:
06:a5:5a:ae:69:79:c9:ef:fd:98:cd:6d:64:d9:48:
86:95:87:2c:45:69:cc:c8:91:b7:6a:89:22:06:46:
c6:2d:fe:02:d9:ab:f3:85:c9:1c:6b:47:da:4b:b6:
9b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C8:1D:77:45:1E:25:F1:7D:B3:DA:92:6E:98:6F:5A:48:36:8F:EA
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/ksgdd0UeJfF9s9qSbphvWkg2j-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.64.0/19
195.80.160.0/19
IPv6:
2a00:9060::/32
2a02:dd8::/29
Signature Algorithm: sha256WithRSAEncryption
a1:71:34:7c:e6:76:da:2e:69:2e:b1:47:3a:4c:66:03:ba:d3:
bd:83:d0:d8:1a:89:a0:d1:b1:a7:5a:18:fe:7a:28:bb:f2:04:
62:93:0e:0f:fe:6f:f7:72:ba:a3:db:81:a8:da:00:98:f3:e6:
f2:f0:82:0b:5b:19:58:cb:97:3b:bb:39:fa:09:93:a2:64:5d:
f4:30:71:a7:cb:89:b5:4d:af:d0:55:56:41:51:76:69:ef:e2:
09:07:52:7c:5c:f7:62:99:9d:6e:7e:1d:89:ff:29:f9:e9:5c:
d9:c6:e8:19:dc:cf:60:7c:fd:b8:22:bf:b3:7c:ab:c4:e1:bf:
7c:3c:9d:eb:72:c5:eb:ff:c3:0e:4d:56:a9:15:8a:37:d3:e0:
25:65:f6:c9:ce:c3:e6:bd:f9:76:a9:a3:55:5d:18:04:34:69:
07:98:33:21:e6:51:0d:55:9b:ba:f4:89:d7:c0:5f:d8:57:64:
54:4c:d0:3f:f2:6f:ce:12:9b:ef:cc:95:7c:60:7d:97:8a:76:
1b:b3:6a:4c:46:2a:2a:1c:16:e5:ea:69:0f:3e:67:4d:d5:04:
0d:be:91:6c:98:f3:be:62:61:5b:4f:66:9d:b8:e0:7d:b0:95:
37:32:5a:c0:2d:8d:f7:76:05:18:4c:cf:15:af:e5:9d:2d:84:
6c:76:50:be
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVur9pgrVEiGDE3KjS3bZZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjMwMTAxMTg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM4MWQ3NzQ1MWUyNWYxN2RiM2RhOTI2ZTk4NmY1YTQ4MzY4ZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nA0sKXX3MmEkwUU1sViZ5Wh/3NO
vqXCngnRPdduvriJxTaH8fdfRg2a6T4DrPvt4CqH7WiE9Awgdf1mRrmWeoKU6MeY
A8fPHbz8jWXUFb8Yk89O7HRoz9Sg9NPzsF9dXte8WiKmHg+FvVRJQ/SuT7XBdd1W
rlJZwBjq8SKc2/eTIaVHzK02gQuEpjWETUGoVBROIezfdVgGoWUmOLJNbCbunerS
CAAirU6JQpTp5cujIo6GNOKMxYbkps3oULHn5yK4r63YOOnANfyPuNIYIucGpVqu
aXnJ7/2YzW1k2UiGlYcsRWnMyJG3aokiBkbGLf4C2avzhckca0faS7abewIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJLIHXdFHiXxfbPakm6Yb1pINo/qMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEva3NnZGQwVWVKZkY5czlxU2JwaHZXa2cyai1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQFwxxAAwQF
w1CgMBQEAgACMA4DBQAqAJBgAwUDKgIN2DANBgkqhkiG9w0BAQsFAAOCAQEAoXE0
fOZ22i5pLrFHOkxmA7rTvYPQ2BqJoNGxp1oY/noou/IEYpMOD/5v93K6o9uBqNoA
mPPm8vCCC1sZWMuXO7s5+gmTomRd9DBxp8uJtU2v0FVWQVF2ae/iCQdSfFz3Ypmd
bn4dif8p+elc2cboGdzPYHz9uCK/s3yrxOG/fDyd63LF6//DDk1WqRWKN9PgJWX2
yc7D5r35dqmjVV0YBDRpB5gzIeZRDVWbuvSJ18Bf2FdkVEzQP/JvzhKb78yVfGB9
l4p2G7NqTEYqKhwW5eppDz5nTdUEDb6RbJjzvmJhW09mnbjgfbCVNzJawC2N93YF
GEzPFa/lnS2EbHZQvg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:38 2024 by rpki-client on console-fra.rpki-client.org