Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/kw1zJr_w0GWB4fmzU9ZTV2lIfTY.roa
File: kw1zJr_w0GWB4fmzU9ZTV2lIfTY.roa (raw, json)
Hash identifier: QmcYlkhrX2I436klVcbX9sNc7FqzjFVs45pm8LGETTM=
Subject key identifier: 93:0D:73:26:BF:F0:D0:65:81:E1:F9:B3:53:D6:53:57:69:48:7D:36
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018573F195CAD3B7EF358D4404E6BB70FA47
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/kw1zJr_w0GWB4fmzU9ZTV2lIfTY.roa
Signing time: Mon 02 Jan 2023 19:24:50 +0000
ROA not before: Mon 02 Jan 2023 19:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44698
IP address blocks: 84.237.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:f1:95:ca:d3:b7:ef:35:8d:44:04:e6:bb:70:fa:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Jan 2 19:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=930d7326bff0d06581e1f9b353d6535769487d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ec:db:b8:d2:62:83:cc:17:3b:8c:0d:be:c5:
0f:1c:e7:0c:3c:a6:09:ab:47:00:41:2e:8a:b3:0d:
19:2d:b4:bb:70:e9:a6:53:42:c3:b1:e1:9b:c2:29:
b1:71:7e:b9:06:f6:35:af:e3:1b:73:33:bd:09:c2:
84:3c:4c:7e:9c:67:9f:0d:56:ef:f9:93:c7:09:80:
d7:17:1c:1f:a3:39:16:c5:85:7a:61:56:ec:3e:46:
4c:b9:6c:46:9e:1f:46:36:f9:a0:26:65:11:d0:79:
90:e6:10:94:b6:6d:9f:d7:ed:ba:aa:b3:a3:69:37:
d2:23:db:fc:3b:b0:e9:80:11:bc:64:d3:58:09:2b:
d8:36:1f:4b:5f:04:ed:49:16:18:af:4d:18:f3:34:
6a:5e:33:df:b5:7b:3d:42:0a:74:8a:44:2b:4c:5c:
45:40:4a:f6:5c:44:83:7b:ee:b6:21:bf:f5:a8:84:
ae:25:d1:df:e3:e6:73:11:94:85:af:dd:ff:4b:1d:
f7:d0:bf:ea:f9:ef:1b:c3:01:93:78:24:85:66:94:
bf:30:9c:1b:0e:32:d6:bc:a8:18:2e:18:9d:3d:86:
50:b6:1a:43:36:5f:59:2f:ad:e6:91:ea:f6:9f:70:
a8:e8:dc:22:29:d8:4c:d1:63:02:d2:5a:9f:9a:4f:
d5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0D:73:26:BF:F0:D0:65:81:E1:F9:B3:53:D6:53:57:69:48:7D:36
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/kw1zJr_w0GWB4fmzU9ZTV2lIfTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.237.235.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a5:43:5f:78:7c:64:94:5c:ee:7b:10:27:b1:b7:23:33:98:
47:49:e1:2c:19:e8:d3:b6:dd:4c:b1:64:24:d9:57:b1:da:2e:
63:59:bc:d9:be:d2:a3:3c:a9:d6:96:78:15:a4:db:66:ae:aa:
44:8a:14:40:b2:48:d0:31:9b:20:67:b1:a3:1f:81:3b:da:22:
7f:02:d2:76:70:70:7c:d9:4c:52:51:52:ea:90:b5:06:d3:cb:
00:b8:0b:6d:c9:9c:0e:f7:bc:6a:e7:3c:8f:54:e1:6c:e7:f1:
84:1f:99:47:62:d6:9b:20:94:09:14:ba:ac:9f:66:50:51:e0:
98:68:bf:81:8a:2b:63:2e:fb:3e:69:80:a7:d4:3b:6b:2a:fd:
3d:3a:72:0e:b2:20:db:1e:d1:a7:9f:9f:fb:19:c8:d5:a3:0c:
22:de:f8:31:7e:a5:d8:5b:ff:1c:42:c9:aa:49:1f:0d:4b:df:
3f:70:17:ca:e3:c0:38:07:4a:47:b6:86:c3:00:ef:ec:36:dc:
1a:73:6f:75:59:dd:d5:94:5c:4d:4b:f4:54:1b:bd:11:a3:e5:
01:49:f7:ad:cd:8e:2a:00:1e:43:af:b8:b9:6f:00:d9:af:62:
4a:a5:5d:c4:be:25:fb:85:ff:72:73:c7:f6:66:ce:bc:70:e2:
0e:cf:b8:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVz8ZXK07fvNY1EBOa7cPpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwMTAyMTkyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzBkNzMyNmJmZjBkMDY1ODFlMWY5YjM1M2Q2NTM1NzY5NDg3ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuzbuNJig8wXO4wNvsUPHOcMPKYJ
q0cAQS6Ksw0ZLbS7cOmmU0LDseGbwimxcX65BvY1r+MbczO9CcKEPEx+nGefDVbv
+ZPHCYDXFxwfozkWxYV6YVbsPkZMuWxGnh9GNvmgJmUR0HmQ5hCUtm2f1+26qrOj
aTfSI9v8O7DpgBG8ZNNYCSvYNh9LXwTtSRYYr00Y8zRqXjPftXs9Qgp0ikQrTFxF
QEr2XESDe+62Ib/1qISuJdHf4+ZzEZSFr93/Sx330L/q+e8bwwGTeCSFZpS/MJwb
DjLWvKgYLhidPYZQthpDNl9ZL63mker2n3Co6NwiKdhM0WMC0lqfmk/VFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMNcya/8NBlgeH5s1PWU1dpSH02MB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEva3cxekpyX3cwR1dCNGZtelU5WlRWMmxJZlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVO3rMA0G
CSqGSIb3DQEBCwUAA4IBAQBKpUNfeHxklFzuexAnsbcjM5hHSeEsGejTtt1MsWQk
2Vex2i5jWbzZvtKjPKnWlngVpNtmrqpEihRAskjQMZsgZ7GjH4E72iJ/AtJ2cHB8
2UxSUVLqkLUG08sAuAttyZwO97xq5zyPVOFs5/GEH5lHYtabIJQJFLqsn2ZQUeCY
aL+BiitjLvs+aYCn1DtrKv09OnIOsiDbHtGnn5/7GcjVowwi3vgxfqXYW/8cQsmq
SR8NS98/cBfK48A4B0pHtobDAO/sNtwac291Wd3VlFxNS/RUG70Ro+UBSfetzY4q
AB5Dr7i5bwDZr2JKpV3EviX7hf9yc8f2Zs68cOIOz7hE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org