Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/RKY_JxW3AUxOVGjlro_yYb_piCE.roa
File: RKY_JxW3AUxOVGjlro_yYb_piCE.roa (raw, json)
Hash identifier: UDB18TowCypfYGbTmMD+yQddrgawf2Xv7HYjzLeXguQ=
Subject key identifier: 44:A6:3F:27:15:B7:01:4C:4E:54:68:E5:AE:8F:F2:61:BF:E9:88:21
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018DE123FB94EC4B70E1120F3CD3050B1882
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/RKY_JxW3AUxOVGjlro_yYb_piCE.roa
Signing time: Sun 25 Feb 2024 16:40:48 +0000
ROA not before: Sun 25 Feb 2024 16:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 185.113.66.0/23 maxlen: 24
185.194.206.0/23 maxlen: 24
185.194.206.0/24 maxlen: 24
185.194.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 08:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e1:23:fb:94:ec:4b:70:e1:12:0f:3c:d3:05:0b:18:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Feb 25 16:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44a63f2715b7014c4e5468e5ae8ff261bfe98821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f2:a9:57:a1:36:e6:50:5e:80:37:44:76:d6:
d3:e8:f3:a7:bb:7c:79:41:f5:19:bd:75:3f:76:b4:
56:9c:84:0e:61:9b:b0:ef:95:91:a4:c2:6e:7e:64:
5c:25:a3:c1:ac:76:bc:22:80:f3:09:8e:81:30:20:
de:2e:72:ab:37:3d:d2:8d:03:3f:13:a9:46:18:83:
10:2d:47:64:3b:fd:8d:9f:30:6b:54:48:3a:1a:2c:
76:e6:e2:32:a0:ba:47:8a:ee:08:f1:04:31:d7:59:
86:d2:bb:f4:97:f3:be:49:c6:15:1e:05:33:40:72:
46:19:47:a4:69:91:74:63:94:27:39:96:de:05:dd:
61:82:e1:48:91:15:4b:50:31:56:07:0c:8e:e4:eb:
6d:69:1d:78:a6:33:38:11:1b:13:3b:5d:4a:fd:d6:
fa:35:83:6d:d1:6f:84:3e:19:58:77:af:e3:82:7e:
c9:88:f5:9b:e2:85:ba:72:4d:16:e1:9d:23:5f:95:
aa:5a:fc:4a:27:9c:b3:ff:5a:df:49:e1:51:22:f3:
60:76:0a:6a:66:4b:8b:67:16:f6:c7:c9:fa:e6:35:
a0:6e:14:35:d6:8a:2f:de:2d:26:3a:2a:ec:8f:77:
8a:da:ad:4e:6c:21:bf:9b:c3:83:42:c9:89:be:58:
79:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A6:3F:27:15:B7:01:4C:4E:54:68:E5:AE:8F:F2:61:BF:E9:88:21
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/RKY_JxW3AUxOVGjlro_yYb_piCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.66.0/23
185.194.206.0/23
Signature Algorithm: sha256WithRSAEncryption
21:22:3a:45:91:7e:e4:c9:32:95:48:3e:d9:15:e7:d8:42:78:
1d:92:2d:ba:6e:a1:be:de:1a:ea:4b:66:2f:a9:78:df:26:06:
0b:f4:5c:17:63:52:1d:5f:c7:cc:a1:56:7e:45:ca:59:35:de:
0d:d0:28:6e:9c:5f:27:75:0c:bf:b1:d2:12:25:5a:1c:33:86:
07:fe:b8:94:17:b4:22:1d:73:b8:44:c9:54:5c:90:05:38:50:
7c:6b:0a:9c:7e:fc:08:c8:33:93:a8:70:5c:45:66:2d:60:21:
04:81:e1:c7:db:40:81:a8:d2:29:f5:c6:63:8a:d9:b7:e0:1a:
06:27:37:95:db:fa:dd:4e:3d:da:7e:d3:34:0b:1a:23:25:8e:
11:da:37:b8:9a:1d:66:a2:ba:c9:79:a0:45:dc:1c:71:78:17:
ee:33:a1:75:b8:08:56:46:b6:f9:9f:ac:e3:9a:eb:8d:ca:2b:
b6:f9:e5:06:65:35:de:01:31:57:77:eb:6c:7d:5c:63:6f:40:
03:23:5b:e4:00:44:0a:b0:1e:b6:f3:73:ef:8b:3d:09:5a:6e:
47:a5:2b:ef:62:26:4e:45:2b:8c:d5:21:9c:6d:53:a9:5a:93:
40:ac:82:5b:de:ef:5e:93:62:3f:72:9a:db:c8:db:1b:7e:e6:
9b:99:b4:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3hI/uU7Etw4RIPPNMFCxiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMjI1MTY0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGE2M2YyNzE1YjcwMTRjNGU1NDY4ZTVhZThmZjI2MWJmZTk4ODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/KpV6E25lBegDdEdtbT6POnu3x5
QfUZvXU/drRWnIQOYZuw75WRpMJufmRcJaPBrHa8IoDzCY6BMCDeLnKrNz3SjQM/
E6lGGIMQLUdkO/2NnzBrVEg6Gix25uIyoLpHiu4I8QQx11mG0rv0l/O+ScYVHgUz
QHJGGUekaZF0Y5QnOZbeBd1hguFIkRVLUDFWBwyO5OttaR14pjM4ERsTO11K/db6
NYNt0W+EPhlYd6/jgn7JiPWb4oW6ck0W4Z0jX5WqWvxKJ5yz/1rfSeFRIvNgdgpq
ZkuLZxb2x8n65jWgbhQ11oov3i0mOirsj3eK2q1ObCG/m8ODQsmJvlh5cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFESmPycVtwFMTlRo5a6P8mG/6YghMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvUktZX0p4VzNBVXhPVkdqbHJvX3lZYl9waUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuXFCAwQB
ucLOMA0GCSqGSIb3DQEBCwUAA4IBAQAhIjpFkX7kyTKVSD7ZFefYQngdki26bqG+
3hrqS2YvqXjfJgYL9FwXY1IdX8fMoVZ+RcpZNd4N0ChunF8ndQy/sdISJVocM4YH
/riUF7QiHXO4RMlUXJAFOFB8awqcfvwIyDOTqHBcRWYtYCEEgeHH20CBqNIp9cZj
itm34BoGJzeV2/rdTj3aftM0CxojJY4R2je4mh1morrJeaBF3BxxeBfuM6F1uAhW
Rrb5n6zjmuuNyiu2+eUGZTXeATFXd+tsfVxjb0ADI1vkAEQKsB6283Pviz0JWm5H
pSvvYiZORSuM1SGcbVOpWpNArIJb3u9ek2I/cprbyNsbfuabmbQJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:50 2024 by rpki-client on console-fra.rpki-client.org