Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/ead4a0-2521-4abb-ac2d-07dbd900c4ad/1/kmsIpxmEE9fexe1VPLXNkPme0i4.roa
File: kmsIpxmEE9fexe1VPLXNkPme0i4.roa (raw, json)
Hash identifier: 6inFIPP72G8UYIlg/9atIf5wHy7xtY42ItIqRFShub0=
Subject key identifier: 92:6B:08:A7:19:84:13:D7:DE:C5:ED:55:3C:B5:CD:90:F9:9E:D2:2E
Certificate issuer: /CN=27f130b6f45f00f7c1d135b6c93b20e690412cfc
Certificate serial: 018CC9BC4ACE3DBE3178018DE2C3594116CD
Authority key identifier: 27:F1:30:B6:F4:5F:00:F7:C1:D1:35:B6:C9:3B:20:E6:90:41:2C:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_EwtvRfAPfB0TW2yTsg5pBBLPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/ead4a0-2521-4abb-ac2d-07dbd900c4ad/1/kmsIpxmEE9fexe1VPLXNkPme0i4.roa
Signing time: Tue 02 Jan 2024 10:33:29 +0000
ROA not before: Tue 02 Jan 2024 10:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200930
IP address blocks: 193.58.181.0/24 maxlen: 24
193.58.182.0/24 maxlen: 24
193.58.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:4a:ce:3d:be:31:78:01:8d:e2:c3:59:41:16:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f130b6f45f00f7c1d135b6c93b20e690412cfc
Validity
Not Before: Jan 2 10:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=926b08a7198413d7dec5ed553cb5cd90f99ed22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3a:16:55:73:43:70:45:be:0a:7e:98:2a:29:
29:e8:72:d3:74:53:17:79:2d:a9:d2:4f:ea:7c:1e:
83:14:35:49:df:69:c4:4d:b1:16:14:d8:73:94:20:
30:2e:17:be:03:4d:8a:a0:71:e6:35:c9:bd:b9:82:
d2:7b:07:bd:7a:57:65:58:ec:ce:fd:a3:5a:02:d1:
b3:f1:ca:e5:54:18:14:16:69:9e:90:3c:88:c0:85:
e3:2e:69:45:27:e5:43:a4:3c:8d:30:c2:a3:01:ba:
97:a8:11:a3:50:ef:25:73:1e:0b:20:3a:f2:78:01:
4c:7a:60:5b:ac:7d:6e:9f:cd:80:b3:ef:a0:1c:80:
00:61:b2:dc:98:d9:1e:d8:08:e1:4e:05:98:09:a0:
1a:a4:6a:c4:04:9c:f9:ac:60:2f:3f:29:79:c9:1e:
79:c4:11:5c:a8:d7:0c:ba:41:c3:77:76:9d:71:f4:
60:d0:2b:67:cb:64:cc:97:57:bd:6d:89:cd:d4:ec:
c6:ae:a8:0f:1f:ae:e2:7d:bc:64:71:9d:fd:e8:98:
b7:5d:18:88:ca:f9:83:11:4f:51:eb:80:f4:f8:0c:
9f:ca:22:a9:0d:ed:78:e5:24:f3:74:b0:e4:1b:d1:
01:c2:7c:80:a2:15:d3:9c:3a:03:24:3f:10:70:2b:
37:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6B:08:A7:19:84:13:D7:DE:C5:ED:55:3C:B5:CD:90:F9:9E:D2:2E
X509v3 Authority Key Identifier:
keyid:27:F1:30:B6:F4:5F:00:F7:C1:D1:35:B6:C9:3B:20:E6:90:41:2C:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_EwtvRfAPfB0TW2yTsg5pBBLPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/ead4a0-2521-4abb-ac2d-07dbd900c4ad/1/kmsIpxmEE9fexe1VPLXNkPme0i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/ead4a0-2521-4abb-ac2d-07dbd900c4ad/1/J_EwtvRfAPfB0TW2yTsg5pBBLPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.180.0-193.58.182.255
Signature Algorithm: sha256WithRSAEncryption
8b:09:00:f6:de:88:cb:b4:33:61:0e:b3:86:4a:69:d1:80:7a:
f3:bb:5c:e4:38:9c:f1:4a:be:13:32:ed:8a:b4:4b:03:63:6c:
db:ce:a3:70:81:8a:97:82:57:64:72:cd:b9:6f:0e:01:21:e1:
de:5f:07:9f:65:a2:78:20:c5:4e:6d:d3:2e:d4:13:93:bf:85:
00:1d:01:d8:23:00:4b:f9:dd:d9:74:ed:49:83:8b:c1:58:16:
ce:5a:ac:12:d7:56:a1:50:2e:35:02:7b:06:f0:b7:e4:60:2f:
0b:d9:57:56:af:09:d4:0e:a8:aa:a8:ee:ee:95:73:c3:85:b0:
08:87:d2:47:43:2b:35:e2:58:95:4b:11:90:52:3d:3f:db:24:
8a:37:24:12:66:cb:c5:06:9d:e4:d2:ff:87:49:6a:5e:d8:cf:
db:41:ca:15:1b:5c:4f:95:38:7e:14:28:62:f9:86:b3:47:f6:
b4:09:53:90:2f:a5:53:56:82:a6:8e:ae:c7:3e:36:3b:21:ab:
5d:a9:35:3f:50:06:12:cb:fa:84:5c:8c:1e:1a:3f:19:ca:b6:
88:a3:21:30:17:27:a1:c8:b6:26:cc:3d:f4:8d:71:07:fc:be:
f4:38:d1:f9:bf:8a:0a:ed:05:5a:76:e4:3f:34:f3:5f:70:0b:
ef:c0:4d:19
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJvErOPb4xeAGN4sNZQRbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjEzMGI2ZjQ1ZjAwZjdjMWQxMzViNmM5M2IyMGU2OTA0
MTJjZmMwHhcNMjQwMTAyMTAzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjZiMDhhNzE5ODQxM2Q3ZGVjNWVkNTUzY2I1Y2Q5MGY5OWVkMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ToWVXNDcEW+Cn6YKikp6HLTdFMX
eS2p0k/qfB6DFDVJ32nETbEWFNhzlCAwLhe+A02KoHHmNcm9uYLSewe9eldlWOzO
/aNaAtGz8crlVBgUFmmekDyIwIXjLmlFJ+VDpDyNMMKjAbqXqBGjUO8lcx4LIDry
eAFMemBbrH1un82As++gHIAAYbLcmNke2AjhTgWYCaAapGrEBJz5rGAvPyl5yR55
xBFcqNcMukHDd3adcfRg0Ctny2TMl1e9bYnN1OzGrqgPH67ifbxkcZ396Ji3XRiI
yvmDEU9R64D0+AyfyiKpDe145STzdLDkG9EBwnyAohXTnDoDJD8QcCs3awIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJJrCKcZhBPX3sXtVTy1zZD5ntIuMB8GA1UdIwQY
MBaAFCfxMLb0XwD3wdE1tsk7IOaQQSz8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9Fd3R2UmZBUGZCMFRXMnlUc2c1cEJCTFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lYWQ0YTAtMjUyMS00YWJiLWFjMmQt
MDdkYmQ5MDBjNGFkLzEva21zSXB4bUVFOWZleGUxVlBMWE5rUG1lMGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9lYWQ0YTAtMjUyMS00YWJiLWFjMmQtMDdkYmQ5MDBjNGFk
LzEvSl9Fd3R2UmZBUGZCMFRXMnlUc2c1cEJCTFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALBOrQD
BADBOrYwDQYJKoZIhvcNAQELBQADggEBAIsJAPbeiMu0M2EOs4ZKadGAevO7XOQ4
nPFKvhMy7Yq0SwNjbNvOo3CBipeCV2RyzblvDgEh4d5fB59longgxU5t0y7UE5O/
hQAdAdgjAEv53dl07UmDi8FYFs5arBLXVqFQLjUCewbwt+RgLwvZV1avCdQOqKqo
7u6Vc8OFsAiH0kdDKzXiWJVLEZBSPT/bJIo3JBJmy8UGneTS/4dJal7Yz9tByhUb
XE+VOH4UKGL5hrNH9rQJU5AvpVNWgqaOrsc+Njshq12pNT9QBhLL+oRcjB4aPxnK
toijITAXJ6HItibMPfSNcQf8vvQ40fm/igrtBVp25D80819wC+/ATRk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:10 2025 by rpki-client