Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/KENf3bCJ7r6jK4Vg7wZUoZ6GB9I.roa
File: KENf3bCJ7r6jK4Vg7wZUoZ6GB9I.roa (raw, json)
Hash identifier: 22ZwWD4gNHq/+yYRbIAADkOoatBEwyDf0SvM1pyjibE=
Subject key identifier: 28:43:5F:DD:B0:89:EE:BE:A3:2B:85:60:EF:06:54:A1:9E:86:07:D2
Certificate issuer: /CN=edc260028cd2ab1d0e43774f4404decd27aef3cc
Certificate serial: 01856F6FEAE1EE8C6AE19822B2AAA451676C
Authority key identifier: ED:C2:60:02:8C:D2:AB:1D:0E:43:77:4F:44:04:DE:CD:27:AE:F3:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cJgAozSqx0OQ3dPRATezSeu88w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/KENf3bCJ7r6jK4Vg7wZUoZ6GB9I.roa
Signing time: Sun 01 Jan 2023 22:24:43 +0000
ROA not before: Sun 01 Jan 2023 22:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64411
IP address blocks: 185.165.164.0/22 maxlen: 22
2a0a:3e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:ea:e1:ee:8c:6a:e1:98:22:b2:aa:a4:51:67:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc260028cd2ab1d0e43774f4404decd27aef3cc
Validity
Not Before: Jan 1 22:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28435fddb089eebea32b8560ef0654a19e8607d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c3:a9:40:71:55:b5:7d:fe:78:9e:a5:77:85:
51:59:e4:85:84:9c:9e:0d:5e:2d:ad:70:b5:42:16:
2f:da:26:18:df:30:4f:b9:5e:b9:1e:32:d9:3d:41:
e5:7c:92:45:57:2a:0e:33:63:6c:6d:03:7d:82:2e:
46:80:f6:49:c3:40:f6:56:9f:31:c6:b4:4b:61:a5:
1a:0f:59:87:75:fc:90:b4:5b:38:6e:ac:80:86:4f:
74:d2:51:73:f6:d2:9f:f7:53:70:af:b2:cd:68:c3:
07:45:82:de:cb:47:08:0f:f6:6c:4a:8c:a8:f0:0d:
61:79:c0:fb:40:37:ee:4f:5d:48:b8:63:ab:64:f6:
78:22:98:7e:20:66:27:ff:06:e4:da:d5:d7:c2:a1:
1b:b3:55:fe:7f:7b:2e:ad:19:55:85:41:f1:0c:68:
63:d5:38:a0:f8:6a:14:98:2f:1a:92:08:ab:27:4e:
e0:aa:6b:d4:7d:fa:f7:c3:25:31:f1:44:f6:00:1f:
cc:e7:f6:a6:8d:dd:85:6c:63:1c:e5:3c:9c:30:46:
2a:cc:9e:1e:43:6a:cd:6f:8c:7f:bd:8f:04:9d:07:
ea:30:bc:60:cb:3a:31:3e:60:1c:f6:a7:17:b0:e0:
b6:1b:ce:d8:95:53:ca:fe:1f:94:ba:7e:32:71:7b:
43:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:43:5F:DD:B0:89:EE:BE:A3:2B:85:60:EF:06:54:A1:9E:86:07:D2
X509v3 Authority Key Identifier:
keyid:ED:C2:60:02:8C:D2:AB:1D:0E:43:77:4F:44:04:DE:CD:27:AE:F3:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cJgAozSqx0OQ3dPRATezSeu88w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/KENf3bCJ7r6jK4Vg7wZUoZ6GB9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/7cJgAozSqx0OQ3dPRATezSeu88w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.164.0/22
IPv6:
2a0a:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
27:80:65:58:53:f5:dc:f1:ae:5e:65:5b:58:7d:a2:1d:ae:99:
4a:87:f0:8c:ee:e1:da:5c:4f:7f:c0:2f:c9:00:a6:1d:ef:77:
9a:4a:97:82:98:ba:03:89:4c:11:2f:fa:c8:14:f1:b6:6a:47:
77:d2:1f:5b:a2:e4:b0:b5:ed:0e:56:40:09:cd:99:71:98:2d:
07:77:90:31:83:66:df:c6:2c:3c:28:73:3e:26:e3:f1:8c:20:
fc:c3:5a:60:e1:5c:a9:00:3b:68:82:9f:2a:29:eb:b6:13:44:
d0:00:77:cf:c7:66:16:80:14:86:2d:d0:b8:aa:57:99:f3:a4:
ea:97:2b:17:a1:52:0d:03:31:5d:b7:4c:4d:64:21:25:c2:41:
e4:c7:13:be:5e:63:de:9c:24:f0:ee:70:0a:d0:8b:b0:e6:00:
b5:7e:86:bc:38:43:09:fe:15:00:09:c8:13:97:0a:c4:56:6d:
24:c5:79:11:c9:6f:d5:fa:6d:06:2c:bc:d8:5f:14:56:f1:02:
01:08:34:14:db:bd:ac:45:0b:dc:7b:25:b7:60:3f:84:fc:a8:
71:65:85:2d:29:87:58:b4:a7:fc:a4:a2:65:90:d5:c6:1d:be:
f0:21:0c:da:04:3f:1c:f6:27:23:a1:3f:89:fc:0c:0b:d3:55:
60:2c:46:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvb+rh7oxq4ZgisqqkUWdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzI2MDAyOGNkMmFiMWQwZTQzNzc0ZjQ0MDRkZWNkMjdh
ZWYzY2MwHhcNMjMwMTAxMjIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQzNWZkZGIwODllZWJlYTMyYjg1NjBlZjA2NTRhMTllODYwN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicOpQHFVtX3+eJ6ld4VRWeSFhJye
DV4trXC1QhYv2iYY3zBPuV65HjLZPUHlfJJFVyoOM2NsbQN9gi5GgPZJw0D2Vp8x
xrRLYaUaD1mHdfyQtFs4bqyAhk900lFz9tKf91Nwr7LNaMMHRYLey0cID/ZsSoyo
8A1hecD7QDfuT11IuGOrZPZ4Iph+IGYn/wbk2tXXwqEbs1X+f3surRlVhUHxDGhj
1Tig+GoUmC8akgirJ07gqmvUffr3wyUx8UT2AB/M5/amjd2FbGMc5TycMEYqzJ4e
Q2rNb4x/vY8EnQfqMLxgyzoxPmAc9qcXsOC2G87YlVPK/h+Uun4ycXtD8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFChDX92wie6+oyuFYO8GVKGehgfSMB8GA1UdIwQY
MBaAFO3CYAKM0qsdDkN3T0QE3s0nrvPMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NKZ0FvelNxeDBPUTNkUFJBVGV6U2V1ODh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTUyYjYtMzM2Zi00NjY4LWJhZmIt
ZmRjMjU4Mzc3MzAxLzEvS0VOZjNiQ0o3cjZqSzRWZzd3WlVvWjZHQjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTUyYjYtMzM2Zi00NjY4LWJhZmItZmRjMjU4Mzc3MzAx
LzEvN2NKZ0FvelNxeDBPUTNkUFJBVGV6U2V1ODh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaWkMA0E
AgACMAcDBQMqCj4AMA0GCSqGSIb3DQEBCwUAA4IBAQAngGVYU/Xc8a5eZVtYfaId
rplKh/CM7uHaXE9/wC/JAKYd73eaSpeCmLoDiUwRL/rIFPG2akd30h9bouSwte0O
VkAJzZlxmC0Hd5Axg2bfxiw8KHM+JuPxjCD8w1pg4VypADtogp8qKeu2E0TQAHfP
x2YWgBSGLdC4qleZ86TqlysXoVINAzFdt0xNZCElwkHkxxO+XmPenCTw7nAK0Iuw
5gC1foa8OEMJ/hUACcgTlwrEVm0kxXkRyW/V+m0GLLzYXxRW8QIBCDQU272sRQvc
eyW3YD+E/KhxZYUtKYdYtKf8pKJlkNXGHb7wIQzaBD8c9icjoT+J/AwL01VgLEYT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:13 2024 by rpki-client on console-fra.rpki-client.org