Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/Kg0GTG9tZb3-dXf5dipZzMIZD0I.roa
File: Kg0GTG9tZb3-dXf5dipZzMIZD0I.roa (raw, json)
Hash identifier: ZgeAmyJgXWhnCJhiADTLjvaEO9DDjcDIzbLWtF/LMPA=
Subject key identifier: 2A:0D:06:4C:6F:6D:65:BD:FE:75:77:F9:76:2A:59:CC:C2:19:0F:42
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 01856C784282B821EA2A8FB01563C5735FB2
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/Kg0GTG9tZb3-dXf5dipZzMIZD0I.roa
Signing time: Sun 01 Jan 2023 08:34:58 +0000
ROA not before: Sun 01 Jan 2023 08:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50311
IP address blocks: 91.220.131.0/24 maxlen: 24
2a04:3e00:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:42:82:b8:21:ea:2a:8f:b0:15:63:c5:73:5f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a0d064c6f6d65bdfe7577f9762a59ccc2190f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ba:68:44:0a:d0:94:c7:95:fc:fc:9c:25:3a:
1b:3d:4f:3c:21:8f:78:d2:5e:26:2f:18:05:f1:64:
b9:64:b2:2b:0b:c2:89:56:7e:0b:c8:ab:2a:3b:d6:
1f:2f:33:e1:ab:09:cd:fb:94:d1:dd:bd:66:a8:bf:
96:dc:3a:76:92:50:9a:96:a3:70:e0:fd:f0:38:cb:
af:4c:f9:1b:e3:fc:78:e1:a0:dc:0f:e3:cd:3d:c4:
c5:5d:e3:dc:d8:7c:39:6a:39:c8:a1:c6:36:45:03:
53:73:81:3a:10:7f:a3:6a:cc:33:7f:20:ea:73:32:
17:e5:33:ae:a5:98:fb:2c:e1:0e:1e:a8:9a:8e:9f:
23:d1:f8:11:7a:81:0e:17:52:76:d7:95:84:d6:3f:
ec:14:02:34:58:82:78:41:66:af:ab:45:5c:35:90:
21:80:64:5c:df:92:62:21:9d:2a:3b:0e:d2:b9:dd:
21:2a:0c:0f:c4:96:1e:4a:9d:ae:ef:49:ab:44:0a:
e6:65:10:07:82:c9:01:f7:e0:14:ec:92:01:9d:36:
b4:7f:69:bd:66:fc:18:94:83:fc:ef:d3:ab:31:fc:
65:15:ea:63:0e:9a:43:69:8f:a9:f1:16:53:32:d8:
b9:5c:88:ee:11:8f:16:46:68:21:3b:a5:63:fe:8e:
94:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0D:06:4C:6F:6D:65:BD:FE:75:77:F9:76:2A:59:CC:C2:19:0F:42
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/Kg0GTG9tZb3-dXf5dipZzMIZD0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.131.0/24
IPv6:
2a04:3e00:1000::/48
Signature Algorithm: sha256WithRSAEncryption
1a:c0:f2:37:51:b4:97:f6:65:4e:48:cf:52:1e:b9:f8:6d:2e:
c7:9f:3d:cf:36:45:05:67:4c:cf:a1:cd:a1:e6:13:15:c0:dd:
27:0b:5a:82:87:9d:34:6f:e0:54:ab:7f:54:64:a4:a9:25:a4:
28:1e:b5:97:8d:52:03:f4:00:0e:e2:37:04:0a:02:5e:0d:be:
b3:26:ce:78:20:07:24:33:7e:c1:6a:56:87:d8:63:a1:56:31:
d2:4b:16:da:f0:02:d2:69:2a:b2:7c:11:f6:48:95:b1:cf:72:
b2:32:f9:55:c0:27:92:db:80:4a:82:e8:a7:8f:2f:cb:47:e0:
42:15:3c:a2:8c:ec:45:c2:eb:f4:ca:e6:48:1b:04:49:50:7b:
c8:bd:81:58:b3:75:65:2f:ec:9a:50:ff:24:63:48:65:94:b9:
ec:75:6a:1d:09:9b:59:0c:2f:a5:c9:31:17:1b:0d:f4:0b:fa:
ca:47:17:af:a5:4f:62:c9:f1:28:c9:67:5e:2d:38:95:fc:5a:
c6:59:1a:ae:3c:5c:98:54:e7:19:64:6b:01:20:22:7f:c6:58:
57:1c:a7:6e:17:e4:bb:ae:2a:1d:6c:3c:ca:b7:fa:f9:5d:b1:
35:46:9b:5b:69:e0:71:f2:41:77:db:15:6e:f9:f0:0c:17:12:
be:ee:25:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVseEKCuCHqKo+wFWPFc1+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjMwMTAxMDgzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBkMDY0YzZmNmQ2NWJkZmU3NTc3Zjk3NjJhNTljY2MyMTkwZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7poRArQlMeV/PycJTobPU88IY94
0l4mLxgF8WS5ZLIrC8KJVn4LyKsqO9YfLzPhqwnN+5TR3b1mqL+W3Dp2klCalqNw
4P3wOMuvTPkb4/x44aDcD+PNPcTFXePc2Hw5ajnIocY2RQNTc4E6EH+jaswzfyDq
czIX5TOupZj7LOEOHqiajp8j0fgReoEOF1J215WE1j/sFAI0WIJ4QWavq0VcNZAh
gGRc35JiIZ0qOw7Sud0hKgwPxJYeSp2u70mrRArmZRAHgskB9+AU7JIBnTa0f2m9
ZvwYlIP879OrMfxlFepjDppDaY+p8RZTMti5XIjuEY8WRmghO6Vj/o6UkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCoNBkxvbWW9/nV3+XYqWczCGQ9CMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvS2cwR1RHOXRaYjMtZFhmNWRpcFp6TUlaRDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9yDMA8E
AgACMAkDBwAqBD4AEAAwDQYJKoZIhvcNAQELBQADggEBABrA8jdRtJf2ZU5Iz1Ie
ufhtLsefPc82RQVnTM+hzaHmExXA3ScLWoKHnTRv4FSrf1RkpKklpCgetZeNUgP0
AA7iNwQKAl4NvrMmznggByQzfsFqVofYY6FWMdJLFtrwAtJpKrJ8EfZIlbHPcrIy
+VXAJ5LbgEqC6KePL8tH4EIVPKKM7EXC6/TK5kgbBElQe8i9gVizdWUv7JpQ/yRj
SGWUuex1ah0Jm1kML6XJMRcbDfQL+spHF6+lT2LJ8SjJZ14tOJX8WsZZGq48XJhU
5xlkawEgIn/GWFccp24X5LuuKh1sPMq3+vldsTVGm1tp4HHyQXfbFW758AwXEr7u
JWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:16 2024 by rpki-client on console-ams.rpki-client.org