Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/kbnYjzUl4yuGP_Kv_uMHynxGr-M.roa
File: kbnYjzUl4yuGP_Kv_uMHynxGr-M.roa (raw, json)
Hash identifier: 8qDJ6BfAujZhcZ1zt/3IwgPaHW/IwRZpuTsBorKfu+U=
Subject key identifier: 91:B9:D8:8F:35:25:E3:2B:86:3F:F2:AF:FE:E3:07:CA:7C:46:AF:E3
Certificate issuer: /CN=f5346d3edbec6da72780722c0a41abeea63661d8
Certificate serial: 018CC9BC54B11036ECB9DC18C9E62F03B474
Authority key identifier: F5:34:6D:3E:DB:EC:6D:A7:27:80:72:2C:0A:41:AB:EE:A6:36:61:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9TRtPtvsbacngHIsCkGr7qY2Ydg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/kbnYjzUl4yuGP_Kv_uMHynxGr-M.roa
Signing time: Tue 02 Jan 2024 10:33:31 +0000
ROA not before: Tue 02 Jan 2024 10:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60044
IP address blocks: 185.57.216.0/22 maxlen: 22
2a04:dec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 Feb 2024 10:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:54:b1:10:36:ec:b9:dc:18:c9:e6:2f:03:b4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5346d3edbec6da72780722c0a41abeea63661d8
Validity
Not Before: Jan 2 10:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91b9d88f3525e32b863ff2affee307ca7c46afe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:79:c1:6f:6e:4b:5a:e0:a7:5c:19:94:3e:b5:
aa:8f:18:3f:e1:78:31:47:e5:d9:2e:23:83:f5:a3:
da:b4:15:4a:83:b3:2f:f4:3b:eb:87:84:38:16:e5:
69:f2:2e:91:12:4a:72:09:dd:99:a8:4a:eb:6d:6f:
c6:b4:57:25:09:2a:7e:c7:61:7d:02:e4:69:c1:bf:
2a:02:65:12:a5:ab:19:c1:0c:d0:44:88:0b:35:58:
cc:48:9a:d5:aa:e7:3d:67:cb:8d:93:58:c4:15:8b:
7c:31:37:8b:c3:94:d7:65:8d:ac:6c:29:44:e8:83:
b7:1a:a8:25:0d:2c:6b:6b:4c:5b:3f:fb:bf:b2:a4:
ba:79:2f:42:fe:aa:d0:35:99:9e:cb:72:54:cf:b9:
7a:ed:9f:6d:e1:e1:48:ef:a6:8c:7d:de:ac:93:b4:
6d:ea:27:1d:dd:6b:61:9e:dc:11:d3:50:f8:90:c6:
69:e4:7f:60:08:de:af:f0:78:89:c9:ef:d2:ed:3d:
a1:a2:dd:01:d6:45:4c:c9:83:b3:d9:3f:af:ed:83:
ab:da:a5:9f:59:9b:ec:1c:a5:05:85:d6:c0:d1:74:
1d:e7:71:78:c8:69:e9:b0:50:33:6e:83:15:14:b4:
ba:1c:0a:e6:e7:b5:43:a3:21:cf:3e:76:69:9c:be:
9a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B9:D8:8F:35:25:E3:2B:86:3F:F2:AF:FE:E3:07:CA:7C:46:AF:E3
X509v3 Authority Key Identifier:
keyid:F5:34:6D:3E:DB:EC:6D:A7:27:80:72:2C:0A:41:AB:EE:A6:36:61:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9TRtPtvsbacngHIsCkGr7qY2Ydg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/kbnYjzUl4yuGP_Kv_uMHynxGr-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/9TRtPtvsbacngHIsCkGr7qY2Ydg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.216.0/22
IPv6:
2a04:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:35:04:73:ce:ad:70:7d:f0:2c:5d:b3:19:30:8f:5c:eb:bf:
ed:a4:2f:b3:1c:88:34:8b:c2:c6:03:b2:52:2d:8b:a5:17:04:
57:50:54:a8:3b:79:7d:55:97:c3:25:a8:4e:41:dc:cc:f0:25:
95:37:49:ea:a6:44:bb:a3:36:34:7d:bf:2f:35:57:b0:74:e4:
30:93:58:d8:16:4c:3c:bd:d1:21:a6:50:2c:6f:93:55:ef:4a:
bf:76:9a:de:45:f0:a5:7d:b7:b6:03:d0:48:68:8b:d7:44:b7:
98:07:d4:1e:b6:41:31:3d:0e:6a:88:10:f9:80:89:11:db:86:
f7:63:51:e4:eb:9c:f1:63:2d:11:76:73:a9:52:bd:3f:d5:84:
c8:f0:6c:c3:47:75:8a:c1:45:19:15:bf:ff:c6:8c:30:9a:a1:
e8:8a:2e:9f:28:c3:fa:ab:37:48:eb:af:e3:3a:e8:01:0d:aa:
f4:4e:39:bf:7e:84:98:6f:b9:85:8e:57:cd:ec:4e:54:10:92:
de:48:95:16:b6:c7:34:cf:7d:bf:bb:79:e7:1c:9b:a0:10:f5:
88:a5:7c:d0:f3:ad:dc:b4:4a:d0:55:5b:de:e4:d3:f5:bd:ed:
b8:3f:7e:f0:d7:ed:b8:b1:44:98:f5:50:fd:50:2b:6f:e1:2b:
48:21:eb:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvFSxEDbsudwYyeYvA7R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MzQ2ZDNlZGJlYzZkYTcyNzgwNzIyYzBhNDFhYmVlYTYz
NjYxZDgwHhcNMjQwMTAyMTAzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI5ZDg4ZjM1MjVlMzJiODYzZmYyYWZmZWUzMDdjYTdjNDZhZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnnBb25LWuCnXBmUPrWqjxg/4Xgx
R+XZLiOD9aPatBVKg7Mv9Dvrh4Q4FuVp8i6REkpyCd2ZqErrbW/GtFclCSp+x2F9
AuRpwb8qAmUSpasZwQzQRIgLNVjMSJrVquc9Z8uNk1jEFYt8MTeLw5TXZY2sbClE
6IO3GqglDSxra0xbP/u/sqS6eS9C/qrQNZmey3JUz7l67Z9t4eFI76aMfd6sk7Rt
6icd3WthntwR01D4kMZp5H9gCN6v8HiJye/S7T2hot0B1kVMyYOz2T+v7YOr2qWf
WZvsHKUFhdbA0XQd53F4yGnpsFAzboMVFLS6HArm57VDoyHPPnZpnL6aKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJG52I81JeMrhj/yr/7jB8p8Rq/jMB8GA1UdIwQY
MBaAFPU0bT7b7G2nJ4ByLApBq+6mNmHYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVRSdFB0dnNiYWNuZ0hJc0NrR3I3cVkyWWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iZTgwNjQtOWUxMS00NjFhLTkzNmQt
ZmE3MGJkOTBlODk0LzEva2JuWWp6VWw0eXVHUF9Ldl91TUh5bnhHci1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9iZTgwNjQtOWUxMS00NjFhLTkzNmQtZmE3MGJkOTBlODk0
LzEvOVRSdFB0dnNiYWNuZ0hJc0NrR3I3cVkyWWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTnYMA0E
AgACMAcDBQMqBN7AMA0GCSqGSIb3DQEBCwUAA4IBAQAuNQRzzq1wffAsXbMZMI9c
67/tpC+zHIg0i8LGA7JSLYulFwRXUFSoO3l9VZfDJahOQdzM8CWVN0nqpkS7ozY0
fb8vNVewdOQwk1jYFkw8vdEhplAsb5NV70q/dpreRfClfbe2A9BIaIvXRLeYB9Qe
tkExPQ5qiBD5gIkR24b3Y1Hk65zxYy0RdnOpUr0/1YTI8GzDR3WKwUUZFb//xoww
mqHoii6fKMP6qzdI66/jOugBDar0Tjm/foSYb7mFjlfN7E5UEJLeSJUWtsc0z32/
u3nnHJugEPWIpXzQ863ctErQVVve5NP1ve24P37w1+24sUSY9VD9UCtv4StIIevT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:43 2024 by rpki-client on console-fra.rpki-client.org