Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/KxN4RIA8qF-Gsg0G-isrSG1UH-Y.roa
File: KxN4RIA8qF-Gsg0G-isrSG1UH-Y.roa (raw, json)
Hash identifier: ErzKeZ8aSWaySfE/bkDqFDtnITnlfLR/rkvx5rg8hUk=
Subject key identifier: 2B:13:78:44:80:3C:A8:5F:86:B2:0D:06:FA:2B:2B:48:6D:54:1F:E6
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018C2EB8A401FA21C18DB3D46031CD18C6F5
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/KxN4RIA8qF-Gsg0G-isrSG1UH-Y.roa
Signing time: Sun 03 Dec 2023 08:08:21 +0000
ROA not before: Sun 03 Dec 2023 08:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/24 maxlen: 24
46.175.130.0/24 maxlen: 24
185.110.63.0/24 maxlen: 24
123.253.213.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2e:b8:a4:01:fa:21:c1:8d:b3:d4:60:31:cd:18:c6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Dec 3 08:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b137844803ca85f86b20d06fa2b2b486d541fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:57:53:30:91:df:21:f5:58:76:15:b9:cd:3b:
3e:a4:d6:3a:ce:c5:33:7f:6d:b8:76:c8:2a:60:03:
a9:cd:91:6c:22:0d:ce:a7:1f:73:f1:45:94:f7:7d:
da:8f:b3:4d:da:c5:65:32:59:22:7b:f6:3a:55:97:
7a:83:e3:5f:1d:1e:fb:39:87:10:2d:9d:f5:d9:3d:
0a:c6:fc:fe:af:1b:ea:fe:99:87:04:d0:4f:b3:ea:
91:9c:86:dd:8a:1a:31:39:07:f6:42:90:84:af:9d:
8c:3f:01:2e:90:82:78:8c:92:5e:ed:56:c9:3e:73:
6d:94:70:ba:c9:86:00:04:7a:f2:fc:8b:75:4c:d8:
f7:83:ef:8e:b3:32:36:70:1f:ea:c4:1d:80:30:ee:
84:34:1f:d7:e4:0f:c3:74:16:a5:f5:76:25:ff:d3:
f7:d3:0f:9a:2a:d0:0c:b7:36:e4:c4:1d:e8:76:74:
a5:4b:d3:c8:5c:74:24:51:84:7a:1e:97:66:27:12:
62:82:77:15:88:fa:09:59:3c:e1:dc:79:b6:fa:38:
7b:60:1a:59:25:77:9c:69:98:6f:4e:c4:ff:b8:af:
e5:68:2e:cf:7c:68:69:72:c8:3f:48:25:5a:64:e7:
da:33:8b:65:53:02:da:c4:a5:48:0b:46:32:c2:64:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:13:78:44:80:3C:A8:5F:86:B2:0D:06:FA:2B:2B:48:6D:54:1F:E6
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/KxN4RIA8qF-Gsg0G-isrSG1UH-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.130.0/24
123.253.212.0/23
141.98.137.0/24
141.98.139.0/24
185.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
94:92:e3:f8:f8:d6:e9:32:05:23:86:9c:f3:c8:67:98:7d:b9:
d2:f4:5b:5c:bc:e9:4f:ad:42:e8:8f:dc:1a:56:22:d8:4d:46:
ac:0b:ad:8d:34:fc:bc:56:7e:d2:d3:98:08:b2:74:79:c8:56:
29:0c:33:81:8c:9c:48:90:67:f0:62:14:21:51:25:62:0e:c3:
14:35:a8:15:ec:c6:d5:9c:8a:dd:30:32:98:a5:a2:d0:18:15:
38:0d:b7:8b:88:13:89:b8:ee:89:19:b4:0e:d5:29:5d:08:3a:
c0:7c:6b:29:4d:2c:08:9f:79:d5:58:fe:62:4b:54:10:51:e8:
90:08:ad:99:10:5d:f8:b6:de:9b:44:be:12:6c:99:a1:b8:1c:
90:d1:c3:46:75:54:85:0f:20:0d:2b:f4:8e:bb:8e:8a:13:dd:
93:94:00:a9:00:c9:88:34:84:50:18:76:59:5d:f6:9e:e5:e7:
64:58:85:34:54:65:fb:ad:27:ad:3a:f7:b9:d2:85:3d:25:fa:
f5:20:8a:46:e6:c6:3c:d5:5b:c5:42:bc:5d:28:61:32:02:58:
e7:06:76:e2:72:52:4e:e9:f2:44:4e:5b:32:e7:16:55:e2:2f:
32:86:2f:1c:3c:97:57:f2:e9:8d:c5:c5:d5:5b:ac:1b:0f:ef:
66:2d:a1:8d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwuuKQB+iHBjbPUYDHNGMb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMxMjAzMDgwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjEzNzg0NDgwM2NhODVmODZiMjBkMDZmYTJiMmI0ODZkNTQxZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsldTMJHfIfVYdhW5zTs+pNY6zsUz
f224dsgqYAOpzZFsIg3Opx9z8UWU933aj7NN2sVlMlkie/Y6VZd6g+NfHR77OYcQ
LZ312T0Kxvz+rxvq/pmHBNBPs+qRnIbdihoxOQf2QpCEr52MPwEukIJ4jJJe7VbJ
PnNtlHC6yYYABHry/It1TNj3g++OszI2cB/qxB2AMO6ENB/X5A/DdBal9XYl/9P3
0w+aKtAMtzbkxB3odnSlS9PIXHQkUYR6HpdmJxJigncViPoJWTzh3Hm2+jh7YBpZ
JXecaZhvTsT/uK/laC7PfGhpcsg/SCVaZOfaM4tlUwLaxKVIC0YywmRQKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCsTeESAPKhfhrINBvorK0htVB/mMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvS3hONFJJQThxRi1Hc2cwRy1pc3JTRzFVSC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALq+CAwQB
e/3UAwQAjWKJAwQAjWKLAwQAuW4/MA0GCSqGSIb3DQEBCwUAA4IBAQCUkuP4+Nbp
MgUjhpzzyGeYfbnS9FtcvOlPrULoj9waViLYTUasC62NNPy8Vn7S05gIsnR5yFYp
DDOBjJxIkGfwYhQhUSViDsMUNagV7MbVnIrdMDKYpaLQGBU4DbeLiBOJuO6JGbQO
1SldCDrAfGspTSwIn3nVWP5iS1QQUeiQCK2ZEF34tt6bRL4SbJmhuByQ0cNGdVSF
DyANK/SOu46KE92TlACpAMmINIRQGHZZXfae5edkWIU0VGX7rSetOve50oU9Jfr1
IIpG5sY81VvFQrxdKGEyAljnBnbiclJO6fJETlsy5xZV4i8yhi8cPJdX8umNxcXV
W6wbD+9mLaGN
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:50 2024 by rpki-client on console-ams.rpki-client.org