Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/Kt-po0pPLjq1xR2u4VBAEVV5B_Q.roa
File: Kt-po0pPLjq1xR2u4VBAEVV5B_Q.roa (raw, json)
Hash identifier: ukUewPrXAJZfAyc46VhVhH5NmzSS5RTckj1x4Ra5zj4=
Subject key identifier: 2A:DF:A9:A3:4A:4F:2E:3A:B5:C5:1D:AE:E1:50:40:11:55:79:07:F4
Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial: 01856F392CEFB71546172BA113633E98D8B7
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/Kt-po0pPLjq1xR2u4VBAEVV5B_Q.roa
Signing time: Sun 01 Jan 2023 21:24:55 +0000
ROA not before: Sun 01 Jan 2023 21:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212939
IP address blocks: 185.66.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:2c:ef:b7:15:46:17:2b:a1:13:63:3e:98:d8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Validity
Not Before: Jan 1 21:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2adfa9a34a4f2e3ab5c51daee1504011557907f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:33:ba:96:7c:76:8e:19:86:26:e8:35:a0:99:
49:89:65:71:52:59:8b:49:8c:f5:4c:c3:c4:bf:39:
c1:50:e6:69:02:37:31:5e:72:ab:18:4d:c3:12:b9:
70:7d:c5:95:29:79:d1:d3:ff:e0:51:dd:43:12:41:
72:0d:7a:f3:dc:9d:81:b4:72:9d:75:da:48:19:85:
e8:59:1b:f4:3c:24:db:b6:ee:7a:29:08:e5:9c:31:
0d:6e:95:65:a0:19:d7:ff:e0:dd:ba:bf:09:ff:44:
21:7e:78:b9:68:ce:58:3f:92:0c:fe:c3:6c:d9:ca:
63:12:d0:d5:3d:fd:00:7e:69:67:16:76:5d:4d:12:
ae:a0:f3:14:1b:ef:42:b7:c3:c6:84:71:11:30:66:
23:18:64:54:4d:20:b8:e1:3e:48:90:cb:e0:62:13:
d4:c4:ef:5a:5b:d0:b5:62:3e:1f:d2:e8:b6:eb:0d:
88:8a:51:f0:a5:bf:f5:b0:12:0c:f2:2c:3a:f4:cd:
d2:5d:39:2f:27:1b:20:83:31:96:27:73:3f:c6:31:
1e:ff:55:35:f3:cb:be:ce:9c:e0:4d:5c:fa:42:43:
f9:48:79:78:fe:bd:16:6f:50:65:5f:b8:4e:52:53:
27:fe:77:5c:1d:36:e3:f2:c7:fa:4d:a4:c0:79:88:
62:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DF:A9:A3:4A:4F:2E:3A:B5:C5:1D:AE:E1:50:40:11:55:79:07:F4
X509v3 Authority Key Identifier:
keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/Kt-po0pPLjq1xR2u4VBAEVV5B_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.230.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b9:f3:3f:7c:96:d7:b4:29:04:85:11:a7:6d:ed:e0:65:c0:
12:2d:70:3e:3d:52:15:0f:cb:24:6e:59:0c:04:03:72:3b:46:
31:38:80:0b:dc:11:47:bc:83:bc:26:e6:1b:44:3a:4a:a3:27:
40:48:63:75:57:46:f8:95:9c:9f:cc:12:ff:06:54:d1:54:c2:
f6:55:e0:50:41:da:3e:aa:bb:1e:ce:db:c8:f1:57:84:48:7d:
a5:bd:dd:f0:6d:47:d9:2e:5c:a8:37:8b:46:f4:53:ff:c3:1b:
74:d9:da:57:c6:c4:48:c6:1e:b8:fc:5d:1f:d5:60:bc:5a:21:
a7:18:c4:de:5e:b9:84:09:80:7c:94:67:43:1b:77:df:1b:20:
c9:81:94:5c:c7:da:13:00:03:32:2a:e9:70:c8:8a:90:9f:99:
7e:dd:ec:0a:6c:55:e7:77:7b:ff:7b:32:ab:6c:42:ff:b8:ff:
7c:df:26:41:9d:a9:05:b3:e6:8a:d0:0c:16:e7:f1:4f:af:13:
d2:92:a1:90:b7:86:58:5a:f8:22:81:cf:66:e9:17:64:49:cf:
d5:ed:e2:7e:0c:b8:a0:4b:69:cf:89:38:e4:d0:cc:2d:ce:c3:
58:14:cf:14:b1:92:e1:d0:14:25:f5:0d:82:06:97:47:89:43:
11:6f:ec:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOSzvtxVGFyuhE2M+mNi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjMwMTAxMjEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWRmYTlhMzRhNGYyZTNhYjVjNTFkYWVlMTUwNDAxMTU1NzkwN2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDO6lnx2jhmGJug1oJlJiWVxUlmL
SYz1TMPEvznBUOZpAjcxXnKrGE3DErlwfcWVKXnR0//gUd1DEkFyDXrz3J2BtHKd
ddpIGYXoWRv0PCTbtu56KQjlnDENbpVloBnX/+Ddur8J/0Qhfni5aM5YP5IM/sNs
2cpjEtDVPf0AfmlnFnZdTRKuoPMUG+9Ct8PGhHERMGYjGGRUTSC44T5IkMvgYhPU
xO9aW9C1Yj4f0ui26w2IilHwpb/1sBIM8iw69M3SXTkvJxsggzGWJ3M/xjEe/1U1
88u+zpzgTVz6QkP5SHl4/r0Wb1BlX7hOUlMn/ndcHTbj8sf6TaTAeYhiVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrfqaNKTy46tcUdruFQQBFVeQf0MB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEvS3QtcG8wcFBManExeFIydTRWQkFFVlY1Ql9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuULmMA0G
CSqGSIb3DQEBCwUAA4IBAQBiufM/fJbXtCkEhRGnbe3gZcASLXA+PVIVD8skblkM
BANyO0YxOIAL3BFHvIO8JuYbRDpKoydASGN1V0b4lZyfzBL/BlTRVML2VeBQQdo+
qrseztvI8VeESH2lvd3wbUfZLlyoN4tG9FP/wxt02dpXxsRIxh64/F0f1WC8WiGn
GMTeXrmECYB8lGdDG3ffGyDJgZRcx9oTAAMyKulwyIqQn5l+3ewKbFXnd3v/ezKr
bEL/uP983yZBnakFs+aK0AwW5/FPrxPSkqGQt4ZYWvgigc9m6RdkSc/V7eJ+DLig
S2nPiTjk0MwtzsNYFM8UsZLh0BQl9Q2CBpdHiUMRb+wZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:43 2024 by rpki-client on console-ams.rpki-client.org