Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/KZ_oWJsNvgPnkiPESU741TjHLic.roa
File: KZ_oWJsNvgPnkiPESU741TjHLic.roa (raw, json)
Hash identifier: TBT/v8s8Mq4UVzLq9TPVKwxeEmDKmb5nncG0ZL/rMXo=
Subject key identifier: 29:9F:E8:58:9B:0D:BE:03:E7:92:23:C4:49:4E:F8:D5:38:C7:2E:27
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA427519BE939FD80E4CEA04FE70B4
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/KZ_oWJsNvgPnkiPESU741TjHLic.roa
Signing time: Mon 02 Jan 2023 13:44:47 +0000
ROA not before: Mon 02 Jan 2023 13:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8617
IP address blocks: 195.251.152.0/21 maxlen: 21
195.251.160.0/21 maxlen: 21
195.251.168.0/21 maxlen: 21
195.251.176.0/21 maxlen: 21
195.251.184.0/21 maxlen: 21
195.251.128.0/18 maxlen: 18
2001:648:2050::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:42:75:19:be:93:9f:d8:0e:4c:ea:04:fe:70:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=299fe8589b0dbe03e79223c4494ef8d538c72e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ba:24:53:86:87:5e:e0:99:38:94:e3:52:97:
e5:d4:00:12:c5:86:35:92:9e:b8:73:5c:a6:15:81:
24:6c:e7:36:61:fa:c8:56:38:66:a3:59:cf:9b:32:
43:77:8e:35:65:7e:95:9a:91:fc:ae:7f:cb:1a:f4:
01:14:19:fe:4d:e3:3c:a4:09:6b:6d:7d:e3:e8:0d:
f0:2a:8a:58:2e:d1:76:07:5d:ee:58:ec:5a:ac:bf:
2b:b8:cd:1d:3a:ad:fc:d5:df:23:eb:04:89:d4:82:
bf:60:6d:bf:1a:7b:97:a4:7a:40:5e:46:66:5e:89:
99:fc:55:06:6d:35:9a:af:b8:5a:43:a0:25:39:46:
f4:65:d6:d5:1b:2b:16:30:2a:82:81:68:e8:ae:fd:
c0:f2:ab:85:b8:0d:ec:c0:1a:1f:01:fd:8d:d7:7f:
95:fd:39:5c:07:01:52:c6:52:69:69:5c:db:63:f0:
6d:b3:00:2d:b1:71:62:15:a5:ce:87:22:54:60:31:
62:aa:a6:88:5c:5b:ce:45:c4:ae:f7:15:e0:a3:01:
85:4d:98:bf:0f:c0:43:a0:74:7d:82:7f:a1:a5:95:
c4:24:24:24:a5:a0:32:0e:ea:ec:17:55:d7:fe:94:
0b:7e:bb:a5:46:98:12:db:4d:14:cc:a8:02:8d:1c:
ff:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9F:E8:58:9B:0D:BE:03:E7:92:23:C4:49:4E:F8:D5:38:C7:2E:27
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/KZ_oWJsNvgPnkiPESU741TjHLic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.251.128.0/18
IPv6:
2001:648:2050::/48
Signature Algorithm: sha256WithRSAEncryption
a7:fe:b1:4e:e7:aa:4a:ab:55:05:52:9b:75:57:f8:9e:66:62:
3b:a5:98:d4:84:49:8a:fb:5b:6b:56:f7:75:db:e8:00:53:82:
ca:26:d5:63:b0:e1:f0:2c:f3:a9:9e:c5:9b:28:37:ad:9f:d3:
81:47:e5:b6:7c:ec:9b:da:68:fa:0d:44:1c:4c:61:5e:c7:45:
18:63:0a:90:95:a2:6a:c7:6d:b3:6c:85:fa:b9:ea:6e:02:62:
55:8d:b5:0a:18:0c:b6:e4:ca:08:8e:d9:df:be:ba:b1:58:eb:
bf:17:5f:1c:59:58:a8:52:59:8d:19:d3:ce:a2:6f:fe:6d:c6:
5d:4f:39:71:16:12:96:3d:00:e0:8a:5c:92:5f:b8:81:f8:99:
a1:d3:2d:72:ef:0a:1c:11:7b:b8:4d:16:da:17:93:0b:71:55:
0e:9f:a2:6c:07:e8:94:57:4d:ab:79:b1:74:a0:60:8d:d9:6c:
99:cf:50:2d:8a:fb:28:0f:03:43:4f:02:df:55:df:70:7a:b8:
02:15:59:1d:d4:13:8b:d5:d7:d5:6b:da:d0:10:ad:19:d9:f5:
b1:f2:c2:40:2f:85:44:51:6d:11:70:9c:23:59:a7:ae:0e:10:
7f:77:5b:b6:b6:35:41:e9:17:0f:39:4c:d1:af:d3:ff:12:36:
91:33:90:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyukJ1Gb6Tn9gOTOoE/nC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTlmZTg1ODliMGRiZTAzZTc5MjIzYzQ0OTRlZjhkNTM4YzcyZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rokU4aHXuCZOJTjUpfl1AASxYY1
kp64c1ymFYEkbOc2YfrIVjhmo1nPmzJDd441ZX6VmpH8rn/LGvQBFBn+TeM8pAlr
bX3j6A3wKopYLtF2B13uWOxarL8ruM0dOq381d8j6wSJ1IK/YG2/GnuXpHpAXkZm
XomZ/FUGbTWar7haQ6AlOUb0ZdbVGysWMCqCgWjorv3A8quFuA3swBofAf2N13+V
/TlcBwFSxlJpaVzbY/BtswAtsXFiFaXOhyJUYDFiqqaIXFvORcSu9xXgowGFTZi/
D8BDoHR9gn+hpZXEJCQkpaAyDursF1XX/pQLfrulRpgS200UzKgCjRz/vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCmf6FibDb4D55IjxElO+NU4xy4nMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvS1pfb1dKc052Z1Bua2lQRVNVNzQxVGpITGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQGw/uAMA8E
AgACMAkDBwAgAQZIIFAwDQYJKoZIhvcNAQELBQADggEBAKf+sU7nqkqrVQVSm3VX
+J5mYjulmNSESYr7W2tW93Xb6ABTgsom1WOw4fAs86mexZsoN62f04FH5bZ87Jva
aPoNRBxMYV7HRRhjCpCVomrHbbNshfq56m4CYlWNtQoYDLbkygiO2d++urFY678X
XxxZWKhSWY0Z086ib/5txl1POXEWEpY9AOCKXJJfuIH4maHTLXLvChwRe7hNFtoX
kwtxVQ6fomwH6JRXTat5sXSgYI3ZbJnPUC2K+ygPA0NPAt9V33B6uAIVWR3UE4vV
19Vr2tAQrRnZ9bHywkAvhURRbRFwnCNZp64OEH93W7a2NUHpFw85TNGv0/8SNpEz
kAk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org