Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kWVBGCfsSJmr8Q5RFlOF9FOoaPU.roa
File: kWVBGCfsSJmr8Q5RFlOF9FOoaPU.roa (raw, json)
Hash identifier: aye5EBm+PtZR7BuTLHedpv8/iw3j1p7T7J951/lKwiQ=
Subject key identifier: 91:65:41:18:27:EC:48:99:AB:F1:0E:51:16:53:85:F4:53:A8:68:F5
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AC0FC64D233D517A8B09AD79FF464
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kWVBGCfsSJmr8Q5RFlOF9FOoaPU.roa
Signing time: Mon 02 Jan 2023 17:15:02 +0000
ROA not before: Mon 02 Jan 2023 17:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47507
IP address blocks: 212.104.160.0/19 maxlen: 24
86.105.234.0/24 maxlen: 24
193.91.0.0/24 maxlen: 24
193.91.10.0/24 maxlen: 24
185.43.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:c0:fc:64:d2:33:d5:17:a8:b0:9a:d7:9f:f4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9165411827ec4899abf10e51165385f453a868f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e3:b7:50:0f:9a:0b:bd:f6:4d:7d:34:ee:a7:
65:dd:e0:ca:7d:25:56:8f:c3:70:3a:d5:88:46:e1:
5b:4c:35:24:dd:29:f8:11:ac:88:65:5d:a1:6d:8f:
07:ff:a1:3b:3f:34:00:bd:06:05:fa:f6:b0:76:f9:
04:61:05:98:27:d7:9b:e5:f3:af:2a:7f:ed:32:a7:
80:b0:c0:89:96:2f:76:75:14:a9:65:f2:30:1a:db:
f9:a1:31:1b:99:d1:d5:51:3d:0e:9e:e1:ab:e4:85:
a2:d0:df:cf:5d:a7:18:6f:3b:48:ec:10:b1:0b:49:
c2:53:a4:f8:51:2e:da:57:aa:a5:48:54:05:18:6d:
4b:f1:44:69:2b:e1:b6:ee:39:93:c6:80:32:e0:57:
ad:cd:74:68:9b:c9:0c:17:4b:db:06:bb:49:c8:8c:
be:ca:13:8d:dd:dc:1c:4c:07:24:ed:7c:2b:b1:35:
c5:3e:48:a4:ff:2a:79:ac:e5:78:07:01:ed:f0:a9:
75:61:05:38:eb:b4:52:db:26:51:2f:1c:48:94:9c:
37:b0:31:66:66:21:d7:ac:14:b5:c3:ef:1b:31:1f:
44:79:b7:88:8e:87:07:28:75:b0:97:2f:59:db:97:
e7:49:46:33:2f:8d:f3:b6:e2:9c:d2:56:bb:a2:6c:
46:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:65:41:18:27:EC:48:99:AB:F1:0E:51:16:53:85:F4:53:A8:68:F5
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kWVBGCfsSJmr8Q5RFlOF9FOoaPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.234.0/24
185.43.252.0/22
193.91.0.0/24
193.91.10.0/24
212.104.160.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:af:f4:6a:22:67:fc:51:7e:fb:a8:88:cc:29:f1:66:6a:c0:
b7:47:d9:35:52:f5:56:06:b8:6a:ce:d5:d5:a5:6e:71:b9:e7:
3a:90:85:98:97:b3:a2:c8:4e:c5:5f:8e:c4:24:62:28:ac:8d:
a9:cd:6a:77:f0:c2:62:aa:e7:cb:ca:17:10:ba:68:02:cc:a9:
72:18:f8:0d:4c:91:3f:7c:b4:17:4b:6c:4c:d5:0f:3a:cb:34:
ad:ef:ff:62:61:22:92:d9:66:a2:77:a2:0d:b3:ba:99:1f:a6:
2d:31:1c:f5:90:28:0a:83:6a:c4:0a:47:3e:85:29:d9:7f:6f:
34:bb:d2:80:e2:71:02:30:a1:9c:c6:ad:db:30:c9:04:3a:06:
29:3e:a5:7f:47:d1:60:a2:06:f7:d0:46:49:c2:cb:bf:32:65:
99:6f:9f:28:1e:0c:31:11:9f:a7:f8:2b:9f:04:3a:01:3a:64:
d9:52:38:aa:4c:0c:b4:4d:16:d4:64:24:a2:de:0b:3f:d8:26:
78:38:47:de:64:da:5d:c7:90:f2:40:6e:5b:03:d2:cf:8d:30:
ca:e8:85:92:0a:fc:f2:76:49:bb:b6:02:18:bf:5b:ef:94:cd:
73:f9:2b:45:d7:a4:9c:81:25:ff:64:f8:ee:ba:26:b1:be:b8:
72:68:35:9b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVzesD8ZNIz1ReosJrXn/RkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY1NDExODI3ZWM0ODk5YWJmMTBlNTExNjUzODVmNDUzYTg2OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOO3UA+aC732TX007qdl3eDKfSVW
j8NwOtWIRuFbTDUk3Sn4EayIZV2hbY8H/6E7PzQAvQYF+vawdvkEYQWYJ9eb5fOv
Kn/tMqeAsMCJli92dRSpZfIwGtv5oTEbmdHVUT0OnuGr5IWi0N/PXacYbztI7BCx
C0nCU6T4US7aV6qlSFQFGG1L8URpK+G27jmTxoAy4FetzXRom8kMF0vbBrtJyIy+
yhON3dwcTAck7XwrsTXFPkik/yp5rOV4BwHt8Kl1YQU467RS2yZRLxxIlJw3sDFm
ZiHXrBS1w+8bMR9EebeIjocHKHWwly9Z25fnSUYzL43ztuKc0la7omxGqQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJFlQRgn7EiZq/EOURZThfRTqGj1MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEva1dWQkdDZnNTSm1yOFE1UkZsT0Y5Rk9vYVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmnqAwQC
uSv8AwQAwVsAAwQAwVsKAwQF1GigMA0GCSqGSIb3DQEBCwUAA4IBAQBtr/RqImf8
UX77qIjMKfFmasC3R9k1UvVWBrhqztXVpW5xuec6kIWYl7OiyE7FX47EJGIorI2p
zWp38MJiqufLyhcQumgCzKlyGPgNTJE/fLQXS2xM1Q86yzSt7/9iYSKS2Waid6IN
s7qZH6YtMRz1kCgKg2rECkc+hSnZf280u9KA4nECMKGcxq3bMMkEOgYpPqV/R9Fg
ogb30EZJwsu/MmWZb58oHgwxEZ+n+CufBDoBOmTZUjiqTAy0TRbUZCSi3gs/2CZ4
OEfeZNpdx5DyQG5bA9LPjTDK6IWSCvzydkm7tgIYv1vvlM1z+StF16ScgSX/ZPju
uiaxvrhyaDWb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org