Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/17a69d-b7f7-4ba1-b7ee-98bc254c23e5/1/KQoowz9gi8-J7L9wPHREPYZopFs.roa
File: KQoowz9gi8-J7L9wPHREPYZopFs.roa (raw, json)
Hash identifier: nMQGtYGcgmw71aG2RbCbU5vHf1C0po7xKNQ+rRBk4tI=
Subject key identifier: 29:0A:28:C3:3F:60:8B:CF:89:EC:BF:70:3C:74:44:3D:86:68:A4:5B
Certificate issuer: /CN=98097c2bb062b5c2992391a4ed1ee4f4fa3779cb
Certificate serial: 0185720C40A4DE5DD365E3B0D48AEDA0D074
Authority key identifier: 98:09:7C:2B:B0:62:B5:C2:99:23:91:A4:ED:1E:E4:F4:FA:37:79:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mAl8K7BitcKZI5Gk7R7k9Po3ecs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/17a69d-b7f7-4ba1-b7ee-98bc254c23e5/1/KQoowz9gi8-J7L9wPHREPYZopFs.roa
Signing time: Mon 02 Jan 2023 10:34:43 +0000
ROA not before: Mon 02 Jan 2023 10:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16117
IP address blocks: 62.116.224.0/19 maxlen: 19
84.23.128.0/19 maxlen: 19
185.98.244.0/22 maxlen: 22
79.142.208.0/20 maxlen: 20
213.141.64.0/19 maxlen: 19
2001:b48::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:40:a4:de:5d:d3:65:e3:b0:d4:8a:ed:a0:d0:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98097c2bb062b5c2992391a4ed1ee4f4fa3779cb
Validity
Not Before: Jan 2 10:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=290a28c33f608bcf89ecbf703c74443d8668a45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:66:60:60:60:0e:3a:9e:d8:89:d7:f3:d3:1c:
16:63:fc:b5:0e:42:d0:33:71:6e:95:b7:52:51:84:
6f:24:5f:a8:0c:3f:64:50:39:21:5a:34:fe:ac:20:
02:04:3d:77:6e:c8:c8:ea:88:6b:a4:fa:1b:78:1e:
db:15:f5:54:aa:ba:c2:6c:42:a0:6f:d9:50:a2:69:
16:c9:82:0b:3b:8b:a3:f5:7d:c7:9e:e7:8f:9e:0b:
4e:eb:bd:2b:5e:ff:ff:2e:68:0a:41:e3:ce:5a:23:
61:56:ac:6a:b5:c9:cf:61:f6:6c:ec:62:8a:d7:1a:
43:fe:81:98:93:9e:dc:4b:6c:d7:3f:85:8c:ef:b7:
b6:d1:73:e1:32:f7:43:80:ac:96:d8:26:25:01:09:
74:c1:49:be:3b:19:d2:62:cf:2e:b4:f1:f5:9f:d3:
71:a1:3f:18:51:84:71:73:a0:ea:9f:d0:49:e8:16:
5b:4f:c1:a8:a5:fe:00:f3:74:df:1a:8d:f2:ab:d3:
70:89:ae:39:49:06:e9:15:de:67:c2:da:6c:c5:ad:
8f:dc:23:e4:67:d7:af:e5:51:1b:20:c6:ec:79:a5:
b4:c2:91:86:79:10:9a:f6:8d:26:6c:56:31:33:51:
19:9d:ad:87:f0:ba:f0:74:08:d2:1c:82:cb:4d:57:
c6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0A:28:C3:3F:60:8B:CF:89:EC:BF:70:3C:74:44:3D:86:68:A4:5B
X509v3 Authority Key Identifier:
keyid:98:09:7C:2B:B0:62:B5:C2:99:23:91:A4:ED:1E:E4:F4:FA:37:79:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mAl8K7BitcKZI5Gk7R7k9Po3ecs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/17a69d-b7f7-4ba1-b7ee-98bc254c23e5/1/KQoowz9gi8-J7L9wPHREPYZopFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/17a69d-b7f7-4ba1-b7ee-98bc254c23e5/1/mAl8K7BitcKZI5Gk7R7k9Po3ecs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.116.224.0/19
79.142.208.0/20
84.23.128.0/19
185.98.244.0/22
213.141.64.0/19
IPv6:
2001:b48::/29
Signature Algorithm: sha256WithRSAEncryption
a8:2a:0c:36:00:6b:4a:ab:d8:06:04:44:b3:da:02:0b:cd:9e:
7d:6d:dc:d7:28:dc:fe:e6:17:ae:f0:4c:f4:46:1e:9a:f2:4d:
5e:f9:fd:11:f2:ea:67:f2:30:f0:85:61:cb:ae:f1:61:44:19:
b9:16:dd:91:27:24:2b:14:fb:26:d0:d3:29:74:bb:c3:80:0a:
17:d3:64:8f:cb:e9:1e:01:23:f4:f0:d2:7b:e6:d7:94:d0:76:
d4:7e:d7:91:a8:73:3f:fb:46:e1:2d:3b:dd:27:e1:6b:b5:a4:
bf:5e:cd:96:f8:9c:4b:5f:46:49:3b:a0:e0:b5:bf:5c:78:fe:
8c:4c:b7:47:fb:f2:27:e4:a1:40:b2:1e:41:ce:01:e3:c7:f3:
33:a9:f6:70:7b:a3:24:7c:e2:e0:db:f5:2a:2b:97:4b:c5:b0:
ad:73:b7:a9:18:4c:a2:f6:15:19:3a:c4:ae:30:7c:25:db:54:
41:1f:ba:c8:d1:95:9b:41:6d:88:eb:3f:87:c1:9a:48:b0:64:
b8:7e:df:fb:df:c3:2d:d4:e5:35:2f:14:fb:bb:e0:44:d9:fe:
98:04:68:0b:b3:0d:b6:24:8e:71:43:3a:db:f7:01:24:84:e6:
d5:e2:47:6a:60:94:cd:a9:91:6b:7a:b2:95:e9:92:dd:72:77:
d7:75:d8:5c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVyDECk3l3TZeOw1IrtoNB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MDk3YzJiYjA2MmI1YzI5OTIzOTFhNGVkMWVlNGY0ZmEz
Nzc5Y2IwHhcNMjMwMTAyMTAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBhMjhjMzNmNjA4YmNmODllY2JmNzAzYzc0NDQzZDg2NjhhNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWZgYGAOOp7Yidfz0xwWY/y1DkLQ
M3FulbdSUYRvJF+oDD9kUDkhWjT+rCACBD13bsjI6ohrpPobeB7bFfVUqrrCbEKg
b9lQomkWyYILO4uj9X3HnuePngtO670rXv//LmgKQePOWiNhVqxqtcnPYfZs7GKK
1xpD/oGYk57cS2zXP4WM77e20XPhMvdDgKyW2CYlAQl0wUm+OxnSYs8utPH1n9Nx
oT8YUYRxc6Dqn9BJ6BZbT8Gopf4A83TfGo3yq9Nwia45SQbpFd5nwtpsxa2P3CPk
Z9ev5VEbIMbseaW0wpGGeRCa9o0mbFYxM1EZna2H8LrwdAjSHILLTVfGGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCkKKMM/YIvPiey/cDx0RD2GaKRbMB8GA1UdIwQY
MBaAFJgJfCuwYrXCmSORpO0e5PT6N3nLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUFsOEs3Qml0Y0taSTVHazdSN2s5UG8zZWNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8xN2E2OWQtYjdmNy00YmExLWI3ZWUt
OThiYzI1NGMyM2U1LzEvS1Fvb3d6OWdpOC1KN0w5d1BIUkVQWVpvcEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8xN2E2OWQtYjdmNy00YmExLWI3ZWUtOThiYzI1NGMyM2U1
LzEvbUFsOEs3Qml0Y0taSTVHazdSN2s5UG8zZWNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPnTgAwQE
T47QAwQFVBeAAwQCuWL0AwQF1Y1AMA0EAgACMAcDBQMgAQtIMA0GCSqGSIb3DQEB
CwUAA4IBAQCoKgw2AGtKq9gGBESz2gILzZ59bdzXKNz+5heu8Ez0Rh6a8k1e+f0R
8upn8jDwhWHLrvFhRBm5Ft2RJyQrFPsm0NMpdLvDgAoX02SPy+keASP08NJ75teU
0HbUfteRqHM/+0bhLTvdJ+FrtaS/Xs2W+JxLX0ZJO6Dgtb9ceP6MTLdH+/In5KFA
sh5BzgHjx/MzqfZwe6MkfOLg2/UqK5dLxbCtc7epGEyi9hUZOsSuMHwl21RBH7rI
0ZWbQW2I6z+HwZpIsGS4ft/738Mt1OU1LxT7u+BE2f6YBGgLsw22JI5xQzrb9wEk
hObV4kdqYJTNqZFrerKV6ZLdcnfXddhc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:15 2024 by rpki-client on console-ams.rpki-client.org