Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/KcSJkmH65DJl_NuvC4FKOQ0bYIk.roa
File: KcSJkmH65DJl_NuvC4FKOQ0bYIk.roa (raw, json)
Hash identifier: 5RuNqIywMbCat/trGV16Y6cI1qp4TvR/CejUJZ640ao=
Subject key identifier: 29:C4:89:92:61:FA:E4:32:65:FC:DB:AF:0B:81:4A:39:0D:1B:60:89
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F1610B9745CABAA1441EC20E30C6
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/KcSJkmH65DJl_NuvC4FKOQ0bYIk.roa
Signing time: Mon 02 Jan 2023 15:24:55 +0000
ROA not before: Mon 02 Jan 2023 15:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34376
IP address blocks: 85.14.31.0/24 maxlen: 24
82.119.93.0/24 maxlen: 24
85.14.35.0/24 maxlen: 24
85.14.33.0/24 maxlen: 24
85.14.32.0/24 maxlen: 24
85.14.32.0/22 maxlen: 22
85.14.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f1:61:0b:97:45:ca:ba:a1:44:1e:c2:0e:30:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29c4899261fae43265fcdbaf0b814a390d1b6089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9d:9e:ca:27:f0:f8:95:43:1a:18:c9:ff:77:
87:32:ec:ef:50:ea:93:0a:81:ef:c8:db:3e:ad:1d:
31:bc:95:53:ae:be:e0:5e:27:bd:93:fc:e7:14:2e:
a7:5a:f3:38:4d:45:37:67:85:af:50:e2:10:cb:ec:
dd:18:3f:03:6d:3f:fb:bc:c3:32:3c:55:e3:5f:5f:
ff:67:36:f2:74:a1:1d:e1:4a:6c:de:e8:3d:dd:4c:
12:bc:26:08:06:fd:48:16:d0:94:29:81:7f:13:3f:
1b:24:91:77:83:22:45:9c:c8:29:f2:cf:d5:77:e7:
d1:52:22:a5:42:f0:55:da:bf:c2:5b:19:a7:34:e1:
0d:65:e3:c7:f6:74:fb:9c:5d:b9:83:e8:f4:4c:ec:
11:98:ee:bb:f1:d3:15:d2:1f:55:0f:32:54:ac:7e:
9d:8d:d2:aa:38:5b:1c:cd:9a:42:a1:23:58:de:0c:
22:99:c4:01:84:6a:0f:53:03:42:f1:6d:20:00:cc:
2b:ef:47:7a:dc:84:7d:d7:b9:5f:b5:22:35:1f:46:
ae:e1:f8:e4:20:91:a7:28:08:0b:49:fe:80:0f:5e:
4a:e6:e5:b2:9f:30:85:f5:1a:6f:3b:9f:a9:04:d2:
c5:1c:14:72:7b:36:91:cb:c0:68:7d:ff:3a:16:99:
87:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C4:89:92:61:FA:E4:32:65:FC:DB:AF:0B:81:4A:39:0D:1B:60:89
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/KcSJkmH65DJl_NuvC4FKOQ0bYIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.93.0/24
85.14.31.0-85.14.35.255
Signature Algorithm: sha256WithRSAEncryption
4d:2e:81:0e:ab:8f:2c:32:10:f0:95:73:e2:38:34:d5:dc:7f:
18:24:c7:f1:b9:29:f2:e7:a5:65:3d:3d:b0:80:7c:f0:17:cd:
d1:9d:f5:94:8b:34:18:79:bd:48:bc:da:d4:eb:77:8f:59:48:
8d:a7:12:33:92:b2:cd:67:12:82:80:60:6e:8e:8d:eb:45:01:
68:84:41:d8:1b:c9:c6:4b:da:90:3c:22:78:38:87:44:cb:09:
a9:be:84:60:69:3e:69:f4:aa:c7:8a:7e:8a:e7:39:0c:6a:c5:
a9:b2:dc:9a:0e:7a:5f:37:4c:ab:be:3d:4f:c4:46:e7:05:2f:
d0:cd:eb:e9:dc:6b:be:4d:d5:df:39:38:ac:4b:fe:49:84:dd:
46:d6:50:5c:aa:c2:9e:f3:7e:17:a1:1c:83:6b:80:ca:a6:d4:
01:cb:02:fd:c7:93:4e:30:90:b6:dc:4d:c9:0c:15:a7:cf:15:
93:19:cb:9a:04:50:ca:62:51:03:80:14:78:a5:aa:6d:81:f1:
3a:e3:dc:b5:77:99:1b:7e:ed:d1:39:03:da:3c:fb:38:7f:7d:
62:c4:d9:68:a7:83:9f:c3:da:5a:13:f6:03:87:ec:a4:90:e7:
e0:0b:c6:07:0b:94:dd:46:32:25:dd:29:b8:7b:70:0a:d4:77:
86:05:87:db
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVzFfFhC5dFyrqhRB7CDjDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM0ODk5MjYxZmFlNDMyNjVmY2RiYWYwYjgxNGEzOTBkMWI2MDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ2eyifw+JVDGhjJ/3eHMuzvUOqT
CoHvyNs+rR0xvJVTrr7gXie9k/znFC6nWvM4TUU3Z4WvUOIQy+zdGD8DbT/7vMMy
PFXjX1//ZzbydKEd4Ups3ug93UwSvCYIBv1IFtCUKYF/Ez8bJJF3gyJFnMgp8s/V
d+fRUiKlQvBV2r/CWxmnNOENZePH9nT7nF25g+j0TOwRmO678dMV0h9VDzJUrH6d
jdKqOFsczZpCoSNY3gwimcQBhGoPUwNC8W0gAMwr70d63IR917lftSI1H0au4fjk
IJGnKAgLSf6AD15K5uWynzCF9RpvO5+pBNLFHBRyezaRy8Boff86FpmH1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCnEiZJh+uQyZfzbrwuBSjkNG2CJMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvS2NTSmttSDY1REpsX051dkM0RktPUTBiWUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAUnddMAwD
BABVDh8DBAJVDiAwDQYJKoZIhvcNAQELBQADggEBAE0ugQ6rjywyEPCVc+I4NNXc
fxgkx/G5KfLnpWU9PbCAfPAXzdGd9ZSLNBh5vUi82tTrd49ZSI2nEjOSss1nEoKA
YG6OjetFAWiEQdgbycZL2pA8Ing4h0TLCam+hGBpPmn0qseKfornOQxqxamy3JoO
el83TKu+PU/ERucFL9DN6+nca75N1d85OKxL/kmE3UbWUFyqwp7zfhehHINrgMqm
1AHLAv3Hk04wkLbcTckMFafPFZMZy5oEUMpiUQOAFHilqm2B8Trj3LV3mRt+7dE5
A9o8+zh/fWLE2Wing5/D2loT9gOH7KSQ5+ALxgcLlN1GMiXdKbh7cArUd4YFh9s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org