Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/KgNUzWnY1r6BwhJdLXFlD9CBXyU.roa
File: KgNUzWnY1r6BwhJdLXFlD9CBXyU.roa (raw, json)
Hash identifier: XyIiu7/YpuNE639Dv7NhV+qheudJXCnfPWdnzdbtY64=
Subject key identifier: 2A:03:54:CD:69:D8:D6:BE:81:C2:12:5D:2D:71:65:0F:D0:81:5F:25
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0186B73B0A34C6AF1D0F5E359DA2B660A938
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/KgNUzWnY1r6BwhJdLXFlD9CBXyU.roa
Signing time: Mon 06 Mar 2023 14:02:25 +0000
ROA not before: Mon 06 Mar 2023 14:02:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.255.56.0/23 maxlen: 24
91.229.134.0/23 maxlen: 24
185.240.132.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 16:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:3b:0a:34:c6:af:1d:0f:5e:35:9d:a2:b6:60:a9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Mar 6 14:02:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a0354cd69d8d6be81c2125d2d71650fd0815f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:cb:34:86:cb:54:20:f6:64:32:87:9d:fd:
6a:00:95:32:b8:1d:c7:cc:f6:53:a2:e7:94:f2:15:
39:1d:81:88:bb:e2:e5:e3:51:2c:ff:02:72:14:d6:
e9:ce:b7:2e:a8:72:39:25:7f:f3:df:77:f1:72:51:
ec:c4:35:cf:32:39:7f:0c:63:86:0f:fc:fa:01:a9:
d5:5e:39:bc:47:ac:91:93:54:74:84:5c:5b:b9:26:
64:14:04:5f:04:3e:33:6c:27:c1:41:b1:63:71:63:
f7:bf:81:25:43:0a:84:3b:01:d2:e3:9c:e3:29:40:
9d:ba:71:21:18:e3:8b:c1:13:db:42:0b:62:17:76:
fd:41:99:76:78:b9:73:68:bb:1b:74:f7:d4:74:33:
f9:9c:e1:b6:e6:21:6f:09:3e:7c:f0:05:eb:27:9b:
dd:7f:65:98:b0:3d:b5:68:d3:bc:bc:ab:f1:eb:cb:
ec:98:c1:27:36:00:1f:70:ce:ef:3b:00:be:ec:f7:
96:d3:d3:a3:88:98:61:89:f6:c3:75:58:68:a8:0d:
cd:00:95:b0:31:68:06:fe:cf:13:c3:de:30:df:2e:
d5:f1:c8:bd:d5:71:1b:4e:2c:d0:04:7f:e9:51:7f:
6f:08:ff:0e:f5:02:a8:34:37:6e:ad:e8:d3:6f:89:
55:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:03:54:CD:69:D8:D6:BE:81:C2:12:5D:2D:71:65:0F:D0:81:5F:25
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/KgNUzWnY1r6BwhJdLXFlD9CBXyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.134.0/23
185.240.132.0/23
185.255.56.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:e7:72:d6:9f:d5:f2:37:de:c8:ba:b7:6d:c5:b7:07:17:2a:
90:29:80:f0:a3:47:1c:4e:21:52:47:f6:50:9b:4d:ce:29:18:
80:54:8b:67:af:e7:17:5e:bd:94:3b:87:00:aa:5b:12:c7:91:
ce:6f:19:a9:ec:ae:58:7f:d0:4f:37:88:07:4f:0f:e5:44:66:
f9:55:0b:a7:82:bc:9e:ea:81:f2:a0:2d:bb:75:f7:4e:13:e8:
c0:c4:47:8a:a7:4a:58:20:f2:de:be:3a:ea:88:2c:3b:62:15:
89:1b:98:42:51:a3:22:3d:9c:46:c4:38:94:0d:29:de:58:bd:
0d:14:bb:58:a2:91:53:d2:96:66:6d:5e:88:9f:6e:44:4c:f2:
bf:cc:fc:63:10:a7:57:bc:8a:ee:08:b0:0c:04:4f:ad:d6:e7:
e7:36:6b:95:cc:35:28:78:54:43:2f:5d:26:2f:91:eb:84:83:
f6:f8:24:8f:80:80:f9:95:36:c6:1b:1d:98:5c:2b:cf:04:b8:
78:98:e6:77:65:e3:79:0d:a4:db:f9:12:bf:90:69:8a:c0:db:
9b:53:b5:80:ba:1a:67:d2:6f:90:04:99:20:38:0d:fc:de:f6:
96:25:cc:48:61:05:06:18:7f:da:34:37:3f:5e:bf:00:85:ee:
72:b0:c1:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa3Owo0xq8dD141naK2YKk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMzA2MTQwMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTAzNTRjZDY5ZDhkNmJlODFjMjEyNWQyZDcxNjUwZmQwODE1ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrLLNIbLVCD2ZDKHnf1qAJUyuB3H
zPZToueU8hU5HYGIu+Ll41Es/wJyFNbpzrcuqHI5JX/z33fxclHsxDXPMjl/DGOG
D/z6AanVXjm8R6yRk1R0hFxbuSZkFARfBD4zbCfBQbFjcWP3v4ElQwqEOwHS45zj
KUCdunEhGOOLwRPbQgtiF3b9QZl2eLlzaLsbdPfUdDP5nOG25iFvCT588AXrJ5vd
f2WYsD21aNO8vKvx68vsmMEnNgAfcM7vOwC+7PeW09OjiJhhifbDdVhoqA3NAJWw
MWgG/s8Tw94w3y7V8ci91XEbTizQBH/pUX9vCP8O9QKoNDdurejTb4lVFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCoDVM1p2Na+gcISXS1xZQ/QgV8lMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvS2dOVXpXblkxcjZCd2hKZExYRmxEOUNCWHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+WGAwQB
ufCEAwQBuf84MA0GCSqGSIb3DQEBCwUAA4IBAQC353LWn9XyN97IurdtxbcHFyqQ
KYDwo0ccTiFSR/ZQm03OKRiAVItnr+cXXr2UO4cAqlsSx5HObxmp7K5Yf9BPN4gH
Tw/lRGb5VQungrye6oHyoC27dfdOE+jAxEeKp0pYIPLevjrqiCw7YhWJG5hCUaMi
PZxGxDiUDSneWL0NFLtYopFT0pZmbV6In25ETPK/zPxjEKdXvIruCLAMBE+t1ufn
NmuVzDUoeFRDL10mL5HrhIP2+CSPgID5lTbGGx2YXCvPBLh4mOZ3ZeN5DaTb+RK/
kGmKwNubU7WAuhpn0m+QBJkgOA383vaWJcxIYQUGGH/aNDc/Xr8Ahe5ysMGf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:41 2024 by rpki-client on console-ams.rpki-client.org