Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/KJ-whz3wnq4bnjLzxAQeGmp-i8Q.roa
File: KJ-whz3wnq4bnjLzxAQeGmp-i8Q.roa (raw, json)
Hash identifier: hYieADAQ3qWvgE9rHC9a571C4zyDqqQrDhlmojUfEXU=
Subject key identifier: 28:9F:B0:87:3D:F0:9E:AE:1B:9E:32:F3:C4:04:1E:1A:6A:7E:8B:C4
Certificate issuer: /CN=9f04b3cf24cf4b81b2221146a00f2277bc348780
Certificate serial: 018CC56E9DB0ACAE363380F696DB8275E499
Authority key identifier: 9F:04:B3:CF:24:CF:4B:81:B2:22:11:46:A0:0F:22:77:BC:34:87:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwSzzyTPS4GyIhFGoA8id7w0h4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/KJ-whz3wnq4bnjLzxAQeGmp-i8Q.roa
Signing time: Mon 01 Jan 2024 14:30:10 +0000
ROA not before: Mon 01 Jan 2024 14:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204567
IP address blocks: 185.175.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:9d:b0:ac:ae:36:33:80:f6:96:db:82:75:e4:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f04b3cf24cf4b81b2221146a00f2277bc348780
Validity
Not Before: Jan 1 14:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=289fb0873df09eae1b9e32f3c4041e1a6a7e8bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:70:47:59:3b:2f:d5:b0:cb:19:67:a9:d0:91:
7f:f2:72:6b:22:e9:48:f3:8d:f5:bd:b3:25:48:62:
26:c6:e5:d3:b9:1a:a9:89:90:24:c2:69:dd:56:50:
0c:b5:97:40:3c:eb:b7:fb:ac:45:ff:65:af:75:c1:
34:04:ed:6f:c8:68:a8:85:e4:9f:8a:f9:cd:14:cd:
22:1e:0b:15:0b:db:12:88:c2:d6:24:e1:be:fc:74:
dc:14:37:86:26:f9:74:68:88:d2:64:a4:d6:25:8f:
de:eb:75:fa:ef:fd:d6:9f:f4:b8:4a:31:fd:4b:eb:
3b:16:09:dc:83:91:a9:0f:50:27:db:33:86:79:05:
97:5b:ae:35:d6:82:be:d7:c8:66:f2:d8:16:35:cd:
78:e0:d8:ee:2d:c2:22:49:4a:90:84:2c:00:4b:a7:
34:62:43:80:08:93:8f:53:89:83:b8:2a:55:cf:2f:
63:00:7f:33:11:ba:e3:4d:87:06:a6:22:d5:d7:1f:
94:c2:98:c9:ae:e2:9a:f2:b0:54:08:e0:03:44:07:
4a:ea:b5:c6:47:a7:a4:de:43:b2:7f:78:d1:90:39:
c9:57:9d:96:3b:a5:9b:ac:17:d0:b9:4d:07:0e:7d:
48:60:60:86:a4:76:68:03:5b:05:66:55:be:d6:da:
27:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9F:B0:87:3D:F0:9E:AE:1B:9E:32:F3:C4:04:1E:1A:6A:7E:8B:C4
X509v3 Authority Key Identifier:
keyid:9F:04:B3:CF:24:CF:4B:81:B2:22:11:46:A0:0F:22:77:BC:34:87:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwSzzyTPS4GyIhFGoA8id7w0h4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/KJ-whz3wnq4bnjLzxAQeGmp-i8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/nwSzzyTPS4GyIhFGoA8id7w0h4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.220.0/22
Signature Algorithm: sha256WithRSAEncryption
11:38:39:2e:91:7a:cc:de:37:7b:df:81:7b:21:8a:b7:26:92:
58:79:69:f5:e3:cb:81:73:df:af:b3:35:cb:bb:ac:6e:30:d5:
40:0d:5c:ce:88:1f:ec:04:9e:33:1a:ab:82:08:32:69:51:77:
7a:5d:2f:5f:dc:43:ad:bc:aa:d2:61:07:d5:39:ab:98:b8:ab:
3e:72:7d:7f:29:d2:2e:dd:0a:01:a0:6a:73:ad:c9:2a:fb:7a:
9f:ea:f1:3d:ce:0c:56:65:65:2a:19:1c:1e:7f:15:56:b7:7d:
e6:ba:fc:ee:ee:32:81:aa:6b:8e:58:27:c6:86:28:19:f2:9e:
a0:17:30:e0:51:ed:67:48:54:f9:8f:63:ed:82:2d:d4:72:bd:
64:53:fd:78:f6:bc:8a:70:e0:8f:f5:96:12:12:18:58:4a:77:
58:9d:4d:04:94:15:87:85:23:8f:28:aa:fe:67:e7:ff:00:40:
2d:73:03:8b:e3:09:23:7a:fc:0f:cb:81:83:e5:08:16:b3:44:
98:0f:a9:27:4c:bc:32:64:e9:93:4c:97:ba:0d:1d:8a:c9:87:
6b:cd:c3:2a:3b:72:b9:9d:56:e6:d2:48:54:ba:6c:bb:b3:f6:
2d:4c:a2:5a:c1:08:e2:3a:5a:36:fd:3d:b4:9a:86:7a:9a:7f:
c2:cb:34:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbp2wrK42M4D2ltuCdeSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDRiM2NmMjRjZjRiODFiMjIyMTE0NmEwMGYyMjc3YmMz
NDg3ODAwHhcNMjQwMTAxMTQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODlmYjA4NzNkZjA5ZWFlMWI5ZTMyZjNjNDA0MWUxYTZhN2U4YmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3BHWTsv1bDLGWep0JF/8nJrIulI
8431vbMlSGImxuXTuRqpiZAkwmndVlAMtZdAPOu3+6xF/2WvdcE0BO1vyGioheSf
ivnNFM0iHgsVC9sSiMLWJOG+/HTcFDeGJvl0aIjSZKTWJY/e63X67/3Wn/S4SjH9
S+s7Fgncg5GpD1An2zOGeQWXW6411oK+18hm8tgWNc144NjuLcIiSUqQhCwAS6c0
YkOACJOPU4mDuCpVzy9jAH8zEbrjTYcGpiLV1x+UwpjJruKa8rBUCOADRAdK6rXG
R6ek3kOyf3jRkDnJV52WO6WbrBfQuU0HDn1IYGCGpHZoA1sFZlW+1tongwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCifsIc98J6uG54y88QEHhpqfovEMB8GA1UdIwQY
MBaAFJ8Es88kz0uBsiIRRqAPIne8NIeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndTenp5VFBTNEd5SWhGR29BOGlkN3cwaDRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kYTM1OGMtMmU0Ny00NGVjLWIwYzUt
MmFkOTY4YjM2MmRlLzEvS0otd2h6M3ducTRibmpMenhBUWVHbXAtaThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kYTM1OGMtMmU0Ny00NGVjLWIwYzUtMmFkOTY4YjM2MmRl
LzEvbndTenp5VFBTNEd5SWhGR29BOGlkN3cwaDRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua/cMA0G
CSqGSIb3DQEBCwUAA4IBAQARODkukXrM3jd734F7IYq3JpJYeWn148uBc9+vszXL
u6xuMNVADVzOiB/sBJ4zGquCCDJpUXd6XS9f3EOtvKrSYQfVOauYuKs+cn1/KdIu
3QoBoGpzrckq+3qf6vE9zgxWZWUqGRwefxVWt33muvzu7jKBqmuOWCfGhigZ8p6g
FzDgUe1nSFT5j2Ptgi3Ucr1kU/149ryKcOCP9ZYSEhhYSndYnU0ElBWHhSOPKKr+
Z+f/AEAtcwOL4wkjevwPy4GD5QgWs0SYD6knTLwyZOmTTJe6DR2KyYdrzcMqO3K5
nVbm0khUumy7s/YtTKJawQjiOlo2/T20moZ6mn/CyzQb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:22 2025 by rpki-client