Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KequJiwYTOT4rIGf7gmkxsMTOII.roa
File: KequJiwYTOT4rIGf7gmkxsMTOII.roa (raw, json)
Hash identifier: NAJnZyriW0BqQ/glwesghVvH7bkdPHYSRFeGM3VXJa4=
Subject key identifier: 29:EA:AE:26:2C:18:4C:E4:F8:AC:81:9F:EE:09:A4:C6:C3:13:38:82
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01857C4C21EE0AA1CAD33847E7B5058ED79F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KequJiwYTOT4rIGf7gmkxsMTOII.roa
Signing time: Wed 04 Jan 2023 10:20:42 +0000
ROA not before: Wed 04 Jan 2023 10:20:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211585
IP address blocks: 185.206.248.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Jan 2023 10:03:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:4c:21:ee:0a:a1:ca:d3:38:47:e7:b5:05:8e:d7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 4 10:20:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29eaae262c184ce4f8ac819fee09a4c6c3133882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dc:05:20:a8:e5:65:e0:08:e1:b1:b1:c2:a8:
e5:07:b1:88:37:5b:ba:7c:b1:cf:66:ab:71:69:e8:
56:b4:ba:2b:5c:ae:85:3f:0a:b9:63:65:ed:53:50:
20:a3:0b:ba:9d:0d:a6:07:db:59:37:ea:d8:5d:28:
83:ac:a9:72:a7:61:93:e5:39:38:9d:a0:5d:17:c2:
5a:7b:50:0c:ad:8b:f7:8f:52:c8:6a:a9:91:8d:7d:
ca:d0:49:84:1c:5b:3e:5d:b5:14:42:90:ea:84:25:
94:35:5d:f1:97:f1:6a:c5:b2:55:3e:93:0a:24:b3:
98:e3:8d:ec:40:a3:86:a6:a3:d9:c7:3a:4c:cb:57:
02:44:7e:b1:4c:c6:63:c2:e0:d0:55:4d:a2:21:a8:
6f:f2:d2:5a:f0:31:a3:45:27:20:51:09:2a:45:f0:
ce:36:90:b6:e1:07:44:d2:b0:d2:40:94:e0:3a:2b:
ef:a9:18:df:e1:0c:18:3e:c7:35:2e:78:c5:d7:e9:
28:7d:ce:8d:51:ab:50:0a:b8:5d:06:1e:0e:72:df:
2a:48:59:76:0b:be:0b:9e:52:f7:6b:89:d1:0d:35:
e2:06:5a:4d:24:70:b8:e4:79:ee:a3:48:76:c9:dd:
04:27:b4:05:01:a8:3a:c1:d2:00:b7:46:e1:50:fd:
03:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:EA:AE:26:2C:18:4C:E4:F8:AC:81:9F:EE:09:A4:C6:C3:13:38:82
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KequJiwYTOT4rIGf7gmkxsMTOII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.248.0/24
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
92:b3:01:db:7a:23:db:15:42:86:af:4c:2c:fc:eb:a1:ea:33:
dc:9e:61:72:0c:6a:7d:80:62:54:ee:ae:d6:15:5f:67:2d:0d:
31:6d:8f:58:cd:4d:c0:17:03:83:91:02:59:30:68:1f:68:35:
f8:8d:a0:2f:8e:23:ff:a9:6b:0f:a7:c5:2a:65:1e:22:64:1a:
b0:8e:6b:39:5b:fc:29:4d:ef:80:a7:85:fb:5d:a1:74:98:9b:
6e:00:4c:5f:65:84:0d:75:d8:56:f7:bd:a7:73:3b:d4:03:72:
50:d4:db:2c:75:7d:3d:84:d0:f6:eb:c0:dc:07:9c:37:46:dc:
21:44:89:62:fa:19:66:0c:41:a4:b9:97:97:fe:41:35:0f:2b:
97:28:a2:f3:3a:c1:08:a4:84:5b:e9:55:bb:67:70:94:6a:93:
02:ad:74:85:67:42:9e:7f:2c:d2:07:a6:d7:9e:f8:dd:be:c0:
f3:63:dc:aa:bf:3c:00:3c:f9:c1:fb:a9:a7:c4:1c:02:d7:4b:
32:9b:3f:3b:0f:e5:ac:4c:30:5c:21:65:2b:26:71:42:5c:0c:
d0:0d:cc:70:38:7b:61:0c:c6:a7:4c:33:ea:87:cb:af:9b:62:
be:3a:6f:3c:d8:d1:1e:3d:1b:82:5b:68:92:e2:27:a5:39:7d:
7c:be:fc:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYV8TCHuCqHK0zhH57UFjtefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTA0MTAyMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWVhYWUyNjJjMTg0Y2U0ZjhhYzgxOWZlZTA5YTRjNmMzMTMzODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNwFIKjlZeAI4bGxwqjlB7GIN1u6
fLHPZqtxaehWtLorXK6FPwq5Y2XtU1Agowu6nQ2mB9tZN+rYXSiDrKlyp2GT5Tk4
naBdF8Jae1AMrYv3j1LIaqmRjX3K0EmEHFs+XbUUQpDqhCWUNV3xl/FqxbJVPpMK
JLOY443sQKOGpqPZxzpMy1cCRH6xTMZjwuDQVU2iIahv8tJa8DGjRScgUQkqRfDO
NpC24QdE0rDSQJTgOivvqRjf4QwYPsc1LnjF1+kofc6NUatQCrhdBh4Oct8qSFl2
C74LnlL3a4nRDTXiBlpNJHC45Hnuo0h2yd0EJ7QFAag6wdIAt0bhUP0DTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnqriYsGEzk+KyBn+4JpMbDEziCMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS2VxdUppd1lUT1Q0cklHZjdnbWt4c01UT0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuc74AwQA
ufZzMA0GCSqGSIb3DQEBCwUAA4IBAQCSswHbeiPbFUKGr0ws/Ouh6jPcnmFyDGp9
gGJU7q7WFV9nLQ0xbY9YzU3AFwODkQJZMGgfaDX4jaAvjiP/qWsPp8UqZR4iZBqw
jms5W/wpTe+Ap4X7XaF0mJtuAExfZYQNddhW972nczvUA3JQ1NssdX09hND268Dc
B5w3RtwhRIli+hlmDEGkuZeX/kE1DyuXKKLzOsEIpIRb6VW7Z3CUapMCrXSFZ0Ke
fyzSB6bXnvjdvsDzY9yqvzwAPPnB+6mnxBwC10symz87D+WsTDBcIWUrJnFCXAzQ
DcxwOHthDManTDPqh8uvm2K+Om882NEePRuCW2iS4ielOX18vvxu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org