Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KjOPi6cfub40HxlwapWx7eV_3PU.roa
File: KjOPi6cfub40HxlwapWx7eV_3PU.roa (raw, json)
Hash identifier: 15gBW2fHJIggNd5f/9ZrPoAWYwx1VWWMlsWMGhAIMU4=
Subject key identifier: 2A:33:8F:8B:A7:1F:B9:BE:34:1F:19:70:6A:95:B1:ED:E5:7F:DC:F5
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E80194BE91E46076E51E5993EC7766C61
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KjOPi6cfub40HxlwapWx7eV_3PU.roa
Signing time: Wed 27 Mar 2024 13:28:45 +0000
ROA not before: Wed 27 Mar 2024 13:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200908
IP address blocks: 185.254.156.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 20:15:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:80:19:4b:e9:1e:46:07:6e:51:e5:99:3e:c7:76:6c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 27 13:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a338f8ba71fb9be341f19706a95b1ede57fdcf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d1:71:f1:00:83:ba:01:8f:c9:4b:81:c5:ff:
85:af:8e:63:62:f8:d0:19:5b:50:57:d4:bd:20:36:
ed:69:53:f9:56:32:9d:79:20:8b:7a:9f:04:77:e1:
a6:9e:32:9e:94:64:9d:e2:e7:13:79:99:83:e6:85:
3d:3e:6f:0f:f8:e1:aa:01:01:15:d3:ef:42:19:98:
5c:c2:72:4f:ba:6b:6c:59:fd:7b:b3:67:d2:91:f7:
6e:79:b3:04:11:18:4c:7f:ad:1d:b6:d6:d7:fa:3b:
dd:19:3d:6f:58:f6:f7:35:d3:3e:cb:90:2e:0e:e7:
c8:fc:fb:39:82:d2:16:f5:e0:75:58:d8:11:d8:1d:
2e:d9:39:e6:2a:ce:09:e0:65:11:a6:73:ae:0f:fd:
2e:e8:9f:88:4f:93:92:7f:9d:70:32:ab:dc:ff:f4:
2c:00:bb:d0:ce:dc:64:9a:85:4e:64:e8:a9:32:01:
eb:f6:3c:19:68:d2:d3:48:85:3d:c4:01:59:89:0e:
c3:f1:75:f7:a5:e4:b0:45:89:04:4c:dc:da:50:60:
5d:9b:e5:86:dc:0b:95:61:71:e8:89:88:1e:b2:9f:
92:f9:7d:7e:8e:97:20:bd:a0:06:1c:f8:20:e0:ad:
cb:18:73:1a:e7:51:98:d0:2f:14:1e:54:d8:02:85:
50:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:33:8F:8B:A7:1F:B9:BE:34:1F:19:70:6A:95:B1:ED:E5:7F:DC:F5
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KjOPi6cfub40HxlwapWx7eV_3PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.156.0/24
185.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:1a:bb:c5:6b:27:f1:3b:86:8b:78:83:d5:3f:3b:ca:c0:11:
86:74:35:71:5d:f7:e1:f2:54:4d:b0:4b:7e:27:32:4f:f9:c9:
5c:7f:de:90:75:cf:40:a1:03:cf:07:c4:b0:52:dc:c3:70:4a:
5f:57:59:3f:6c:e2:8f:14:5d:2c:d2:06:16:67:9a:ae:f1:c7:
da:12:fd:1d:ca:48:70:a4:1b:75:54:51:2b:48:e8:57:3c:7f:
96:44:3b:a4:78:3b:a4:9a:be:37:b6:59:67:ad:5c:9c:9c:ba:
84:1c:d9:90:ed:0e:ad:52:74:d6:2a:9d:54:5a:81:b4:43:6c:
08:5a:a5:6e:fc:97:7a:0f:fc:b3:1c:f8:71:90:88:bb:64:99:
dc:0d:2a:10:c1:71:12:dc:a2:4e:92:a2:af:cb:60:0b:f9:4f:
1b:32:26:f9:0d:2b:24:96:46:04:3e:92:ef:6d:a6:59:0b:ef:
f3:db:c9:30:bc:06:fe:70:66:f4:ad:42:06:19:e0:34:80:c3:
8c:02:2b:b2:5f:0b:1b:db:ad:6c:78:3f:8a:62:60:e1:5d:65:
58:92:5f:1f:84:8b:0a:8e:1f:79:6b:cf:b9:91:7a:82:e5:e7:
56:7b:5f:48:53:b6:a4:9f:e1:bc:3b:96:d2:f5:c0:c5:b9:ce:
5c:1c:d0:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6AGUvpHkYHblHlmT7HdmxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzI3MTMyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMzOGY4YmE3MWZiOWJlMzQxZjE5NzA2YTk1YjFlZGU1N2ZkY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9Fx8QCDugGPyUuBxf+Fr45jYvjQ
GVtQV9S9IDbtaVP5VjKdeSCLep8Ed+GmnjKelGSd4ucTeZmD5oU9Pm8P+OGqAQEV
0+9CGZhcwnJPumtsWf17s2fSkfduebMEERhMf60dttbX+jvdGT1vWPb3NdM+y5Au
DufI/Ps5gtIW9eB1WNgR2B0u2TnmKs4J4GURpnOuD/0u6J+IT5OSf51wMqvc//Qs
ALvQztxkmoVOZOipMgHr9jwZaNLTSIU9xAFZiQ7D8XX3peSwRYkETNzaUGBdm+WG
3AuVYXHoiYgesp+S+X1+jpcgvaAGHPgg4K3LGHMa51GY0C8UHlTYAoVQAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCozj4unH7m+NB8ZcGqVse3lf9z1MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS2pPUGk2Y2Z1YjQwSHhsd2FwV3g3ZVZfM1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf6cAwQA
uf6eMA0GCSqGSIb3DQEBCwUAA4IBAQCdGrvFayfxO4aLeIPVPzvKwBGGdDVxXffh
8lRNsEt+JzJP+clcf96Qdc9AoQPPB8SwUtzDcEpfV1k/bOKPFF0s0gYWZ5qu8cfa
Ev0dykhwpBt1VFErSOhXPH+WRDukeDukmr43tllnrVycnLqEHNmQ7Q6tUnTWKp1U
WoG0Q2wIWqVu/Jd6D/yzHPhxkIi7ZJncDSoQwXES3KJOkqKvy2AL+U8bMib5DSsk
lkYEPpLvbaZZC+/z28kwvAb+cGb0rUIGGeA0gMOMAiuyXwsb261seD+KYmDhXWVY
kl8fhIsKjh95a8+5kXqC5edWe19IU7akn+G8O5bS9cDFuc5cHNBm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org