Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KItQfrcBIPg835YejlvuRSycb4g.roa
File: KItQfrcBIPg835YejlvuRSycb4g.roa (raw, json)
Hash identifier: B0TJWa/rMBGfKwl7Iher5pVDuH188hREFJuy+QWTUhY=
Subject key identifier: 28:8B:50:7E:B7:01:20:F8:3C:DF:96:1E:8E:5B:EE:45:2C:9C:6F:88
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018BC7070F51DBFCB8EA45CFEB3B058215B1
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KItQfrcBIPg835YejlvuRSycb4g.roa
Signing time: Mon 13 Nov 2023 04:53:30 +0000
ROA not before: Mon 13 Nov 2023 04:53:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60945
IP address blocks: 185.133.73.0/24 maxlen: 24
45.85.194.0/24 maxlen: 24
194.156.159.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:07:0f:51:db:fc:b8:ea:45:cf:eb:3b:05:82:15:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Nov 13 04:53:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288b507eb70120f83cdf961e8e5bee452c9c6f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e7:38:a6:93:93:3d:73:c2:46:48:5a:69:8a:
5d:9f:ab:9d:e0:36:68:09:f4:4c:b0:eb:48:32:e7:
ee:cb:8f:4e:b6:85:83:84:65:95:30:fc:00:9c:0a:
3e:cc:e6:a0:5a:54:b1:aa:0c:51:af:a0:6c:1a:41:
71:d4:5a:55:35:25:14:94:37:c7:3a:b4:25:6d:37:
1f:1d:a7:3e:79:7e:06:d8:92:f9:ab:19:95:a9:73:
0d:77:e1:3b:f3:59:ef:5f:ac:04:af:19:ed:23:0e:
e5:8d:c9:47:17:52:2d:62:74:27:18:2c:bf:e1:bf:
c5:e6:9d:68:ab:fc:1a:9d:28:e9:ef:cb:12:b8:d0:
51:1f:ba:43:44:64:19:e3:e7:b0:05:9e:6c:5b:b8:
af:19:81:38:68:7a:5d:e4:4e:fe:86:bc:48:5c:37:
5d:4f:9a:2e:40:34:df:30:04:b3:ed:14:3e:08:5a:
c6:11:09:74:ed:44:e5:bd:72:1b:42:99:ec:50:31:
e5:bf:9c:01:fc:5c:20:a5:47:bc:46:b0:4e:5b:d7:
d9:3e:fc:a7:f9:78:06:db:75:43:c5:77:e6:c1:d1:
a4:42:b3:1f:5c:35:bd:08:2c:1b:0d:cd:f3:2d:ca:
1a:fb:79:97:7a:a1:52:99:d2:a8:20:b2:e3:06:47:
ce:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8B:50:7E:B7:01:20:F8:3C:DF:96:1E:8E:5B:EE:45:2C:9C:6F:88
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KItQfrcBIPg835YejlvuRSycb4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.194.0/24
185.133.73.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
50:e1:4b:82:26:db:9b:87:1e:75:09:9b:85:cf:36:98:0f:35:
b9:92:ac:69:1b:9c:fe:e2:34:27:99:be:e3:fe:8c:04:ca:33:
bf:1f:df:f5:5f:bf:a8:6c:b2:59:ac:4d:97:47:3c:b2:28:f1:
08:c6:9c:9a:e0:80:d1:90:75:78:df:b7:71:2b:27:88:d0:50:
91:8b:a1:b8:19:53:12:07:cf:e3:2e:a1:76:ad:4d:89:84:67:
c7:d9:e1:7f:3c:da:02:71:a5:47:61:9e:2e:eb:70:ae:11:dc:
cf:b6:23:8b:72:a8:b5:9c:64:4f:dd:58:a6:0c:22:82:d2:f1:
46:3c:74:fc:bb:5a:0d:cb:0d:09:e4:bf:7a:4a:15:9f:4a:60:
ee:3a:00:2a:29:c9:8f:0c:71:94:cb:69:a4:42:11:32:25:2a:
be:42:51:e4:70:65:27:43:33:de:5e:ca:a6:33:81:fc:0f:73:
44:d1:92:a6:bd:fa:3e:f7:c4:87:dd:a1:51:ba:63:84:e2:13:
df:6e:a4:c2:e6:a3:59:5e:e1:e9:e1:4d:25:38:13:03:a8:8a:
93:a4:e4:a6:91:0e:21:17:2d:fd:c1:f8:5a:c2:49:2f:30:7a:
e3:06:8e:19:9e:c6:3f:8d:d5:b0:9f:68:e7:fe:95:07:05:be:
71:7b:ba:c5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYvHBw9R2/y46kXP6zsFghWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMxMTEzMDQ1MzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhiNTA3ZWI3MDEyMGY4M2NkZjk2MWU4ZTViZWU0NTJjOWM2Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArec4ppOTPXPCRkhaaYpdn6ud4DZo
CfRMsOtIMufuy49OtoWDhGWVMPwAnAo+zOagWlSxqgxRr6BsGkFx1FpVNSUUlDfH
OrQlbTcfHac+eX4G2JL5qxmVqXMNd+E781nvX6wErxntIw7ljclHF1ItYnQnGCy/
4b/F5p1oq/wanSjp78sSuNBRH7pDRGQZ4+ewBZ5sW7ivGYE4aHpd5E7+hrxIXDdd
T5ouQDTfMASz7RQ+CFrGEQl07UTlvXIbQpnsUDHlv5wB/FwgpUe8RrBOW9fZPvyn
+XgG23VDxXfmwdGkQrMfXDW9CCwbDc3zLcoa+3mXeqFSmdKoILLjBkfOtwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCiLUH63ASD4PN+WHo5b7kUsnG+IMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvS0l0UWZyY0JJUGc4MzVZZWpsdnVSU3ljYjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALVXCAwQA
uYVJAwQAwpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAFDh
S4Im25uHHnUJm4XPNpgPNbmSrGkbnP7iNCeZvuP+jATKM78f3/Vfv6hsslmsTZdH
PLIo8QjGnJrggNGQdXjft3ErJ4jQUJGLobgZUxIHz+MuoXatTYmEZ8fZ4X882gJx
pUdhni7rcK4R3M+2I4tyqLWcZE/dWKYMIoLS8UY8dPy7Wg3LDQnkv3pKFZ9KYO46
ACopyY8McZTLaaRCETIlKr5CUeRwZSdDM95eyqYzgfwPc0TRkqa9+j73xIfdoVG6
Y4TiE99upMLmo1le4enhTSU4EwOoipOk5KaRDiEXLf3B+FrCSS8weuMGjhmexj+N
1bCfaOf+lQcFvnF7usU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org