Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/KaysM5oTzZmS8GWt9ZvIzXogON4.roa
File: KaysM5oTzZmS8GWt9ZvIzXogON4.roa (raw, json)
Hash identifier: zyLDlfEf+nsxpXK5Cg67zbkr8SgXVfn8dg5O99U1C8M=
Subject key identifier: 29:AC:AC:33:9A:13:CD:99:92:F0:65:AD:F5:9B:C8:CD:7A:20:38:DE
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 018FED8CF08D7224E7927A5B90250FB68E5A
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/KaysM5oTzZmS8GWt9ZvIzXogON4.roa
Signing time: Thu 06 Jun 2024 12:36:27 +0000
ROA not before: Thu 06 Jun 2024 12:36:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215066
IP address blocks: 188.64.36.0/22 maxlen: 24
195.144.8.0/24 maxlen: 24
2a07:244::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 10 Sep 2024 12:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:8c:f0:8d:72:24:e7:92:7a:5b:90:25:0f:b6:8e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jun 6 12:36:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29acac339a13cd9992f065adf59bc8cd7a2038de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:93:17:25:9d:fe:16:41:74:28:81:a8:d0:80:
48:74:f4:8c:aa:f8:92:9b:d0:f8:b0:07:0b:ff:cc:
15:68:f6:3c:d0:cf:e2:c8:43:22:2d:dd:3d:2e:65:
dd:d2:bc:12:63:e4:f4:cd:72:ad:f7:54:1d:a3:f3:
3e:20:c0:de:9c:2a:28:61:69:7d:60:24:dc:39:07:
4b:91:b9:1b:36:aa:02:43:cd:2b:0a:43:6f:ee:72:
d7:77:ef:3e:fc:30:b3:60:d0:80:93:eb:1a:db:6e:
de:23:c1:80:a1:de:ee:4c:ac:af:8b:a2:39:41:b9:
08:85:c6:aa:e0:de:6e:5f:f2:72:fa:06:f5:c4:90:
09:7f:df:26:71:97:05:49:bb:53:92:8a:0e:d2:8d:
fa:44:cb:15:62:18:d2:02:3b:3a:09:51:f6:56:68:
27:5d:ff:18:ec:8e:c6:c3:b9:89:4b:d8:36:0d:48:
73:c9:44:3b:64:17:6b:64:25:c4:99:6f:82:61:e7:
d7:75:d8:20:49:64:5b:bc:0e:eb:6f:42:cb:89:2b:
06:88:9b:3a:97:bd:0f:0e:20:99:f4:02:23:8c:12:
66:04:67:fd:fa:93:9b:73:e2:3c:d1:1c:44:77:71:
c7:a5:8c:12:32:b4:c7:a3:c2:64:1d:3d:29:be:7e:
37:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AC:AC:33:9A:13:CD:99:92:F0:65:AD:F5:9B:C8:CD:7A:20:38:DE
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/KaysM5oTzZmS8GWt9ZvIzXogON4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.36.0/22
195.144.8.0/24
IPv6:
2a07:244::/32
Signature Algorithm: sha256WithRSAEncryption
aa:8d:8c:82:9b:28:a3:88:0c:a2:fb:51:db:f7:62:08:8c:60:
73:78:ea:41:24:b9:86:3c:7f:4a:95:34:72:63:6c:19:eb:af:
c8:4a:b7:0c:fc:c9:63:7e:d3:24:72:fd:a9:c2:34:ee:27:d1:
03:4a:82:4b:69:a9:80:54:4b:66:e7:71:18:9c:83:2a:bc:3c:
cc:80:07:28:11:83:8f:9a:2a:54:28:58:3f:f9:ab:14:c4:b7:
63:df:75:d2:35:e8:4e:88:9f:61:7d:19:5c:27:31:80:59:03:
94:42:32:f5:df:0b:ed:33:fe:6c:c4:fd:ac:c7:2c:c2:b5:c9:
f2:14:5b:06:98:4c:78:67:b7:7c:e2:cb:cd:df:d1:e8:c0:46:
aa:c3:93:56:57:18:55:47:dc:33:69:3d:1a:a9:0e:ec:35:94:
3f:a0:4e:73:55:4a:13:6c:1a:98:d1:91:93:b8:4a:3a:14:3f:
65:99:d7:43:0a:bb:2a:f4:ff:b9:af:a0:0f:72:19:e3:64:8e:
fc:2e:28:3a:02:64:ba:5e:38:89:29:48:6c:17:55:93:6e:97:
57:22:92:4d:96:1e:2a:08:87:ae:6d:61:37:67:6e:3b:a5:a6:
e0:52:5f:22:06:34:5f:09:46:44:f4:fb:3c:14:3f:b5:d6:12:
88:7d:5b:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/tjPCNciTnknpbkCUPto5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjQwNjA2MTIzNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWFjYWMzMzlhMTNjZDk5OTJmMDY1YWRmNTliYzhjZDdhMjAzOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5MXJZ3+FkF0KIGo0IBIdPSMqviS
m9D4sAcL/8wVaPY80M/iyEMiLd09LmXd0rwSY+T0zXKt91Qdo/M+IMDenCooYWl9
YCTcOQdLkbkbNqoCQ80rCkNv7nLXd+8+/DCzYNCAk+sa227eI8GAod7uTKyvi6I5
QbkIhcaq4N5uX/Jy+gb1xJAJf98mcZcFSbtTkooO0o36RMsVYhjSAjs6CVH2Vmgn
Xf8Y7I7Gw7mJS9g2DUhzyUQ7ZBdrZCXEmW+CYefXddggSWRbvA7rb0LLiSsGiJs6
l70PDiCZ9AIjjBJmBGf9+pObc+I80RxEd3HHpYwSMrTHo8JkHT0pvn43NQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCmsrDOaE82ZkvBlrfWbyM16IDjeMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvS2F5c001b1R6Wm1TOEdXdDladkl6WG9nT040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCvEAkAwQA
w5AIMA0EAgACMAcDBQAqBwJEMA0GCSqGSIb3DQEBCwUAA4IBAQCqjYyCmyijiAyi
+1Hb92IIjGBzeOpBJLmGPH9KlTRyY2wZ66/ISrcM/MljftMkcv2pwjTuJ9EDSoJL
aamAVEtm53EYnIMqvDzMgAcoEYOPmipUKFg/+asUxLdj33XSNehOiJ9hfRlcJzGA
WQOUQjL13wvtM/5sxP2sxyzCtcnyFFsGmEx4Z7d84svN39HowEaqw5NWVxhVR9wz
aT0aqQ7sNZQ/oE5zVUoTbBqY0ZGTuEo6FD9lmddDCrsq9P+5r6APchnjZI78Lig6
AmS6XjiJKUhsF1WTbpdXIpJNlh4qCIeubWE3Z247pabgUl8iBjRfCUZE9Ps8FD+1
1hKIfVt9
-----END CERTIFICATE-----
Generated at Tue Sep 10 16:43:58 2024 by rpki-client on console-ams.rpki-client.org