Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/KJYYotdX5bF-2v0nDViiGGXjAAg.roa
File: KJYYotdX5bF-2v0nDViiGGXjAAg.roa (raw, json)
Hash identifier: z5klJY1KwOV+KPCKvytTAfDS6KKmQHLoglMV0uISwUg=
Subject key identifier: 28:96:18:A2:D7:57:E5:B1:7E:DA:FD:27:0D:58:A2:18:65:E3:00:08
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018A45588848554F46B84FD5EFC3D5B2E614
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/KJYYotdX5bF-2v0nDViiGGXjAAg.roa
Signing time: Wed 30 Aug 2023 07:29:04 +0000
ROA not before: Wed 30 Aug 2023 07:29:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50261
IP address blocks: 80.64.64.0/21 maxlen: 21
77.111.112.0/21 maxlen: 21
80.64.72.0/21 maxlen: 21
37.220.128.0/20 maxlen: 20
77.111.120.0/21 maxlen: 21
92.61.104.0/21 maxlen: 21
109.74.48.0/20 maxlen: 20
2a02:d400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 11 Oct 2023 06:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:58:88:48:55:4f:46:b8:4f:d5:ef:c3:d5:b2:e6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Aug 30 07:29:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289618a2d757e5b17edafd270d58a21865e30008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:90:aa:15:0c:cc:e8:7a:f4:e3:e2:df:14:a7:
22:14:76:2f:63:49:02:2f:d0:ce:7c:64:04:fe:c1:
23:1c:1b:4f:b4:3b:dd:22:cc:72:3d:e1:30:b0:01:
68:d0:9c:fa:93:67:b8:8c:16:60:12:76:90:72:e1:
3c:ab:3b:e3:45:5b:3b:69:db:0a:1d:0d:57:eb:23:
ab:4a:a2:c2:a6:52:ec:50:30:70:c7:2a:bc:d4:db:
12:05:e3:f6:03:12:6a:f6:ac:38:ea:06:98:d7:fa:
a9:59:b3:6c:4d:fe:88:aa:c7:03:99:43:bd:92:d3:
74:68:66:2c:b6:b5:fc:cb:40:c9:3a:59:20:d5:f7:
86:5b:21:c9:29:15:df:f5:96:d0:be:e5:2d:aa:b6:
79:15:f1:7f:d7:49:61:fb:58:a6:c8:78:4d:73:78:
59:c5:7a:11:49:7a:be:26:f4:f4:7f:d8:2f:c4:a9:
cd:77:7b:65:23:5b:9e:a6:d9:5f:01:56:e3:75:4d:
75:ab:cc:69:4e:c4:a5:8d:13:84:a8:1d:c2:0f:a7:
29:bc:34:29:83:b9:1d:30:76:c0:fd:b4:12:2b:16:
6f:43:0f:04:83:85:ce:7c:21:d5:54:76:bc:7c:fe:
5c:b0:5a:09:c5:b0:e5:52:13:50:60:e8:79:5d:6a:
60:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:96:18:A2:D7:57:E5:B1:7E:DA:FD:27:0D:58:A2:18:65:E3:00:08
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/KJYYotdX5bF-2v0nDViiGGXjAAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.128.0/20
77.111.112.0/20
80.64.64.0/20
92.61.104.0/21
109.74.48.0/20
IPv6:
2a02:d400::/29
Signature Algorithm: sha256WithRSAEncryption
78:05:78:c0:d6:c3:5a:c8:9f:d7:fd:ba:c2:cf:b5:7e:a1:26:
e6:0a:d6:28:92:7a:e5:fd:d3:e8:1a:e0:49:79:e7:e8:5c:96:
4b:61:5f:ce:85:e2:df:b0:f8:c8:09:1b:5e:ae:0a:bf:62:23:
c4:1e:1d:d5:40:b8:57:ef:34:ef:74:2f:db:31:c6:bc:8b:2d:
c4:17:ff:9d:3f:d1:18:07:80:03:53:28:eb:8a:d2:0b:9f:b3:
aa:2f:c8:5c:7e:f6:bf:af:27:98:12:a9:33:65:c1:1d:63:fd:
a9:42:1c:cf:b9:79:85:e4:ec:6d:24:55:3a:87:97:d6:cd:82:
aa:49:75:90:88:cb:86:7c:6c:24:13:29:db:6b:81:02:37:6b:
cd:16:72:34:40:32:94:ad:20:87:39:29:e4:ce:13:44:58:af:
17:22:2b:a6:cf:62:e1:40:bf:0e:e2:5b:b9:9e:00:13:ec:2f:
9b:8a:a0:6d:30:84:9a:7c:cf:45:60:7d:67:22:a8:78:e3:d3:
f6:fb:48:47:b7:23:a3:b1:f0:fc:ed:ed:3f:c0:8f:e8:d3:15:
b0:35:a1:3c:f4:57:26:23:86:cd:9c:1d:bd:17:f8:1c:be:4c:
3e:8d:b2:3d:0b:27:3c:ee:24:c0:d1:b4:50:44:89:e9:d2:3f:
09:94:41:7c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYpFWIhIVU9GuE/V78PVsuYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwODMwMDcyOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODk2MThhMmQ3NTdlNWIxN2VkYWZkMjcwZDU4YTIxODY1ZTMwMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZCqFQzM6Hr04+LfFKciFHYvY0kC
L9DOfGQE/sEjHBtPtDvdIsxyPeEwsAFo0Jz6k2e4jBZgEnaQcuE8qzvjRVs7adsK
HQ1X6yOrSqLCplLsUDBwxyq81NsSBeP2AxJq9qw46gaY1/qpWbNsTf6IqscDmUO9
ktN0aGYstrX8y0DJOlkg1feGWyHJKRXf9ZbQvuUtqrZ5FfF/10lh+1imyHhNc3hZ
xXoRSXq+JvT0f9gvxKnNd3tlI1ueptlfAVbjdU11q8xpTsSljROEqB3CD6cpvDQp
g7kdMHbA/bQSKxZvQw8Eg4XOfCHVVHa8fP5csFoJxbDlUhNQYOh5XWpg7wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCiWGKLXV+Wxftr9Jw1Yohhl4wAIMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvS0pZWW90ZFg1YkYtMnYwbkRWaWlHR1hqQUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEJdyAAwQE
TW9wAwQEUEBAAwQDXD1oAwQEbUowMA0EAgACMAcDBQMqAtQAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4BXjA1sNayJ/X/brCz7V+oSbmCtYoknrl/dPoGuBJeefoXJZLYV/O
heLfsPjICRtergq/YiPEHh3VQLhX7zTvdC/bMca8iy3EF/+dP9EYB4ADUyjritIL
n7OqL8hcfva/ryeYEqkzZcEdY/2pQhzPuXmF5OxtJFU6h5fWzYKqSXWQiMuGfGwk
Eynba4ECN2vNFnI0QDKUrSCHOSnkzhNEWK8XIiumz2LhQL8O4lu5ngAT7C+biqBt
MISafM9FYH1nIqh449P2+0hHtyOjsfD87e0/wI/o0xWwNaE89FcmI4bNnB29F/gc
vkw+jbI9Cyc87iTA0bRQRInp0j8JlEF8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:21 2024 by rpki-client on console-ams.rpki-client.org