Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/kcMhLVnREGVtYGP-4T1DywDd110.roa
File: kcMhLVnREGVtYGP-4T1DywDd110.roa (raw, json)
Hash identifier: OySU+fIUyvg+/pev9VvyimuMgmDHc/IMnTKruR2+W8s=
Subject key identifier: 91:C3:21:2D:59:D1:10:65:6D:60:63:FE:E1:3D:43:CB:00:DD:D7:5D
Certificate issuer: /CN=118ba4ef901aac10876ccf976a5f7d16c4ca79f0
Certificate serial: 01856D53CC25AB14D9466D0EAF339FFD2EC9
Authority key identifier: 11:8B:A4:EF:90:1A:AC:10:87:6C:CF:97:6A:5F:7D:16:C4:CA:79:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EYuk75AarBCHbM-Xal99FsTKefA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/kcMhLVnREGVtYGP-4T1DywDd110.roa
Signing time: Sun 01 Jan 2023 12:34:46 +0000
ROA not before: Sun 01 Jan 2023 12:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2906
IP address blocks: 185.9.188.0/22 maxlen: 24
2a03:5640::/32 maxlen: 48
2a03:5640:f000::/36 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:cc:25:ab:14:d9:46:6d:0e:af:33:9f:fd:2e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=118ba4ef901aac10876ccf976a5f7d16c4ca79f0
Validity
Not Before: Jan 1 12:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91c3212d59d110656d6063fee13d43cb00ddd75d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:48:2b:b2:4c:67:b3:f2:83:c9:bb:65:fc:ad:
d3:66:a3:8b:e6:33:e6:58:eb:8a:f9:43:ed:1a:24:
ef:c3:f5:12:ed:57:39:63:a5:17:67:2c:07:cb:e4:
bb:12:19:51:9f:26:a4:e2:7c:7a:00:d8:6f:58:4f:
ee:58:b2:29:bf:b2:a7:a8:3d:78:ee:e2:aa:53:6c:
f4:f1:d3:50:74:a4:2b:d1:94:12:96:b2:5a:8b:77:
73:4a:1a:0e:91:58:a0:c5:d1:de:b5:df:a0:97:73:
d1:82:44:39:c1:dd:57:aa:0c:63:e1:f3:94:34:3b:
61:16:0f:22:93:f1:7d:ae:72:d0:23:60:db:4e:7d:
bd:6e:d1:9b:e6:b7:34:d4:0d:e6:09:21:c1:fa:e0:
f8:e9:40:e7:e1:ee:8a:29:26:55:65:20:9e:de:6d:
12:71:50:0f:68:7d:d8:89:95:cc:15:eb:1d:e0:82:
1f:66:0b:5f:ad:7d:90:bf:33:7f:3d:02:67:29:5e:
f1:dc:32:be:8e:f8:94:4a:74:7d:7d:7b:40:ec:0c:
dd:a6:ef:19:6a:d2:10:4d:2f:4e:48:01:38:1a:61:
24:bb:3b:01:64:b0:9b:49:06:53:ae:76:4e:e3:de:
41:97:84:4a:fd:12:8b:49:b8:09:a3:f1:01:f1:c5:
83:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C3:21:2D:59:D1:10:65:6D:60:63:FE:E1:3D:43:CB:00:DD:D7:5D
X509v3 Authority Key Identifier:
keyid:11:8B:A4:EF:90:1A:AC:10:87:6C:CF:97:6A:5F:7D:16:C4:CA:79:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EYuk75AarBCHbM-Xal99FsTKefA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/kcMhLVnREGVtYGP-4T1DywDd110.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/EYuk75AarBCHbM-Xal99FsTKefA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.188.0/22
IPv6:
2a03:5640::/32
Signature Algorithm: sha256WithRSAEncryption
22:c5:26:c7:73:ca:e4:4e:85:66:41:ec:f4:a4:bb:7a:42:c1:
8d:80:8f:3b:36:1b:f8:dc:65:02:b3:bf:a7:d8:d8:e8:4e:0c:
a2:79:da:0a:cb:31:37:ea:3f:2f:0e:56:9b:59:b8:4a:db:9f:
0d:b0:0a:84:a0:fc:54:09:ef:3c:59:a7:5a:e7:54:01:ac:3c:
a7:ba:1e:c3:f7:dc:5a:80:73:c6:15:02:b6:9d:08:00:ba:9e:
3b:36:e0:ee:a4:06:71:00:b3:65:a7:4d:d9:10:ba:39:bc:4b:
18:4e:52:1e:aa:4a:56:fb:53:be:9a:81:ca:01:6d:22:53:e5:
16:02:b7:e4:3e:c1:e6:49:65:41:4b:a3:3b:bb:4d:02:1c:c7:
7d:0a:a0:72:f7:58:90:08:17:df:e5:0c:00:fa:9d:ad:3c:17:
9e:89:21:ca:e4:54:7e:7e:5e:fa:6f:1f:ab:7b:01:ad:b5:d7:
eb:fa:50:c8:5e:7f:04:0a:c3:9b:f0:99:2a:c4:62:8a:a0:ff:
9f:2b:3f:39:6b:a9:7a:b1:2a:88:18:d7:27:4e:3a:31:59:7b:
e6:8f:cd:3f:fc:71:b4:3a:78:90:59:e9:eb:20:0f:f6:31:6c:
87:4f:48:2a:da:82:82:66:3b:2a:9f:fc:b0:0e:e3:ca:b4:a6:
42:b4:a7:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU8wlqxTZRm0OrzOf/S7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExOGJhNGVmOTAxYWFjMTA4NzZjY2Y5NzZhNWY3ZDE2YzRj
YTc5ZjAwHhcNMjMwMTAxMTIzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWMzMjEyZDU5ZDExMDY1NmQ2MDYzZmVlMTNkNDNjYjAwZGRkNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkgrskxns/KDybtl/K3TZqOL5jPm
WOuK+UPtGiTvw/US7Vc5Y6UXZywHy+S7EhlRnyak4nx6ANhvWE/uWLIpv7KnqD14
7uKqU2z08dNQdKQr0ZQSlrJai3dzShoOkVigxdHetd+gl3PRgkQ5wd1Xqgxj4fOU
NDthFg8ik/F9rnLQI2DbTn29btGb5rc01A3mCSHB+uD46UDn4e6KKSZVZSCe3m0S
cVAPaH3YiZXMFesd4IIfZgtfrX2QvzN/PQJnKV7x3DK+jviUSnR9fXtA7Azdpu8Z
atIQTS9OSAE4GmEkuzsBZLCbSQZTrnZO495Bl4RK/RKLSbgJo/EB8cWDEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJHDIS1Z0RBlbWBj/uE9Q8sA3dddMB8GA1UdIwQY
MBaAFBGLpO+QGqwQh2zPl2pffRbEynnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVl1azc1QWFyQkNIYk0tWGFsOTlGc1RLZWZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9iZDRkOGQtOTM4MC00MGU5LTgxNDIt
ZjJiNGVmYmE1OWJjLzEva2NNaExWblJFR1Z0WUdQLTRUMUR5d0RkMTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9iZDRkOGQtOTM4MC00MGU5LTgxNDItZjJiNGVmYmE1OWJj
LzEvRVl1azc1QWFyQkNIYk0tWGFsOTlGc1RLZWZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQm8MA0E
AgACMAcDBQAqA1ZAMA0GCSqGSIb3DQEBCwUAA4IBAQAixSbHc8rkToVmQez0pLt6
QsGNgI87Nhv43GUCs7+n2NjoTgyiedoKyzE36j8vDlabWbhK258NsAqEoPxUCe88
Wada51QBrDynuh7D99xagHPGFQK2nQgAup47NuDupAZxALNlp03ZELo5vEsYTlIe
qkpW+1O+moHKAW0iU+UWArfkPsHmSWVBS6M7u00CHMd9CqBy91iQCBff5QwA+p2t
PBeeiSHK5FR+fl76bx+rewGttdfr+lDIXn8ECsOb8JkqxGKKoP+fKz85a6l6sSqI
GNcnTjoxWXvmj80//HG0OniQWenrIA/2MWyHT0gq2oKCZjsqn/ywDuPKtKZCtKdn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:22 2024 by rpki-client on console-fra.rpki-client.org