Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/kpLXYbnxdK7puMFE_FkyQlhV8Hg.roa
File: kpLXYbnxdK7puMFE_FkyQlhV8Hg.roa (raw, json)
Hash identifier: wnAcd7LDrnjcK2j/Mx7LbI4S6XQNs7wD8Y3URNLeCEc=
Subject key identifier: 92:92:D7:61:B9:F1:74:AE:E9:B8:C1:44:FC:59:32:42:58:55:F0:78
Certificate issuer: /CN=9e32aef0067c4f0ba20ee6663440005b1b3b887b
Certificate serial: 018571279C8496EC5A5B4E6A3F9066FB6C05
Authority key identifier: 9E:32:AE:F0:06:7C:4F:0B:A2:0E:E6:66:34:40:00:5B:1B:3B:88:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njKu8AZ8TwuiDuZmNEAAWxs7iHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/kpLXYbnxdK7puMFE_FkyQlhV8Hg.roa
Signing time: Mon 02 Jan 2023 06:24:59 +0000
ROA not before: Mon 02 Jan 2023 06:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199567
IP address blocks: 185.8.209.0/24 maxlen: 24
185.8.208.0/24 maxlen: 24
185.8.211.0/24 maxlen: 24
185.8.208.0/22 maxlen: 22
185.8.210.0/24 maxlen: 24
194.40.245.0/24 maxlen: 24
2a02:d740::/29 maxlen: 29
2a02:d740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:9c:84:96:ec:5a:5b:4e:6a:3f:90:66:fb:6c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e32aef0067c4f0ba20ee6663440005b1b3b887b
Validity
Not Before: Jan 2 06:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9292d761b9f174aee9b8c144fc5932425855f078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5f:b7:d9:a7:27:90:89:61:76:51:99:d6:6b:
9d:c3:12:35:6d:10:62:19:60:66:f6:5c:52:94:31:
bb:03:a0:48:27:10:f2:c0:03:32:bb:0d:6e:9f:41:
e5:34:f9:72:da:1e:e6:5b:58:7e:0c:65:be:d9:dc:
c7:ef:ff:85:2d:92:6c:9c:07:43:e8:ef:0a:e4:c9:
c7:d0:2c:fb:18:a9:40:b0:ef:dc:20:3b:37:56:49:
90:0b:cf:6c:6b:92:7d:28:2e:94:d0:78:a0:33:d6:
4e:ec:23:8f:1c:3f:16:cb:6d:62:74:bd:78:98:e8:
ae:d5:4d:60:37:1e:d1:06:71:24:f7:2d:19:c2:8d:
68:56:56:24:67:e5:25:a3:00:f6:16:11:e3:8d:47:
ee:93:df:2b:1c:03:bd:e3:9f:cc:1d:09:f1:53:06:
3c:6d:09:2c:54:a8:a1:89:3c:98:89:8b:bc:75:c1:
62:63:4b:77:b9:e2:0e:ea:fa:43:89:82:e5:14:03:
ea:c1:39:b8:9a:4a:28:13:fb:21:a3:79:a2:cb:94:
61:bd:53:14:03:31:cc:69:b7:cd:98:e7:71:7e:07:
8b:f2:e4:00:10:8e:6f:a0:a7:93:77:8e:55:1b:5c:
f8:03:44:69:f4:ce:ff:e6:57:e7:e5:fa:d9:a4:90:
e9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:92:D7:61:B9:F1:74:AE:E9:B8:C1:44:FC:59:32:42:58:55:F0:78
X509v3 Authority Key Identifier:
keyid:9E:32:AE:F0:06:7C:4F:0B:A2:0E:E6:66:34:40:00:5B:1B:3B:88:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njKu8AZ8TwuiDuZmNEAAWxs7iHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/kpLXYbnxdK7puMFE_FkyQlhV8Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/njKu8AZ8TwuiDuZmNEAAWxs7iHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.208.0/22
194.40.245.0/24
IPv6:
2a02:d740::/29
Signature Algorithm: sha256WithRSAEncryption
31:f1:4d:bb:c3:af:e1:08:27:47:7d:54:0b:af:25:08:69:b8:
4b:b2:fa:fc:4d:7f:1c:20:bb:99:ed:a2:ee:e6:97:46:f4:a5:
94:d1:bc:e5:ea:9f:15:95:ee:1e:1f:f3:18:05:7f:f9:45:17:
d5:3b:7f:e5:15:90:59:e0:8d:c9:ac:66:ae:77:18:10:75:e3:
2d:01:02:d1:46:5c:96:2b:e2:3f:f7:26:03:e0:00:c1:ed:cc:
11:39:7e:7b:5c:ff:d4:3b:79:e4:c8:12:01:aa:79:38:6e:d2:
79:1e:d3:68:e5:03:9a:0e:43:4b:d4:2d:a2:a9:48:de:02:f9:
2f:ca:be:f2:e6:8f:c5:cf:f5:dc:d9:2d:15:db:2c:3b:b4:bc:
30:4f:33:11:4b:6b:64:a2:f9:b0:a1:db:4a:33:04:9a:f4:f1:
98:8f:2b:6f:53:6b:47:28:7f:a9:60:b6:db:1d:94:66:6b:27:
0e:3a:b2:dd:da:0e:ad:e2:ea:84:fb:d7:69:57:48:92:5b:b5:
cd:32:bf:91:a8:33:65:06:68:9d:17:cb:5c:18:98:db:c0:40:
36:4a:eb:19:60:cf:c8:43:67:63:b2:8f:f4:12:1f:fc:86:52:
87:62:a5:e0:fd:8b:e4:ae:80:b3:e1:78:0d:22:2f:3f:75:f7:
4f:2c:34:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxJ5yEluxaW05qP5Bm+2wFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzJhZWYwMDY3YzRmMGJhMjBlZTY2NjM0NDAwMDViMWIz
Yjg4N2IwHhcNMjMwMTAyMDYyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjkyZDc2MWI5ZjE3NGFlZTliOGMxNDRmYzU5MzI0MjU4NTVmMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1+32acnkIlhdlGZ1mudwxI1bRBi
GWBm9lxSlDG7A6BIJxDywAMyuw1un0HlNPly2h7mW1h+DGW+2dzH7/+FLZJsnAdD
6O8K5MnH0Cz7GKlAsO/cIDs3VkmQC89sa5J9KC6U0HigM9ZO7COPHD8Wy21idL14
mOiu1U1gNx7RBnEk9y0Zwo1oVlYkZ+UlowD2FhHjjUfuk98rHAO945/MHQnxUwY8
bQksVKihiTyYiYu8dcFiY0t3ueIO6vpDiYLlFAPqwTm4mkooE/sho3miy5RhvVMU
AzHMabfNmOdxfgeL8uQAEI5voKeTd45VG1z4A0Rp9M7/5lfn5frZpJDp/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJKS12G58XSu6bjBRPxZMkJYVfB4MB8GA1UdIwQY
MBaAFJ4yrvAGfE8Log7mZjRAAFsbO4h7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpLdThBWjhUd3VpRHVabU5FQUFXeHM3aUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy84YzI4NzQtZWJiYS00Yzc3LTk2YzYt
YzMxYzZkODY5MWQwLzEva3BMWFlibnhkSzdwdU1GRV9Ga3lRbGhWOEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy84YzI4NzQtZWJiYS00Yzc3LTk2YzYtYzMxYzZkODY5MWQw
LzEvbmpLdThBWjhUd3VpRHVabU5FQUFXeHM3aUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQjQAwQA
wij1MA0EAgACMAcDBQMqAtdAMA0GCSqGSIb3DQEBCwUAA4IBAQAx8U27w6/hCCdH
fVQLryUIabhLsvr8TX8cILuZ7aLu5pdG9KWU0bzl6p8Vle4eH/MYBX/5RRfVO3/l
FZBZ4I3JrGaudxgQdeMtAQLRRlyWK+I/9yYD4ADB7cwROX57XP/UO3nkyBIBqnk4
btJ5HtNo5QOaDkNL1C2iqUjeAvkvyr7y5o/Fz/Xc2S0V2yw7tLwwTzMRS2tkovmw
odtKMwSa9PGYjytvU2tHKH+pYLbbHZRmaycOOrLd2g6t4uqE+9dpV0iSW7XNMr+R
qDNlBmidF8tcGJjbwEA2SusZYM/IQ2djso/0Eh/8hlKHYqXg/YvkroCz4XgNIi8/
dfdPLDRM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:20 2024 by rpki-client on console-fra.rpki-client.org