Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/kZwowitHkbgH_fkSZn69clDGqDo.roa
File: kZwowitHkbgH_fkSZn69clDGqDo.roa (raw, json)
Hash identifier: TWLD+BI61zPJABIcSixRmhhpnsj1Sb/VN00DSWCc9MQ=
Subject key identifier: 91:9C:28:C2:2B:47:91:B8:07:FD:F9:12:66:7E:BD:72:50:C6:A8:3A
Certificate issuer: /CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Certificate serial: 018997AD09CF7CC058202AC5FEE0C0F82F74
Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/kZwowitHkbgH_fkSZn69clDGqDo.roa
Signing time: Thu 27 Jul 2023 14:07:27 +0000
ROA not before: Thu 27 Jul 2023 14:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203268
IP address blocks: 185.137.245.0/24 maxlen: 24
185.137.246.0/24 maxlen: 24
185.137.244.0/24 maxlen: 24
185.137.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Jul 2023 11:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:ad:09:cf:7c:c0:58:20:2a:c5:fe:e0:c0:f8:2f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Validity
Not Before: Jul 27 14:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=919c28c22b4791b807fdf912667ebd7250c6a83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:d3:ad:9d:a7:81:b4:6b:57:38:64:bd:36:
50:ca:dd:dd:42:40:ed:72:b7:9b:0f:1e:55:af:f5:
fc:fd:4b:a3:98:4d:78:54:11:4d:b7:33:33:56:d1:
0f:90:19:fa:8c:2c:48:27:e4:c9:9e:13:50:2e:5d:
1b:1f:00:b0:b7:68:9f:5e:be:90:76:99:f9:87:11:
bf:94:19:0d:3c:72:96:97:25:28:e9:9b:58:85:1a:
f1:71:11:fd:ab:d3:e1:b4:02:78:68:2e:50:f0:11:
27:be:ad:8f:e8:f9:78:e9:0e:42:ff:7e:9d:2e:f1:
38:2f:b9:46:8a:81:70:54:01:8b:2a:3b:09:6f:6e:
22:f9:26:aa:04:d1:c8:e0:a2:21:12:65:99:e7:57:
71:ab:34:ae:b7:7a:e9:35:61:ee:59:7b:e0:6f:72:
7f:9c:da:76:40:57:d9:02:6c:bf:92:1a:f5:a0:50:
15:5a:eb:77:ff:3b:59:a7:3d:49:03:5e:7e:6d:dd:
24:10:aa:87:6c:70:4f:1b:ac:47:d5:2a:a8:19:d1:
2e:a2:b5:65:43:9d:ef:e1:b0:5a:ec:69:cd:c9:d0:
83:af:9a:d9:e5:88:ac:ca:92:ed:05:b3:62:cc:23:
6e:bb:9c:ae:38:76:95:f2:24:9d:a7:d8:cb:09:b9:
13:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9C:28:C2:2B:47:91:B8:07:FD:F9:12:66:7E:BD:72:50:C6:A8:3A
X509v3 Authority Key Identifier:
keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/kZwowitHkbgH_fkSZn69clDGqDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.244.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:25:34:c8:2c:bb:db:d1:0a:d3:5e:fe:a8:44:5e:37:a7:bd:
0f:52:08:fe:c5:81:68:ba:aa:f7:5a:76:59:e6:af:ad:32:87:
ec:f8:f1:9d:be:6e:83:c1:69:cb:a6:69:b5:12:77:1d:df:31:
32:0e:6a:fd:31:82:bf:32:b7:11:81:68:8d:0b:77:27:5d:8e:
a7:db:6b:ac:b8:84:0e:d5:80:ca:14:34:9e:70:65:53:be:6a:
78:16:f1:57:21:87:9d:31:b2:88:69:35:98:92:dc:58:b3:53:
ad:11:3a:e2:53:eb:8f:f8:39:67:be:36:c6:e4:92:e6:26:36:
7a:50:ed:1d:29:af:ac:6e:02:b6:94:36:1e:8f:0c:ab:ab:e3:
8a:1f:2c:6b:19:f4:70:94:4c:e6:57:fb:ae:bc:cb:50:54:cd:
4f:b2:27:79:9b:80:a6:81:f5:bd:58:37:03:a3:b4:6a:90:17:
de:3f:d1:e8:7c:ff:3e:02:b3:fc:e1:1f:39:0d:15:0b:e8:ea:
58:98:89:3c:49:db:5c:70:58:a6:5e:b6:2e:3e:58:a3:3a:c9:
29:87:93:42:96:19:04:30:95:d8:5d:68:8e:2e:e0:63:89:55:
f7:f3:b2:54:e1:ad:40:bd:0b:7b:85:4f:0c:54:2a:1b:e3:54:
97:51:ca:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmXrQnPfMBYICrF/uDA+C90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2
NWNjZTIwHhcNMjMwNzI3MTQwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTljMjhjMjJiNDc5MWI4MDdmZGY5MTI2NjdlYmQ3MjUwYzZhODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvbTrZ2ngbRrVzhkvTZQyt3dQkDt
crebDx5Vr/X8/UujmE14VBFNtzMzVtEPkBn6jCxIJ+TJnhNQLl0bHwCwt2ifXr6Q
dpn5hxG/lBkNPHKWlyUo6ZtYhRrxcRH9q9PhtAJ4aC5Q8BEnvq2P6Pl46Q5C/36d
LvE4L7lGioFwVAGLKjsJb24i+SaqBNHI4KIhEmWZ51dxqzSut3rpNWHuWXvgb3J/
nNp2QFfZAmy/khr1oFAVWut3/ztZpz1JA15+bd0kEKqHbHBPG6xH1SqoGdEuorVl
Q53v4bBa7GnNydCDr5rZ5YisypLtBbNizCNuu5yuOHaV8iSdp9jLCbkTdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGcKMIrR5G4B/35EmZ+vXJQxqg6MB8GA1UdIwQY
MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt
NWYzMzgxYjA3MWRhLzEva1p3b3dpdEhrYmdIX2ZrU1puNjljbERHcURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh
LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYn0MA0G
CSqGSIb3DQEBCwUAA4IBAQCtJTTILLvb0QrTXv6oRF43p70PUgj+xYFouqr3WnZZ
5q+tMofs+PGdvm6DwWnLpmm1Encd3zEyDmr9MYK/MrcRgWiNC3cnXY6n22usuIQO
1YDKFDSecGVTvmp4FvFXIYedMbKIaTWYktxYs1OtETriU+uP+DlnvjbG5JLmJjZ6
UO0dKa+sbgK2lDYejwyrq+OKHyxrGfRwlEzmV/uuvMtQVM1Psid5m4CmgfW9WDcD
o7RqkBfeP9HofP8+ArP84R85DRUL6OpYmIk8SdtccFimXrYuPlijOskph5NClhkE
MJXYXWiOLuBjiVX387JU4a1AvQt7hU8MVCob41SXUcpN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:20 2024 by rpki-client on console-fra.rpki-client.org