Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KGn1EgCRPUwXCi4yBFhBO4skSL8.roa
File: KGn1EgCRPUwXCi4yBFhBO4skSL8.roa (raw, json)
Hash identifier: pbIvVufqt+vwfjmhl8I4z6NvPWdaSi1KpEk110uw8nE=
Subject key identifier: 28:69:F5:12:00:91:3D:4C:17:0A:2E:32:04:58:41:3B:8B:24:48:BF
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188A0AFBE8273C09A754A90695EC4C0B84B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KGn1EgCRPUwXCi4yBFhBO4skSL8.roa
Signing time: Fri 09 Jun 2023 15:04:12 +0000
ROA not before: Fri 09 Jun 2023 15:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2.58.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:af:be:82:73:c0:9a:75:4a:90:69:5e:c4:c0:b8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 9 15:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2869f51200913d4c170a2e320458413b8b2448bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0a:7d:80:5b:e5:41:70:eb:84:8d:85:85:71:
74:d9:93:b6:88:94:be:fc:1c:81:78:98:df:6f:80:
15:ee:98:0f:db:56:f5:8b:94:c4:3e:52:d8:a5:20:
be:23:fb:50:5d:f7:02:77:0a:4b:43:48:47:d6:1b:
7c:2d:47:2a:44:e8:0f:cd:61:c9:6e:86:13:23:2b:
f5:3e:e8:42:54:3f:b2:ac:91:01:89:65:e3:33:99:
68:d3:7d:59:d0:32:f6:4e:4b:c3:fd:dd:65:36:7e:
0b:f1:5d:a6:9e:d5:e9:99:58:f2:a1:f5:87:3e:31:
ef:43:e0:b9:e6:b9:8b:71:94:dd:4f:93:08:fa:22:
7a:71:47:56:e3:68:f7:d4:f3:69:88:85:c1:57:c8:
aa:52:61:af:1a:df:57:e6:d8:b8:42:60:3c:70:0b:
ae:7a:83:cf:8e:e8:2d:ca:33:a0:cb:77:c3:be:a0:
3d:00:25:3d:7f:3f:70:d8:20:00:27:a7:c2:47:eb:
59:2d:6e:a8:6a:3f:34:4f:99:f6:de:7a:f2:51:0a:
ad:64:5c:9a:fd:74:e6:d3:a2:5f:90:d4:8d:ce:42:
6d:9b:b0:c0:70:0a:c1:3b:a3:36:11:85:3b:ee:f9:
82:88:70:a0:8f:5a:dc:63:b7:d0:0a:9b:00:dd:40:
9d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:69:F5:12:00:91:3D:4C:17:0A:2E:32:04:58:41:3B:8B:24:48:BF
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KGn1EgCRPUwXCi4yBFhBO4skSL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
Signature Algorithm: sha256WithRSAEncryption
86:24:2c:a7:36:43:cd:7e:a1:64:f1:be:34:60:8e:2e:37:9b:
b3:78:83:c7:66:8f:60:0a:c8:bc:39:d4:61:b6:fe:07:bd:e2:
6d:3c:67:ee:bd:16:f5:e2:b2:42:fe:7a:17:c7:de:f4:3c:c3:
9f:e1:72:65:06:5d:13:7a:b8:2f:0e:84:c9:3c:be:73:d1:df:
f2:9d:9e:35:d3:ba:f8:a1:93:27:58:51:6c:72:a0:15:d1:2c:
e2:d0:e5:d7:5a:38:1e:d4:e4:b3:3c:d6:ba:54:0d:b0:93:5c:
45:e1:40:cb:e0:2d:9d:1c:1f:8f:8a:ab:0b:ef:c2:cc:41:48:
9e:14:73:2b:d2:dd:a1:75:fe:ab:53:2d:3f:cb:25:ce:3e:65:
c3:09:e6:54:56:b0:ec:ac:5e:c6:2a:7e:48:3e:8e:79:98:52:
aa:e3:fc:8e:45:62:28:ca:b2:d2:0d:59:20:7a:ab:be:c6:f4:
74:9c:28:b9:9c:4c:1e:cc:32:42:d4:10:7a:e0:ec:93:a7:eb:
9d:c9:24:e2:45:38:24:7f:5e:19:eb:79:f1:90:9d:8f:44:4b:
ee:66:3c:f4:ad:f6:b6:cc:d9:e9:eb:88:11:9a:3e:38:95:e7:
33:75:dc:f0:cc:88:7b:11:fa:ad:ae:68:ab:07:03:8e:0c:8c:
45:90:f5:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYigr76Cc8CadUqQaV7EwLhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjA5MTUwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY5ZjUxMjAwOTEzZDRjMTcwYTJlMzIwNDU4NDEzYjhiMjQ0OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAp9gFvlQXDrhI2FhXF02ZO2iJS+
/ByBeJjfb4AV7pgP21b1i5TEPlLYpSC+I/tQXfcCdwpLQ0hH1ht8LUcqROgPzWHJ
boYTIyv1PuhCVD+yrJEBiWXjM5lo031Z0DL2TkvD/d1lNn4L8V2mntXpmVjyofWH
PjHvQ+C55rmLcZTdT5MI+iJ6cUdW42j31PNpiIXBV8iqUmGvGt9X5ti4QmA8cAuu
eoPPjugtyjOgy3fDvqA9ACU9fz9w2CAAJ6fCR+tZLW6oaj80T5n23nryUQqtZFya
/XTm06JfkNSNzkJtm7DAcArBO6M2EYU77vmCiHCgj1rcY7fQCpsA3UCdIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChp9RIAkT1MFwouMgRYQTuLJEi/MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvS0duMUVnQ1JQVXdYQ2k0eUJGaEJPNHNrU0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjqqMA0G
CSqGSIb3DQEBCwUAA4IBAQCGJCynNkPNfqFk8b40YI4uN5uzeIPHZo9gCsi8OdRh
tv4HveJtPGfuvRb14rJC/noXx970PMOf4XJlBl0TergvDoTJPL5z0d/ynZ4107r4
oZMnWFFscqAV0Szi0OXXWjge1OSzPNa6VA2wk1xF4UDL4C2dHB+PiqsL78LMQUie
FHMr0t2hdf6rUy0/yyXOPmXDCeZUVrDsrF7GKn5IPo55mFKq4/yORWIoyrLSDVkg
equ+xvR0nCi5nEwezDJC1BB64OyTp+udySTiRTgkf14Z63nxkJ2PREvuZjz0rfa2
zNnp64gRmj44leczddzwzIh7EfqtrmirBwOODIxFkPWk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:00 2023 by rpki-client on console-fra.rpki-client.org