Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/kfA1pBRuMurREL2uNnQE9pP6t9I.roa
File: kfA1pBRuMurREL2uNnQE9pP6t9I.roa (raw, json)
Hash identifier: DQroISSvS32xFgsqHJmPR49ErQwv3IdOFmDhSThIquo=
Subject key identifier: 91:F0:35:A4:14:6E:32:EA:D1:10:BD:AE:36:74:04:F6:93:FA:B7:D2
Certificate issuer: /CN=863841506d026131965057409a1604a5671f0541
Certificate serial: 0190FEC077CDF534314BF186826F863C7700
Authority key identifier: 86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/kfA1pBRuMurREL2uNnQE9pP6t9I.roa
Signing time: Mon 29 Jul 2024 13:49:04 +0000
ROA not before: Mon 29 Jul 2024 13:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57795
IP address blocks: 185.121.112.0/22 maxlen: 24
2a06:9e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:c0:77:cd:f5:34:31:4b:f1:86:82:6f:86:3c:77:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=863841506d026131965057409a1604a5671f0541
Validity
Not Before: Jul 29 13:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91f035a4146e32ead110bdae367404f693fab7d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b2:a6:8d:5a:03:ac:d3:ae:a8:fc:61:83:57:
66:cb:83:53:ed:c6:1f:ef:13:64:ac:56:0c:1f:08:
19:c4:bc:cc:3c:83:b4:a8:6c:49:85:4a:80:b8:6f:
01:4e:0b:89:3e:78:9c:12:a6:41:fa:fb:93:81:ec:
4f:09:17:25:79:df:30:9d:78:86:0d:fc:1d:a6:38:
31:6c:3b:29:41:be:4d:ed:53:6b:b2:f5:19:8d:d3:
fb:47:e7:66:fc:60:b9:a8:b6:68:06:f1:f1:df:06:
0f:21:c3:7a:80:83:dc:4c:78:4a:fc:a6:2d:84:28:
90:26:31:43:c5:d5:df:29:96:a7:e4:1e:cf:ec:4e:
a5:4b:ff:82:68:fa:6f:49:5e:f1:97:0d:25:cc:fc:
82:1a:56:26:fe:51:29:50:79:31:25:d6:d7:b3:4a:
5d:e7:a8:81:01:42:37:2f:c7:42:bc:2f:03:c3:df:
ed:99:db:71:8d:e2:ea:c5:e7:b2:ea:27:9a:91:d4:
22:17:3c:1f:48:34:ef:9a:87:1a:6f:23:d0:f1:91:
ff:7f:fc:82:5a:78:03:e4:55:de:ff:50:f7:8f:cc:
56:fe:d9:88:00:0f:4d:53:cf:75:14:93:b2:16:fe:
cf:a2:eb:43:86:49:de:3c:32:bb:4b:b8:e5:e3:5d:
38:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F0:35:A4:14:6E:32:EA:D1:10:BD:AE:36:74:04:F6:93:FA:B7:D2
X509v3 Authority Key Identifier:
keyid:86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/kfA1pBRuMurREL2uNnQE9pP6t9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.112.0/22
IPv6:
2a06:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
0d:8f:f0:39:39:c1:b9:59:2e:c8:0f:44:c5:2c:ec:be:fb:cf:
4b:10:86:22:92:ef:21:6a:a4:84:a9:66:a2:e5:ef:53:6d:7d:
bb:66:97:06:8e:ba:96:38:81:22:d9:64:db:21:91:9a:7b:db:
a3:f8:d7:3a:73:91:7c:f5:86:bb:60:28:20:93:71:35:ef:cd:
1a:81:53:61:0e:c4:32:11:b7:85:0b:49:0a:98:af:c3:7f:5e:
3e:05:c7:d5:9c:20:05:4e:58:c5:2e:00:0e:9f:1d:23:e2:02:
14:d8:99:36:5e:a1:41:5f:fc:6b:69:6a:81:fc:d7:d8:41:bb:
22:0a:31:17:aa:41:df:bd:b9:c8:ba:68:90:81:29:c3:a3:b9:
dd:64:c0:75:b0:f1:c0:aa:46:23:f8:5e:3e:ce:df:a5:c1:09:
d2:b3:b8:41:63:d0:57:97:89:12:dd:21:b2:aa:e2:5e:ec:fb:
71:7b:5c:c4:0b:72:b0:68:05:be:e3:08:c1:6b:90:7f:9e:f2:
e9:f9:52:c9:cd:36:4d:59:41:64:a1:29:5b:5c:b0:82:92:84:
2a:66:8e:b0:ec:43:37:fc:c5:b2:75:e9:8a:71:cc:6a:61:d5:
f7:be:35:fe:ce:ad:4d:d3:a6:d7:29:d4:c0:65:57:27:ce:6b:
c1:ae:24:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZD+wHfN9TQxS/GGgm+GPHcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Mzg0MTUwNmQwMjYxMzE5NjUwNTc0MDlhMTYwNGE1Njcx
ZjA1NDEwHhcNMjQwNzI5MTM0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYwMzVhNDE0NmUzMmVhZDExMGJkYWUzNjc0MDRmNjkzZmFiN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLKmjVoDrNOuqPxhg1dmy4NT7cYf
7xNkrFYMHwgZxLzMPIO0qGxJhUqAuG8BTguJPnicEqZB+vuTgexPCRcled8wnXiG
DfwdpjgxbDspQb5N7VNrsvUZjdP7R+dm/GC5qLZoBvHx3wYPIcN6gIPcTHhK/KYt
hCiQJjFDxdXfKZan5B7P7E6lS/+CaPpvSV7xlw0lzPyCGlYm/lEpUHkxJdbXs0pd
56iBAUI3L8dCvC8Dw9/tmdtxjeLqxeey6ieakdQiFzwfSDTvmocabyPQ8ZH/f/yC
WngD5FXe/1D3j8xW/tmIAA9NU891FJOyFv7PoutDhknePDK7S7jl4104swIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJHwNaQUbjLq0RC9rjZ0BPaT+rfSMB8GA1UdIwQY
MBaAFIY4QVBtAmExllBXQJoWBKVnHwVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2Mt
M2JmYTA1MDkyMDFmLzEva2ZBMXBCUnVNdXJSRUwydU5uUUU5cFA2dDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2MtM2JmYTA1MDkyMDFm
LzEvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXlwMA0E
AgACMAcDBQMqBp4AMA0GCSqGSIb3DQEBCwUAA4IBAQANj/A5OcG5WS7ID0TFLOy+
+89LEIYiku8haqSEqWai5e9TbX27ZpcGjrqWOIEi2WTbIZGae9uj+Nc6c5F89Ya7
YCggk3E1780agVNhDsQyEbeFC0kKmK/Df14+BcfVnCAFTljFLgAOnx0j4gIU2Jk2
XqFBX/xraWqB/NfYQbsiCjEXqkHfvbnIumiQgSnDo7ndZMB1sPHAqkYj+F4+zt+l
wQnSs7hBY9BXl4kS3SGyquJe7Ptxe1zEC3KwaAW+4wjBa5B/nvLp+VLJzTZNWUFk
oSlbXLCCkoQqZo6w7EM3/MWydemKccxqYdX3vjX+zq1N06bXKdTAZVcnzmvBriQE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:23 2025 by rpki-client