Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KXCQCmV3VqpLhbnO0T2bqYq6XuE.roa
File: KXCQCmV3VqpLhbnO0T2bqYq6XuE.roa (raw, json)
Hash identifier: 9jIGIhoSXtb+cpKcA+apdxQndtwc04O7BapDyDbiC58=
Subject key identifier: 29:70:90:0A:65:77:56:AA:4B:85:B9:CE:D1:3D:9B:A9:8A:BA:5E:E1
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018BB449300EC0B7AE511242D269E7F0ED2F
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KXCQCmV3VqpLhbnO0T2bqYq6XuE.roa
Signing time: Thu 09 Nov 2023 13:32:57 +0000
ROA not before: Thu 09 Nov 2023 13:32:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 91.92.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:49:30:0e:c0:b7:ae:51:12:42:d2:69:e7:f0:ed:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Nov 9 13:32:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2970900a657756aa4b85b9ced13d9ba98aba5ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5f:3e:2a:4a:df:17:83:20:d1:db:0c:87:5c:
c4:c3:8e:de:9b:31:7e:f3:b7:6b:f3:13:8c:16:2b:
ab:46:b6:05:3b:3b:d3:75:90:bc:f9:12:3e:70:bd:
8d:36:1e:36:f0:c9:e0:30:84:6b:31:10:6d:a5:e7:
ad:bc:1a:81:58:f0:c8:0f:52:07:71:53:5e:c4:db:
14:28:f9:3b:e2:8c:55:be:ad:af:e6:f1:95:fd:66:
13:63:72:82:20:01:6b:f4:d6:35:51:8d:dc:49:04:
1e:9a:a6:ae:b1:7f:0c:9e:66:3b:32:5a:4c:e3:74:
83:12:97:b2:5d:4a:3c:21:7b:7d:5f:d7:f5:89:e9:
30:84:f3:4f:5f:63:08:8e:d5:71:d7:6a:7c:8b:48:
48:59:0d:92:c1:ff:db:3d:e6:72:b9:71:87:99:d5:
60:f5:e1:21:31:c6:e3:9d:4c:78:b6:05:91:5d:db:
ca:7b:cc:a9:dd:e5:64:ae:06:46:25:38:a2:9b:89:
d9:5b:4f:e9:cc:0a:b4:99:f5:60:50:f1:f8:c5:5b:
33:78:a7:41:44:71:cd:a5:75:a8:cb:ef:84:45:78:
e8:bf:43:40:1c:f9:e1:85:cd:7b:bd:c9:d9:10:a3:
48:8d:30:c0:19:a2:f0:b1:88:b1:19:b2:bf:82:b7:
43:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:70:90:0A:65:77:56:AA:4B:85:B9:CE:D1:3D:9B:A9:8A:BA:5E:E1
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KXCQCmV3VqpLhbnO0T2bqYq6XuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.35.0/24
Signature Algorithm: sha256WithRSAEncryption
96:f4:89:05:4e:ea:e1:dd:90:51:4e:ff:43:ce:ad:e2:96:a7:
80:c3:01:fa:2e:7b:67:cf:4c:6c:f7:3c:19:3b:4a:66:51:05:
66:ae:a9:1a:fc:4c:ce:29:fa:b4:ad:d0:d8:50:e2:fb:b3:90:
99:8b:b7:81:6d:3d:9e:c0:66:1f:b7:be:97:32:05:6c:01:5e:
0d:b6:c1:da:3a:77:25:3a:4b:7c:b8:41:d5:88:e8:66:aa:f1:
b5:e5:fa:ad:cc:37:eb:73:ab:8e:70:4f:2c:65:8a:32:d7:6b:
eb:b9:fb:0d:2d:f0:83:a9:59:2d:87:7a:7f:71:ca:d7:27:16:
b1:d3:95:57:09:83:fd:c2:a5:36:5a:1e:a8:94:b2:94:f7:38:
aa:60:86:04:20:ba:5f:e0:e8:ed:54:c3:8d:68:74:5d:92:c1:
89:1b:43:1b:7d:fd:b5:1c:16:af:b1:e2:37:09:7b:52:37:96:
1f:fe:5d:b2:67:33:81:d9:1a:31:d2:12:56:44:12:5a:46:b4:
31:63:2d:8e:c2:9d:ba:5c:a1:96:01:c3:25:7e:c9:22:54:b6:
c6:6c:ee:ce:52:66:fe:64:44:ba:11:26:7a:8e:ec:df:38:1d:
f8:ba:f5:81:39:8b:cb:5d:62:15:f8:d8:74:eb:d9:bf:b5:bc:
90:10:bd:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu0STAOwLeuURJC0mnn8O0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMxMTA5MTMzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTcwOTAwYTY1Nzc1NmFhNGI4NWI5Y2VkMTNkOWJhOThhYmE1ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil8+KkrfF4Mg0dsMh1zEw47emzF+
87dr8xOMFiurRrYFOzvTdZC8+RI+cL2NNh428MngMIRrMRBtpeetvBqBWPDID1IH
cVNexNsUKPk74oxVvq2v5vGV/WYTY3KCIAFr9NY1UY3cSQQemqausX8MnmY7MlpM
43SDEpeyXUo8IXt9X9f1iekwhPNPX2MIjtVx12p8i0hIWQ2Swf/bPeZyuXGHmdVg
9eEhMcbjnUx4tgWRXdvKe8yp3eVkrgZGJTiim4nZW0/pzAq0mfVgUPH4xVszeKdB
RHHNpXWoy++ERXjov0NAHPnhhc17vcnZEKNIjTDAGaLwsYixGbK/grdDqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClwkApld1aqS4W5ztE9m6mKul7hMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvS1hDUUNtVjNWcXBMaGJuTzBUMmJxWXE2WHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW1wjMA0G
CSqGSIb3DQEBCwUAA4IBAQCW9IkFTurh3ZBRTv9Dzq3ilqeAwwH6Lntnz0xs9zwZ
O0pmUQVmrqka/EzOKfq0rdDYUOL7s5CZi7eBbT2ewGYft76XMgVsAV4NtsHaOncl
Okt8uEHViOhmqvG15fqtzDfrc6uOcE8sZYoy12vrufsNLfCDqVkth3p/ccrXJxax
05VXCYP9wqU2Wh6olLKU9ziqYIYEILpf4OjtVMONaHRdksGJG0Mbff21HBavseI3
CXtSN5Yf/l2yZzOB2Rox0hJWRBJaRrQxYy2Owp26XKGWAcMlfskiVLbGbO7OUmb+
ZES6ESZ6juzfOB34uvWBOYvLXWIV+Nh069m/tbyQEL2P
-----END CERTIFICATE-----
Generated at Mon Dec 4 16:34:18 2023 by rpki-client on console-ams.rpki-client.org