Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/kYINdhi457MSpgbm1EOIqMLbvd0.roa
File: kYINdhi457MSpgbm1EOIqMLbvd0.roa (raw, json)
Hash identifier: GWksdLdUj6QXTJRajCGKgaDLPClH6oyWqAONWII4nOo=
Subject key identifier: 91:82:0D:76:18:B8:E7:B3:12:A6:06:E6:D4:43:88:A8:C2:DB:BD:DD
Certificate issuer: /CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Certificate serial: 018AAF95E2120B5D241B630C257AA667299C
Authority key identifier: EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/kYINdhi457MSpgbm1EOIqMLbvd0.roa
Signing time: Tue 19 Sep 2023 22:35:50 +0000
ROA not before: Tue 19 Sep 2023 22:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42598
IP address blocks: 194.55.4.0/24 maxlen: 24
194.55.6.0/24 maxlen: 24
194.55.5.0/24 maxlen: 24
2a0c:ca40:5::/48 maxlen: 48
2a0c:ca40:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:af:95:e2:12:0b:5d:24:1b:63:0c:25:7a:a6:67:29:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Validity
Not Before: Sep 19 22:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91820d7618b8e7b312a606e6d44388a8c2dbbddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d6:9d:5d:ab:77:03:b8:e5:90:eb:20:1c:c0:
58:2c:71:14:0b:af:67:5c:3f:f8:30:26:32:5a:f1:
ea:63:e8:d0:bb:59:47:f1:21:67:33:f7:6a:7c:35:
67:c6:81:8b:0c:c9:0a:98:ac:f0:09:35:1a:ea:3c:
97:7d:78:b0:54:0d:3b:c5:c6:5b:13:a0:15:58:36:
e5:61:0a:54:80:04:08:b4:a9:c7:e2:23:82:71:f7:
83:39:f5:8e:bf:a7:a1:46:a4:47:52:fe:af:c3:e9:
c6:fd:9f:be:94:4d:fb:91:d4:1d:61:3e:fb:ed:01:
17:80:2f:82:92:5a:8f:03:b3:3f:dd:ad:77:fd:64:
76:51:b4:8c:5c:58:a7:38:5e:d5:da:2c:59:b5:65:
db:27:58:1c:e4:2d:71:00:fe:95:dc:68:9a:f3:ae:
68:33:94:67:22:9b:d2:cd:d0:83:20:32:94:77:09:
5c:59:dc:f3:f2:61:25:fe:63:70:e9:58:df:e4:3e:
92:b5:12:1e:ba:d2:d5:ea:53:55:94:b1:4a:69:02:
5c:21:4c:5c:46:cf:4c:3c:fe:5f:98:6f:63:02:d2:
66:97:6f:ae:cb:4b:77:be:77:d0:e3:e3:2f:31:23:
39:1d:bd:73:eb:2c:e8:7a:4e:43:66:c2:cc:f1:4d:
19:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:82:0D:76:18:B8:E7:B3:12:A6:06:E6:D4:43:88:A8:C2:DB:BD:DD
X509v3 Authority Key Identifier:
keyid:EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/kYINdhi457MSpgbm1EOIqMLbvd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/63yCLR6UUXyIUVzJs_wr3hKbRUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.4.0-194.55.6.255
IPv6:
2a0c:ca40:5::-2a0c:ca40:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5a:69:59:72:00:15:75:fe:24:fb:4d:05:98:c8:77:df:ed:63:
58:23:1a:ce:d7:25:50:11:dc:31:2f:d8:3f:b8:52:9c:d4:67:
41:2c:58:90:ab:37:07:08:8d:07:21:b5:cf:c8:81:7d:56:e9:
ba:2a:23:b7:1b:54:1c:0f:07:8e:16:e0:3e:b1:bd:84:4a:19:
b3:7a:c9:ca:c6:0c:98:06:a4:30:ae:0e:7f:82:0a:b8:32:0b:
60:0c:ac:52:9d:ea:2a:74:ef:04:8d:2a:97:6a:fc:69:37:0d:
b9:5e:43:53:89:34:3b:47:19:3a:2d:76:bb:04:5a:c6:3e:fd:
c0:53:87:20:e4:79:5d:a7:9f:49:04:90:5f:ce:18:eb:26:f7:
24:1d:03:d0:59:31:e8:79:1b:58:91:ce:fd:c1:86:1c:eb:b0:
0b:73:3c:74:21:7b:17:db:b7:ba:c2:86:72:56:78:0a:50:9c:
29:d3:cd:4d:cf:d0:32:ba:3b:85:39:5d:5d:db:c9:dc:51:3d:
9f:52:30:ee:98:71:ca:54:82:83:96:d3:a5:1a:79:13:1a:2a:
12:e5:a8:78:8a:7e:62:ae:e7:f8:2a:9e:de:bb:b6:77:74:46:
d8:23:02:dc:7e:8d:f2:49:9f:f4:f7:a4:c5:2e:86:40:f2:60:
2b:50:71:b5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYqvleISC10kG2MMJXqmZymcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViN2M4MjJkMWU5NDUxN2M4ODUxNWNjOWIzZmMyYmRlMTI5
YjQ1NGMwHhcNMjMwOTE5MjIzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgyMGQ3NjE4YjhlN2IzMTJhNjA2ZTZkNDQzODhhOGMyZGJiZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttadXat3A7jlkOsgHMBYLHEUC69n
XD/4MCYyWvHqY+jQu1lH8SFnM/dqfDVnxoGLDMkKmKzwCTUa6jyXfXiwVA07xcZb
E6AVWDblYQpUgAQItKnH4iOCcfeDOfWOv6ehRqRHUv6vw+nG/Z++lE37kdQdYT77
7QEXgC+CklqPA7M/3a13/WR2UbSMXFinOF7V2ixZtWXbJ1gc5C1xAP6V3Gia865o
M5RnIpvSzdCDIDKUdwlcWdzz8mEl/mNw6Vjf5D6StRIeutLV6lNVlLFKaQJcIUxc
Rs9MPP5fmG9jAtJml2+uy0t3vnfQ4+MvMSM5Hb1z6yzoek5DZsLM8U0ZbQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJGCDXYYuOezEqYG5tRDiKjC273dMB8GA1UdIwQY
MBaAFOt8gi0elFF8iFFcybP8K94Sm0VMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQt
MTA2NDUwNGUyYjk3LzEva1lJTmRoaTQ1N01TcGdibTFFT0lxTUxidmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQtMTA2NDUwNGUyYjk3
LzEvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBALCNwQD
BADCNwYwGgQCAAIwFDASAwcAKgzKQAAFAwcAKgzKQAAGMA0GCSqGSIb3DQEBCwUA
A4IBAQBaaVlyABV1/iT7TQWYyHff7WNYIxrO1yVQEdwxL9g/uFKc1GdBLFiQqzcH
CI0HIbXPyIF9Vum6KiO3G1QcDweOFuA+sb2EShmzesnKxgyYBqQwrg5/ggq4Mgtg
DKxSneoqdO8EjSqXavxpNw25XkNTiTQ7Rxk6LXa7BFrGPv3AU4cg5Hldp59JBJBf
zhjrJvckHQPQWTHoeRtYkc79wYYc67ALczx0IXsX27e6woZyVngKUJwp081Nz9Ay
ujuFOV1d28ncUT2fUjDumHHKVIKDltOlGnkTGioS5ah4in5iruf4Kp7eu7Z3dEbY
IwLcfo3ySZ/096TFLoZA8mArUHG1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org