Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/khfICfhKZTVWan4cK81XHKawnl0.roa
File: khfICfhKZTVWan4cK81XHKawnl0.roa (raw, json)
Hash identifier: z+yu/Gc4G+ULDJUnz/klFl2j8lH8mx0qUt4laA6M55Y=
Subject key identifier: 92:17:C8:09:F8:4A:65:35:56:6A:7E:1C:2B:CD:57:1C:A6:B0:9E:5D
Certificate issuer: /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial: 0192029D2FB534119BC9D6855EB3D5042CE4
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/khfICfhKZTVWan4cK81XHKawnl0.roa
Signing time: Wed 18 Sep 2024 00:51:48 +0000
ROA not before: Wed 18 Sep 2024 00:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.235.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 13:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:02:9d:2f:b5:34:11:9b:c9:d6:85:5e:b3:d5:04:2c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Validity
Not Before: Sep 18 00:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9217c809f84a6535566a7e1c2bcd571ca6b09e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:92:b5:23:2b:93:96:20:e4:b2:e9:76:2d:64:
1e:0c:3e:f4:67:87:4b:42:d3:a0:80:1e:50:79:85:
7d:ec:6f:9f:55:4e:dd:be:97:ce:18:df:ec:0e:ee:
9a:d5:77:4e:6c:fc:8c:cd:de:13:0e:14:9d:60:47:
64:e3:9f:b4:0d:bc:2f:53:5a:24:1d:18:60:1b:9c:
d8:0e:5c:f1:d3:2f:b7:e6:20:c3:d4:36:d9:59:b1:
e1:d7:cf:fe:63:6f:40:53:f6:08:ef:7e:29:64:47:
26:d8:ca:83:51:e3:a9:ed:ba:0e:73:64:b3:cf:41:
fd:6b:0a:15:54:64:86:25:62:1e:4f:f6:1d:c3:3a:
a6:af:62:66:80:7f:bb:81:82:0e:8f:c8:78:19:d9:
24:8d:9c:39:d2:4f:de:3b:99:e0:6f:37:09:f6:10:
b3:16:db:09:97:00:95:c9:c4:36:ee:de:52:dd:ab:
7b:17:22:e9:4b:ab:a8:09:ee:db:48:24:24:e6:54:
77:52:27:d8:d8:5e:1a:32:b7:6e:54:64:96:0b:db:
67:3d:e5:3d:bb:fb:82:2a:6d:7d:16:34:de:9b:08:
cc:70:f2:90:29:d3:57:46:a5:23:43:88:90:41:04:
6d:8f:0d:6f:46:8a:af:9d:78:5a:03:52:7c:fe:4e:
a7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:17:C8:09:F8:4A:65:35:56:6A:7E:1C:2B:CD:57:1C:A6:B0:9E:5D
X509v3 Authority Key Identifier:
keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/khfICfhKZTVWan4cK81XHKawnl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.2.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:0d:03:8e:6e:97:ad:4e:75:d6:c8:09:db:ac:20:45:16:b2:
81:24:61:1c:26:b1:38:05:07:90:4a:48:9c:1b:37:bc:e3:c0:
de:e0:e2:c2:0b:4b:30:75:a0:ea:be:07:0e:01:36:63:59:72:
b2:3f:cc:83:9e:40:98:d9:a6:fb:02:39:c8:21:0d:47:9c:ed:
92:ef:6d:ee:9d:d4:80:ea:f8:6a:3d:51:e4:f4:86:8e:99:6c:
73:79:ff:91:27:10:e8:db:30:be:3c:be:e6:26:1c:ca:56:7b:
a2:59:d1:c7:36:3d:45:d8:b1:96:99:44:ad:fc:e5:34:f4:cd:
2c:1b:a5:39:9e:3b:11:e0:35:9c:d3:f2:55:9d:c0:b0:4b:1d:
b2:56:60:1a:24:4e:ec:83:be:a9:08:cb:7f:74:89:00:cc:d3:
ae:ec:cf:98:38:58:3b:03:b7:7f:c8:5b:02:3c:a4:f7:59:10:
ae:bb:46:33:7c:7d:03:a1:39:10:08:49:fc:69:a0:f9:af:08:
62:b5:27:6b:65:03:88:e2:1c:c7:99:e0:16:1f:1b:d4:36:f0:
62:0a:9a:6b:71:a9:50:7c:57:49:d2:86:44:8f:c4:bd:c9:c3:
64:85:b1:22:36:ea:7f:1b:18:c4:f7:75:81:fc:34:a2:f6:d8:
80:11:7c:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZICnS+1NBGbydaFXrPVBCzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjQwOTE4MDA1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE3YzgwOWY4NGE2NTM1NTY2YTdlMWMyYmNkNTcxY2E2YjA5ZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpK1IyuTliDksul2LWQeDD70Z4dL
QtOggB5QeYV97G+fVU7dvpfOGN/sDu6a1XdObPyMzd4TDhSdYEdk45+0DbwvU1ok
HRhgG5zYDlzx0y+35iDD1DbZWbHh18/+Y29AU/YI734pZEcm2MqDUeOp7boOc2Sz
z0H9awoVVGSGJWIeT/Ydwzqmr2JmgH+7gYIOj8h4GdkkjZw50k/eO5ngbzcJ9hCz
FtsJlwCVycQ27t5S3at7FyLpS6uoCe7bSCQk5lR3UifY2F4aMrduVGSWC9tnPeU9
u/uCKm19FjTemwjMcPKQKdNXRqUjQ4iQQQRtjw1vRoqvnXhaA1J8/k6nywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIXyAn4SmU1Vmp+HCvNVxymsJ5dMB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEva2hmSUNmaEtaVFZXYW40Y0s4MVhIS2F3bmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+sCMA0G
CSqGSIb3DQEBCwUAA4IBAQCsDQOObpetTnXWyAnbrCBFFrKBJGEcJrE4BQeQSkic
Gze848De4OLCC0swdaDqvgcOATZjWXKyP8yDnkCY2ab7AjnIIQ1HnO2S723undSA
6vhqPVHk9IaOmWxzef+RJxDo2zC+PL7mJhzKVnuiWdHHNj1F2LGWmUSt/OU09M0s
G6U5njsR4DWc0/JVncCwSx2yVmAaJE7sg76pCMt/dIkAzNOu7M+YOFg7A7d/yFsC
PKT3WRCuu0YzfH0DoTkQCEn8aaD5rwhitSdrZQOI4hzHmeAWHxvUNvBiCpprcalQ
fFdJ0oZEj8S9ycNkhbEiNup/GxjE93WB/DSi9tiAEXx3
-----END CERTIFICATE-----
Generated at Thu Sep 19 17:07:57 2024 by rpki-client on console-fra.rpki-client.org