Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/KFXN044FIir9QvUf6vYrlsSxA0Q.roa
File: KFXN044FIir9QvUf6vYrlsSxA0Q.roa (raw, json)
Hash identifier: lykEE56F8vrGFPhAESZrG+Mg2LW0Bj8p8KHDD1NEWpQ=
Subject key identifier: 28:55:CD:D3:8E:05:22:2A:FD:42:F5:1F:EA:F6:2B:96:C4:B1:03:44
Certificate issuer: /CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Certificate serial: 01857070773A6D288895AFCAE705F8EC79A7
Authority key identifier: A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/KFXN044FIir9QvUf6vYrlsSxA0Q.roa
Signing time: Mon 02 Jan 2023 03:04:56 +0000
ROA not before: Mon 02 Jan 2023 03:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147293
IP address blocks: 146.19.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:77:3a:6d:28:88:95:af:ca:e7:05:f8:ec:79:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Validity
Not Before: Jan 2 03:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2855cdd38e05222afd42f51feaf62b96c4b10344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:45:60:ac:9f:e2:7a:53:2a:c1:9c:e3:e0:59:
9b:6c:ec:6d:c3:f9:37:25:62:7c:28:5c:6d:34:0d:
6b:da:00:0e:fc:3c:48:ef:7b:30:53:7c:12:49:4e:
6b:17:a6:fd:e9:ee:cf:c5:0b:ff:f1:56:cd:2f:6d:
62:1b:81:cf:e8:a3:46:07:0c:df:0e:61:3e:ee:31:
4a:b7:c4:2a:f5:0a:a7:76:fd:9f:e8:61:00:7f:3e:
9c:60:4c:5c:24:fb:17:6f:c9:f6:d2:5c:67:3f:dc:
21:9b:f1:17:87:0e:6b:2a:5b:12:2f:f0:04:59:fe:
70:85:38:c7:50:ab:7d:dc:f1:45:1c:9c:d2:43:ad:
67:cd:87:5d:7d:9f:b8:db:5b:21:44:28:9c:59:57:
9e:d5:59:70:f4:f4:96:d0:ac:d1:74:8c:eb:44:8d:
46:a0:ec:61:3d:d6:50:ca:36:ba:9f:67:27:7e:66:
05:eb:87:dd:d6:47:ca:45:fd:5d:28:92:2b:22:ff:
03:ea:2d:2a:3b:1c:26:b7:47:c5:26:3f:89:df:d1:
8b:59:35:fa:15:20:58:2b:d1:bf:e4:8e:89:af:1a:
f1:32:be:e8:30:73:85:5a:bb:d6:b3:98:d0:3d:07:
87:24:1e:3b:e9:81:9e:29:81:ef:18:15:41:b8:46:
60:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:55:CD:D3:8E:05:22:2A:FD:42:F5:1F:EA:F6:2B:96:C4:B1:03:44
X509v3 Authority Key Identifier:
keyid:A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/KFXN044FIir9QvUf6vYrlsSxA0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.174.0/24
Signature Algorithm: sha256WithRSAEncryption
80:ff:ba:bf:4d:42:30:c4:6a:45:e3:2b:dd:49:d3:fa:f1:18:
ce:74:13:aa:43:ef:3c:a9:90:0d:82:40:8c:67:fa:da:40:92:
8b:42:21:1c:b6:08:62:64:1d:7b:55:d9:de:d1:c3:0e:66:df:
52:bc:81:f4:a2:e1:0e:04:75:f5:5b:f5:b4:e1:bc:29:1c:8f:
0c:25:35:46:c8:0c:c9:0c:ec:52:17:69:f2:c7:99:6f:97:18:
fe:93:53:8f:14:8b:4d:d8:31:ae:d2:3f:ca:ef:bc:00:94:8c:
4c:6e:e1:9a:ba:30:af:cd:9e:ae:c3:cb:82:9b:84:b7:09:c9:
8a:c9:d8:06:a8:34:bb:6a:c5:23:96:1a:62:f7:19:8c:69:b1:
bf:fa:fa:80:34:54:87:fe:8f:32:ff:10:eb:bb:74:15:03:43:
e4:6f:28:99:90:fb:79:6b:40:fb:e0:8b:0c:c8:32:16:5b:19:
fc:c7:e3:a0:a1:6d:19:9e:94:99:b6:1a:e2:48:99:ad:6a:99:
07:74:2c:3a:99:bd:64:bf:50:a2:f5:64:c5:5f:b3:72:97:aa:
39:ef:aa:fe:88:1e:2c:1e:be:80:8d:92:86:de:dc:f9:83:c2:
0c:9c:2b:c0:c4:af:1a:3c:32:95:ad:d6:e8:9d:9c:af:a3:aa:
ba:af:57:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcHc6bSiIla/K5wX47HmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGY3ZjViNjYxOGJkYTIzYzgzYmVkMTFiNDQyMDQxZjFm
YjQ1NmQwHhcNMjMwMTAyMDMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU1Y2RkMzhlMDUyMjJhZmQ0MmY1MWZlYWY2MmI5NmM0YjEwMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUVgrJ/ielMqwZzj4FmbbOxtw/k3
JWJ8KFxtNA1r2gAO/DxI73swU3wSSU5rF6b96e7PxQv/8VbNL21iG4HP6KNGBwzf
DmE+7jFKt8Qq9Qqndv2f6GEAfz6cYExcJPsXb8n20lxnP9whm/EXhw5rKlsSL/AE
Wf5whTjHUKt93PFFHJzSQ61nzYddfZ+421shRCicWVee1Vlw9PSW0KzRdIzrRI1G
oOxhPdZQyja6n2cnfmYF64fd1kfKRf1dKJIrIv8D6i0qOxwmt0fFJj+J39GLWTX6
FSBYK9G/5I6JrxrxMr7oMHOFWrvWs5jQPQeHJB476YGeKYHvGBVBuEZgkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChVzdOOBSIq/UL1H+r2K5bEsQNEMB8GA1UdIwQY
MBaAFKDff1tmGL2iPIO+0RtEIEHx+0VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEt
NWY0YmM5MDBjMDNkLzEvS0ZYTjA0NEZJaXI5UXZVZjZ2WXJsc1N4QTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEtNWY0YmM5MDBjMDNk
LzEvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOuMA0G
CSqGSIb3DQEBCwUAA4IBAQCA/7q/TUIwxGpF4yvdSdP68RjOdBOqQ+88qZANgkCM
Z/raQJKLQiEctghiZB17Vdne0cMOZt9SvIH0ouEOBHX1W/W04bwpHI8MJTVGyAzJ
DOxSF2nyx5lvlxj+k1OPFItN2DGu0j/K77wAlIxMbuGaujCvzZ6uw8uCm4S3CcmK
ydgGqDS7asUjlhpi9xmMabG/+vqANFSH/o8y/xDru3QVA0PkbyiZkPt5a0D74IsM
yDIWWxn8x+OgoW0ZnpSZthriSJmtapkHdCw6mb1kv1Ci9WTFX7Nyl6o576r+iB4s
Hr6AjZKG3tz5g8IMnCvAxK8aPDKVrdbonZyvo6q6r1eW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:10 2024 by rpki-client on console-ams.rpki-client.org