Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/kJSlXo3Qk3CUNjX4xU-dCEgSvDo.roa
File: kJSlXo3Qk3CUNjX4xU-dCEgSvDo.roa (raw, json)
Hash identifier: C6lJ+7eCXs0yMX7V+Ag+cW/OgfhVrEbuyvpMP3QQ0aE=
Subject key identifier: 90:94:A5:5E:8D:D0:93:70:94:36:35:F8:C5:4F:9D:08:48:12:BC:3A
Certificate issuer: /CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Certificate serial: 0185700278A269EFBC96A909B2A61A9B23CD
Authority key identifier: BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/kJSlXo3Qk3CUNjX4xU-dCEgSvDo.roa
Signing time: Mon 02 Jan 2023 01:04:48 +0000
ROA not before: Mon 02 Jan 2023 01:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41012
IP address blocks: 94.116.0.0/16 maxlen: 16
94.119.128.0/18 maxlen: 18
194.42.124.0/23 maxlen: 23
91.103.32.0/23 maxlen: 23
94.117.0.0/16 maxlen: 16
94.119.255.0/24 maxlen: 24
94.119.64.0/18 maxlen: 18
94.118.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:78:a2:69:ef:bc:96:a9:09:b2:a6:1a:9b:23:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Validity
Not Before: Jan 2 01:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9094a55e8dd09370943635f8c54f9d084812bc3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ed:00:11:34:74:47:7b:65:6d:3e:c3:5e:e4:
27:c5:b3:0a:48:71:55:93:bb:00:f1:b0:24:63:fd:
d4:2c:f7:aa:bb:d1:e4:dd:fe:ca:8b:43:c8:eb:c7:
d2:37:49:1e:2c:cd:a9:05:a5:fd:22:66:b5:97:fd:
33:c9:d9:0b:8d:e6:cb:4b:28:fc:b1:37:94:68:fc:
bf:b3:7b:d5:a4:9c:8d:18:5c:00:7e:41:97:d6:a8:
21:bc:93:cb:e3:98:50:c7:a3:ca:be:0a:34:99:f1:
92:18:ed:ad:bd:33:ad:d6:a9:2b:20:7e:c0:35:d4:
2d:ec:d6:4d:00:3d:3d:03:57:a7:6c:b6:9b:b5:ea:
0e:13:36:d5:42:e5:94:0a:b6:05:03:bd:f1:cc:a4:
e6:4c:c8:d8:78:5d:15:e2:e1:c3:70:aa:a0:de:da:
0a:67:f2:57:01:9f:9b:39:26:30:2f:55:e9:fa:c0:
94:27:fa:ec:f4:9b:c8:2a:73:7a:db:b7:c0:03:87:
63:27:6f:1a:e1:11:4e:cb:f8:23:e1:01:89:d2:55:
82:f7:75:e8:7c:47:e6:d6:9d:c0:74:05:fe:e9:bc:
fe:a2:03:60:dd:65:79:83:1a:0c:97:ce:9b:14:77:
c6:c1:4d:0b:68:fb:f5:5d:7b:a6:98:37:dd:38:f4:
cd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:94:A5:5E:8D:D0:93:70:94:36:35:F8:C5:4F:9D:08:48:12:BC:3A
X509v3 Authority Key Identifier:
keyid:BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/kJSlXo3Qk3CUNjX4xU-dCEgSvDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.32.0/23
94.116.0.0-94.118.255.255
94.119.64.0-94.119.191.255
94.119.255.0/24
194.42.124.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:58:0d:50:73:1b:e4:35:5b:e5:3b:36:e3:9b:de:87:fe:1d:
40:c8:e7:58:96:ab:37:1a:18:05:53:6f:0d:60:e1:e6:99:73:
8d:61:e1:a7:b6:ad:a2:40:9f:92:22:8f:92:a7:5a:fe:c8:2d:
d5:a6:1b:43:b2:ff:f2:eb:8e:e4:dd:23:06:43:1b:df:a6:2f:
ad:ff:58:72:c5:e7:06:e7:4f:de:fa:05:87:90:f5:3c:e3:75:
a8:94:e9:1a:f1:5f:e3:5e:76:31:13:f0:29:e5:bd:a9:85:57:
f7:10:6d:b1:f6:db:43:22:27:37:2c:17:55:8f:d2:29:dd:a9:
6a:31:1c:c2:0a:eb:54:59:47:a9:f2:22:f9:18:55:64:b5:81:
33:78:61:fd:92:55:86:0d:48:d5:14:3f:29:6a:f6:78:8d:79:
7e:0b:46:ef:bd:8c:70:dd:c2:95:0c:6b:b4:96:a1:28:f7:73:
ea:93:6c:72:cc:a8:07:ab:15:74:05:1f:58:6f:9c:c4:67:0a:
ca:dd:00:28:46:47:1b:17:ed:20:c1:30:98:28:57:f1:19:f0:
cc:e6:6a:27:88:84:dc:f3:1c:46:ea:d6:db:86:55:5f:19:c9:
d7:b2:29:c3:09:65:16:f8:71:25:e7:8d:ed:15:ab:55:81:b2:
60:b8:6a:1f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVwAniiae+8lqkJsqYamyPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDM5OTUyODliNmE1Y2E5NzJjNGI4N2I1ZTMxNDljMzJj
YjQ0MzAwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDk0YTU1ZThkZDA5MzcwOTQzNjM1ZjhjNTRmOWQwODQ4MTJiYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+0AETR0R3tlbT7DXuQnxbMKSHFV
k7sA8bAkY/3ULPequ9Hk3f7Ki0PI68fSN0keLM2pBaX9Ima1l/0zydkLjebLSyj8
sTeUaPy/s3vVpJyNGFwAfkGX1qghvJPL45hQx6PKvgo0mfGSGO2tvTOt1qkrIH7A
NdQt7NZNAD09A1enbLabteoOEzbVQuWUCrYFA73xzKTmTMjYeF0V4uHDcKqg3toK
Z/JXAZ+bOSYwL1Xp+sCUJ/rs9JvIKnN627fAA4djJ28a4RFOy/gj4QGJ0lWC93Xo
fEfm1p3AdAX+6bz+ogNg3WV5gxoMl86bFHfGwU0LaPv1XXummDfdOPTNgwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJCUpV6N0JNwlDY1+MVPnQhIErw6MB8GA1UdIwQY
MBaAFL5DmVKJtqXKlyxLh7XjFJwyy0QwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTIt
MzA2MDQ1ZWZjZDY4LzEva0pTbFhvM1FrM0NVTmpYNHhVLWRDRWdTdkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTItMzA2MDQ1ZWZjZDY4
LzEvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBW2cgMAoD
AwJedAMDAF52MAwDBAZed0ADBAZed4ADBABed/8DBAHCKnwwDQYJKoZIhvcNAQEL
BQADggEBAI5YDVBzG+Q1W+U7NuOb3of+HUDI51iWqzcaGAVTbw1g4eaZc41h4ae2
raJAn5Iij5KnWv7ILdWmG0Oy//LrjuTdIwZDG9+mL63/WHLF5wbnT976BYeQ9Tzj
daiU6RrxX+NedjET8CnlvamFV/cQbbH220MiJzcsF1WP0indqWoxHMIK61RZR6ny
IvkYVWS1gTN4Yf2SVYYNSNUUPylq9niNeX4LRu+9jHDdwpUMa7SWoSj3c+qTbHLM
qAerFXQFH1hvnMRnCsrdAChGRxsX7SDBMJgoV/EZ8MzmaieIhNzzHEbq1tuGVV8Z
ydeyKcMJZRb4cSXnje0Vq1WBsmC4ah8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:35 2024 by rpki-client on console-fra.rpki-client.org