Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/kWKFNhS0dVjduKgBIDNYh8sxVIU.roa
File: kWKFNhS0dVjduKgBIDNYh8sxVIU.roa (raw, json)
Hash identifier: 3l3awZB5IDrwEdY3TSRjxtW3WfiGTs5HNcc2brmBZU8=
Subject key identifier: 91:62:85:36:14:B4:75:58:DD:B8:A8:01:20:33:58:87:CB:31:54:85
Certificate issuer: /CN=bfd070b0c9add92972fefc566c112d93717c4d6c
Certificate serial: 0185720C513EBA3BA224F9AB72CB0BB8A288
Authority key identifier: BF:D0:70:B0:C9:AD:D9:29:72:FE:FC:56:6C:11:2D:93:71:7C:4D:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9BwsMmt2Sly_vxWbBEtk3F8TWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/kWKFNhS0dVjduKgBIDNYh8sxVIU.roa
Signing time: Mon 02 Jan 2023 10:34:47 +0000
ROA not before: Mon 02 Jan 2023 10:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49586
IP address blocks: 185.7.132.0/22 maxlen: 22
188.95.240.0/21 maxlen: 21
188.95.240.64/26 maxlen: 26
137.221.24.0/21 maxlen: 21
137.221.25.64/27 maxlen: 27
188.95.240.208/29 maxlen: 29
188.95.240.216/29 maxlen: 29
188.95.240.248/29 maxlen: 29
2a00:10b0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Jul 2023 08:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:51:3e:ba:3b:a2:24:f9:ab:72:cb:0b:b8:a2:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd070b0c9add92972fefc566c112d93717c4d6c
Validity
Not Before: Jan 2 10:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9162853614b47558ddb8a80120335887cb315485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c7:c8:a6:e5:0c:78:ce:17:f6:00:64:d1:9c:
bd:9f:b6:9b:b8:fa:98:de:4f:44:14:7d:2d:1c:99:
94:4f:8b:fd:92:98:13:49:90:e1:48:76:f9:2c:b1:
78:7d:05:b9:09:3f:f6:f1:ab:e1:24:67:51:63:e5:
30:41:f9:bc:ad:45:d2:99:b5:cf:8b:b9:31:9d:3d:
1f:5f:99:c3:3f:d4:74:06:ee:b1:1a:2b:1e:7c:48:
4f:b6:0e:a0:8d:09:a7:38:0b:4d:20:95:fa:e8:b6:
27:04:00:69:07:0d:b1:4a:e4:bd:b9:23:16:7c:f5:
98:4c:11:5a:d2:68:fc:93:07:d0:f8:7b:c0:37:6c:
c6:05:2e:c2:a5:a7:37:81:bf:46:79:81:83:8e:c4:
fd:7c:67:1f:27:dd:70:ef:e0:39:6e:cc:7d:57:dc:
56:d0:32:34:fe:fb:d0:5f:a0:a9:c5:ff:60:72:32:
fa:a3:df:fb:09:f0:7b:05:38:62:d2:03:e8:14:5c:
ea:e4:7f:24:d8:af:19:3b:36:11:76:50:9f:21:7b:
e4:5f:1a:56:03:b3:9b:85:fd:04:81:ad:6b:f1:04:
ac:7d:6e:b8:1c:19:c5:c2:11:e6:56:80:ec:b9:a4:
79:38:7d:7e:36:ed:05:44:1e:cf:0b:c5:c4:25:91:
32:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:62:85:36:14:B4:75:58:DD:B8:A8:01:20:33:58:87:CB:31:54:85
X509v3 Authority Key Identifier:
keyid:BF:D0:70:B0:C9:AD:D9:29:72:FE:FC:56:6C:11:2D:93:71:7C:4D:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9BwsMmt2Sly_vxWbBEtk3F8TWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/kWKFNhS0dVjduKgBIDNYh8sxVIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/v9BwsMmt2Sly_vxWbBEtk3F8TWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.221.24.0/21
185.7.132.0/22
188.95.240.0/21
IPv6:
2a00:10b0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:68:f1:bf:12:a6:28:80:41:f0:37:c1:eb:63:54:f0:61:68:
60:3c:a7:4e:8c:56:4e:95:a2:0e:8f:d0:d5:2e:f6:9e:9a:50:
f5:58:de:6a:59:61:e3:39:71:87:56:b1:c3:d7:61:77:9e:b4:
51:30:fe:3d:36:98:cc:aa:5e:e6:07:90:ea:4b:f1:72:eb:47:
a4:36:17:11:08:89:49:1d:73:b9:92:37:e0:b4:0a:02:05:90:
2f:94:ed:64:3b:97:7e:33:f9:c6:81:ab:ba:8d:a9:1c:57:62:
98:ed:f8:99:50:f4:d8:29:46:09:b1:fa:aa:a4:1e:0f:9f:1f:
6f:d0:6f:f7:8d:34:3f:8c:b4:70:a4:7c:db:69:0e:80:6b:9e:
00:0d:06:d6:39:b5:e0:f5:9e:41:c7:0a:37:76:c5:ae:b0:b9:
53:8c:33:d8:74:06:f4:3c:27:1c:bb:66:bf:d3:d9:16:33:bf:
f4:11:ed:cd:32:cd:10:89:db:89:89:b7:56:05:6e:e2:39:49:
68:e0:d0:0e:03:2e:80:a4:31:b4:d6:72:19:c8:1e:de:cd:72:
50:79:b7:f1:b4:5f:6c:35:ea:c8:ca:6a:0f:8d:47:99:98:6d:
bd:4d:24:51:c6:03:07:a3:cc:2e:bc:6f:a9:f5:68:ed:2e:af:
35:30:1c:d4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyDFE+ujuiJPmrcssLuKKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDA3MGIwYzlhZGQ5Mjk3MmZlZmM1NjZjMTEyZDkzNzE3
YzRkNmMwHhcNMjMwMTAyMTAzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTYyODUzNjE0YjQ3NTU4ZGRiOGE4MDEyMDMzNTg4N2NiMzE1NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8fIpuUMeM4X9gBk0Zy9n7abuPqY
3k9EFH0tHJmUT4v9kpgTSZDhSHb5LLF4fQW5CT/28avhJGdRY+UwQfm8rUXSmbXP
i7kxnT0fX5nDP9R0Bu6xGisefEhPtg6gjQmnOAtNIJX66LYnBABpBw2xSuS9uSMW
fPWYTBFa0mj8kwfQ+HvAN2zGBS7Cpac3gb9GeYGDjsT9fGcfJ91w7+A5bsx9V9xW
0DI0/vvQX6Cpxf9gcjL6o9/7CfB7BThi0gPoFFzq5H8k2K8ZOzYRdlCfIXvkXxpW
A7Obhf0Ega1r8QSsfW64HBnFwhHmVoDsuaR5OH1+Nu0FRB7PC8XEJZEyRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJFihTYUtHVY3bioASAzWIfLMVSFMB8GA1UdIwQY
MBaAFL/QcLDJrdkpcv78VmwRLZNxfE1sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjlCd3NNbXQyU2x5X3Z4V2JCRXRrM0Y4VFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xOTU0MjctNDQyNS00NTU2LTllYTYt
NTNjY2E4MWU5MjI0LzEva1dLRk5oUzBkVmpkdUtnQklETlloOHN4VklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xOTU0MjctNDQyNS00NTU2LTllYTYtNTNjY2E4MWU5MjI0
LzEvdjlCd3NNbXQyU2x5X3Z4V2JCRXRrM0Y4VFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDid0YAwQC
uQeEAwQDvF/wMA0EAgACMAcDBQMqABCwMA0GCSqGSIb3DQEBCwUAA4IBAQAKaPG/
EqYogEHwN8HrY1TwYWhgPKdOjFZOlaIOj9DVLvaemlD1WN5qWWHjOXGHVrHD12F3
nrRRMP49NpjMql7mB5DqS/Fy60ekNhcRCIlJHXO5kjfgtAoCBZAvlO1kO5d+M/nG
gau6jakcV2KY7fiZUPTYKUYJsfqqpB4Pnx9v0G/3jTQ/jLRwpHzbaQ6Aa54ADQbW
ObXg9Z5Bxwo3dsWusLlTjDPYdAb0PCccu2a/09kWM7/0Ee3NMs0QiduJibdWBW7i
OUlo4NAOAy6ApDG01nIZyB7ezXJQebfxtF9sNerIymoPjUeZmG29TSRRxgMHo8wu
vG+p9WjtLq81MBzU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:23 2024 by rpki-client on console-ams.rpki-client.org