Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/KkmxjZDYC2SkLgJ-td6mQOnhdvM.roa
File: KkmxjZDYC2SkLgJ-td6mQOnhdvM.roa (raw, json)
Hash identifier: nExm7Xdzba9HU9bn4f7PvJmwiIXZHvAVbKStIb+/xTI=
Subject key identifier: 2A:49:B1:8D:90:D8:0B:64:A4:2E:02:7E:B5:DE:A6:40:E9:E1:76:F3
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 018CC6B7A3D3C6A806DF11D19AAFBA8F4232
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/KkmxjZDYC2SkLgJ-td6mQOnhdvM.roa
Signing time: Mon 01 Jan 2024 20:29:32 +0000
ROA not before: Mon 01 Jan 2024 20:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 147.189.163.0/24 maxlen: 24
31.25.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 08:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a3:d3:c6:a8:06:df:11:d1:9a:af:ba:8f:42:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 1 20:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a49b18d90d80b64a42e027eb5dea640e9e176f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1b:5b:44:f9:2b:cf:27:8e:d0:55:ef:a8:39:
5d:50:3d:ce:fa:c6:85:70:e1:f1:07:34:57:4f:f3:
7a:ab:93:04:f9:a4:b4:c9:de:ed:91:5a:74:df:33:
a5:80:2d:00:dc:14:36:a4:3f:8c:1e:fe:26:9d:f6:
a8:54:23:a1:9f:6f:45:72:4c:5e:50:59:32:9e:15:
fc:ac:ab:04:c2:bb:75:3e:aa:1e:5f:3f:4f:4d:51:
8c:10:ea:36:a5:00:b9:73:08:1d:26:e8:6d:3f:c2:
bb:60:6a:fc:b6:b7:b4:5f:c2:ef:19:e4:80:82:ca:
61:c7:eb:fc:00:3f:c8:28:c9:54:2b:11:bf:e4:2e:
f5:d8:64:49:e6:66:42:88:f9:ac:57:8e:ef:2c:5e:
6f:93:a9:e7:4b:3f:f8:63:aa:47:69:02:b3:12:05:
71:53:01:92:b8:87:7d:c0:e1:1b:16:e3:e6:39:b6:
9b:d3:23:3b:4d:ea:fb:ec:25:17:82:91:2d:4e:c0:
6a:7e:9e:ba:d1:42:35:30:36:4d:48:f7:d9:95:fc:
96:8b:64:29:81:b6:75:82:87:37:36:e1:da:e6:a6:
6c:16:f5:bf:ab:c5:9f:c6:80:55:24:48:0d:db:49:
74:84:ac:ee:27:74:cc:15:80:9a:55:45:57:9c:cc:
16:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:49:B1:8D:90:D8:0B:64:A4:2E:02:7E:B5:DE:A6:40:E9:E1:76:F3
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/KkmxjZDYC2SkLgJ-td6mQOnhdvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
147.189.163.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:2c:6d:a0:4b:c7:08:5e:d8:7e:1a:6b:74:00:bb:c7:64:21:
d4:c9:16:21:4f:d3:37:ee:22:9e:f9:61:bb:a2:45:43:80:25:
b1:a2:6d:e5:c3:12:27:fd:b3:a3:9b:52:3f:c2:ac:9d:85:ed:
ba:e0:10:17:ec:9c:df:d8:38:b1:19:c7:c9:d0:f2:e9:d2:ae:
ab:b1:38:0d:58:19:68:4a:aa:d8:07:bb:7b:d3:f3:31:1f:aa:
50:c6:0b:fe:fe:e6:67:7b:62:42:4b:d4:08:62:7e:79:a7:cb:
8f:d2:c0:71:66:b2:28:b4:b7:2d:88:31:1b:f5:88:9d:be:e4:
cc:1f:3f:65:0d:a4:7c:1e:55:b4:1a:f1:a1:99:7b:ee:3a:dc:
6a:6a:7c:c3:84:a5:fc:4c:61:8b:fb:63:5b:fa:31:03:a6:3b:
43:d9:18:43:ec:5d:22:5e:2c:04:63:e3:54:5d:ad:10:83:aa:
38:ab:f2:0e:c3:55:a8:0c:b1:64:98:b5:3f:81:0b:77:72:b3:
f6:0d:1e:a7:1d:0c:a3:13:22:0b:ac:6b:f4:8a:03:1d:f6:8f:
13:51:8f:6d:4c:c5:9f:c5:08:92:ea:8c:b7:0e:fd:f9:cd:34:
d7:a1:32:79:1e:3d:91:a6:b8:31:7b:1d:68:e9:44:8c:b2:c3:
36:80:60:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt6PTxqgG3xHRmq+6j0IyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjQwMTAxMjAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ5YjE4ZDkwZDgwYjY0YTQyZTAyN2ViNWRlYTY0MGU5ZTE3NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBtbRPkrzyeO0FXvqDldUD3O+saF
cOHxBzRXT/N6q5ME+aS0yd7tkVp03zOlgC0A3BQ2pD+MHv4mnfaoVCOhn29Fckxe
UFkynhX8rKsEwrt1PqoeXz9PTVGMEOo2pQC5cwgdJuhtP8K7YGr8tre0X8LvGeSA
gsphx+v8AD/IKMlUKxG/5C712GRJ5mZCiPmsV47vLF5vk6nnSz/4Y6pHaQKzEgVx
UwGSuId9wOEbFuPmObab0yM7Ter77CUXgpEtTsBqfp660UI1MDZNSPfZlfyWi2Qp
gbZ1goc3NuHa5qZsFvW/q8WfxoBVJEgN20l0hKzuJ3TMFYCaVUVXnMwW4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpJsY2Q2AtkpC4CfrXepkDp4XbzMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvS2tteGpaRFlDMlNrTGdKLXRkNm1RT25oZHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHxkLAwQA
k72jMA0GCSqGSIb3DQEBCwUAA4IBAQDQLG2gS8cIXth+Gmt0ALvHZCHUyRYhT9M3
7iKe+WG7okVDgCWxom3lwxIn/bOjm1I/wqydhe264BAX7Jzf2DixGcfJ0PLp0q6r
sTgNWBloSqrYB7t70/MxH6pQxgv+/uZne2JCS9QIYn55p8uP0sBxZrIotLctiDEb
9YidvuTMHz9lDaR8HlW0GvGhmXvuOtxqanzDhKX8TGGL+2Nb+jEDpjtD2RhD7F0i
XiwEY+NUXa0Qg6o4q/IOw1WoDLFkmLU/gQt3crP2DR6nHQyjEyILrGv0igMd9o8T
UY9tTMWfxQiS6oy3Dv35zTTXoTJ5Hj2Rprgxex1o6USMssM2gGA6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:06 2024 by rpki-client on console-ams.rpki-client.org