Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/klQkB-etfmA4H2K0X66TOtS3dRg.roa
File: klQkB-etfmA4H2K0X66TOtS3dRg.roa (raw, json)
Hash identifier: NATF1tABpwvVsT9kjMbeNZACmoZfk7Zk9Bcg+evo/tE=
Subject key identifier: 92:54:24:07:E7:AD:7E:60:38:1F:62:B4:5F:AE:93:3A:D4:B7:75:18
Certificate issuer: /CN=fad0fb39d6b11fd15fcbb4163403155d1d455c05
Certificate serial: 018CC26D1F9FA1929560FFF562EBD7D146D5
Authority key identifier: FA:D0:FB:39:D6:B1:1F:D1:5F:CB:B4:16:34:03:15:5D:1D:45:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tD7OdaxH9Ffy7QWNAMVXR1FXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/klQkB-etfmA4H2K0X66TOtS3dRg.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205685
IP address blocks: 185.209.68.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1f:9f:a1:92:95:60:ff:f5:62:eb:d7:d1:46:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad0fb39d6b11fd15fcbb4163403155d1d455c05
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92542407e7ad7e60381f62b45fae933ad4b77518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:8f:a6:b2:13:d7:bb:a2:ef:62:33:df:f8:
54:24:e7:28:05:c2:d2:c4:00:d1:b6:20:29:07:f6:
ec:88:93:aa:41:f9:65:6a:3f:6a:3c:bd:ee:f0:1d:
a1:43:98:c2:cf:34:4c:f6:0c:d1:1b:ad:51:c0:1e:
80:1b:21:d5:7c:1d:65:e6:f4:87:68:38:f3:6b:bc:
8c:2d:d7:fe:26:22:00:9f:4a:1b:f3:57:42:30:46:
49:ba:0e:71:4b:83:bd:27:fc:f9:5b:0c:78:36:38:
e1:8d:ce:cb:a4:02:4c:0d:d2:52:7e:26:52:d2:5d:
c4:a9:d1:2d:de:2a:af:a1:b9:c0:aa:c0:54:96:7a:
06:d6:1b:81:51:73:65:0c:57:06:0d:c3:b4:3c:26:
4a:71:e7:35:f8:4a:68:cd:d4:57:34:f3:da:26:e5:
7d:ed:63:90:f3:23:46:36:28:e6:b7:90:0a:74:cb:
ce:6d:05:45:cf:40:15:d3:e4:f5:cd:41:d3:7d:d4:
c8:cc:f9:18:c9:94:bc:43:ce:e5:ea:ae:6c:01:8e:
5d:86:e7:20:36:41:10:33:41:ec:17:39:7b:88:85:
25:88:bc:a7:2c:23:91:1b:c2:33:de:61:29:f2:6a:
c2:93:ee:28:9f:6f:cb:e9:47:89:ad:ee:44:f5:cb:
d6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:54:24:07:E7:AD:7E:60:38:1F:62:B4:5F:AE:93:3A:D4:B7:75:18
X509v3 Authority Key Identifier:
keyid:FA:D0:FB:39:D6:B1:1F:D1:5F:CB:B4:16:34:03:15:5D:1D:45:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tD7OdaxH9Ffy7QWNAMVXR1FXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/klQkB-etfmA4H2K0X66TOtS3dRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/1-tD7OdaxH9Ffy7QWNAMVXR1FXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.68.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:3a:32:51:98:75:28:a3:47:b7:87:14:83:41:d4:d3:1c:bd:
51:11:e2:97:0b:68:cc:91:6d:5a:14:d9:51:55:14:23:77:92:
e9:5b:ff:9c:92:f9:60:ac:66:7e:fe:a4:30:ff:4b:5b:e7:58:
75:db:3e:35:fb:86:fa:07:93:56:b0:df:28:57:0b:6f:89:70:
97:a1:68:2c:0e:d4:03:eb:e2:21:00:ce:2f:9a:e5:52:55:d9:
29:ea:f8:6a:a7:e3:8d:f3:eb:36:5d:b3:4a:73:ec:04:66:9c:
ea:93:af:5b:55:00:a3:0e:95:28:2e:45:99:2c:87:10:96:30:
b6:2a:45:fa:28:48:a2:1d:a0:00:94:bd:13:15:02:a1:f3:1f:
9e:87:ef:ef:86:84:1c:b0:33:33:b1:1a:61:4c:34:55:36:d6:
39:64:83:6d:78:a8:e0:f6:74:b6:1d:8d:71:02:ba:21:56:fe:
48:32:77:80:74:00:4e:70:e9:b6:e5:e4:73:fc:0c:bc:80:fe:
98:19:32:a4:08:d8:49:88:71:3b:05:15:b2:30:bf:59:c7:3f:
61:f0:15:e2:66:fb:f0:5b:d8:61:1b:1e:5f:8c:2f:4e:da:9e:
6a:b8:ec:0c:fd:2b:65:bb:da:72:35:28:53:d6:9a:d3:99:5d:
be:e0:f1:43
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzCbR+foZKVYP/1YuvX0UbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDBmYjM5ZDZiMTFmZDE1ZmNiYjQxNjM0MDMxNTVkMWQ0
NTVjMDUwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjU0MjQwN2U3YWQ3ZTYwMzgxZjYyYjQ1ZmFlOTMzYWQ0Yjc3NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3aPprIT17ui72Iz3/hUJOcoBcLS
xADRtiApB/bsiJOqQfllaj9qPL3u8B2hQ5jCzzRM9gzRG61RwB6AGyHVfB1l5vSH
aDjza7yMLdf+JiIAn0ob81dCMEZJug5xS4O9J/z5Wwx4Njjhjc7LpAJMDdJSfiZS
0l3EqdEt3iqvobnAqsBUlnoG1huBUXNlDFcGDcO0PCZKcec1+EpozdRXNPPaJuV9
7WOQ8yNGNijmt5AKdMvObQVFz0AV0+T1zUHTfdTIzPkYyZS8Q87l6q5sAY5dhucg
NkEQM0HsFzl7iIUliLynLCORG8Iz3mEp8mrCk+4on2/L6UeJre5E9cvWrwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJJUJAfnrX5gOB9itF+ukzrUt3UYMB8GA1UdIwQY
MBaAFPrQ+znWsR/RX8u0FjQDFV0dRVwFMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10RDdPZGF4SDlGZnk3UVdOQU1WWFIxRlhBVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvMzA0ZTNkLTFmMGUtNDRlYi1iMmMx
LWU3OTJmODljYmNlMi8xL2tsUWtCLWV0Zm1BNEgySzBYNjZUT3RTM2RSZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWQvMzA0ZTNkLTFmMGUtNDRlYi1iMmMxLWU3OTJmODljYmNl
Mi8xLzEtdEQ3T2RheEg5RmZ5N1FXTkFNVlhSMUZYQVUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG50UQw
DQYJKoZIhvcNAQELBQADggEBAKw6MlGYdSijR7eHFINB1NMcvVER4pcLaMyRbVoU
2VFVFCN3kulb/5yS+WCsZn7+pDD/S1vnWHXbPjX7hvoHk1aw3yhXC2+JcJehaCwO
1APr4iEAzi+a5VJV2Snq+Gqn443z6zZds0pz7ARmnOqTr1tVAKMOlSguRZkshxCW
MLYqRfooSKIdoACUvRMVAqHzH56H7++GhBywMzOxGmFMNFU21jlkg214qOD2dLYd
jXECuiFW/kgyd4B0AE5w6bbl5HP8DLyA/pgZMqQI2EmIcTsFFbIwv1nHP2HwFeJm
+/Bb2GEbHl+ML07anmq47Az9K2W72nI1KFPWmtOZXb7g8UM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:42 2025 by rpki-client