Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/kXFfuA3SYXlMQLuCuhtGSMI-vjA.roa
File: kXFfuA3SYXlMQLuCuhtGSMI-vjA.roa (raw, json)
Hash identifier: VK6wlRwUwJ/C6yvtLHwZOT7UzQH8mBzmGf92Nv4sn/E=
Subject key identifier: 91:71:5F:B8:0D:D2:61:79:4C:40:BB:82:BA:1B:46:48:C2:3E:BE:30
Certificate issuer: /CN=1534838bb317b8186699f0a4485db6d9da1908d2
Certificate serial: 01856F5DB0CF2A14888E400A6E57CE285AA4
Authority key identifier: 15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/kXFfuA3SYXlMQLuCuhtGSMI-vjA.roa
Signing time: Sun 01 Jan 2023 22:04:49 +0000
ROA not before: Sun 01 Jan 2023 22:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2602
IP address blocks: 193.168.64.0/18 maxlen: 24
158.64.0.0/16 maxlen: 24
185.149.136.0/22 maxlen: 22
2001:a18::/29 maxlen: 48
2001:a18:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b0:cf:2a:14:88:8e:40:0a:6e:57:ce:28:5a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1534838bb317b8186699f0a4485db6d9da1908d2
Validity
Not Before: Jan 1 22:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91715fb80dd261794c40bb82ba1b4648c23ebe30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:0a:39:51:5c:4a:97:48:32:25:7f:f0:24:
e2:7d:e3:2e:d9:81:02:b3:c5:58:41:53:61:2d:14:
e3:dd:1a:29:a3:f1:ff:1e:c6:86:36:e9:83:11:36:
ee:1e:65:c6:ce:b3:b0:6f:6d:7c:c8:7f:b7:94:a5:
91:3c:29:d3:78:ab:25:00:c2:ee:af:4d:b0:15:74:
64:a7:78:76:5f:a6:67:63:0f:03:a1:9e:64:83:8c:
bd:6c:33:1d:c9:a9:99:1d:fa:ca:a5:54:5b:cc:95:
11:7c:9e:b5:61:83:1d:be:00:12:55:06:ef:84:2f:
3c:71:ba:5a:de:2d:22:ec:49:c5:2b:27:0a:f2:8b:
d4:e2:e2:33:c6:ac:ef:8c:1f:56:36:a8:73:36:66:
a4:ce:5b:10:6d:9b:25:11:d0:dd:f6:c8:37:b7:c3:
6e:17:8c:14:33:90:a4:4b:4e:fd:91:f3:9f:44:f9:
d9:bf:56:e6:d1:e3:68:b5:96:1e:f8:b1:d1:02:a1:
a5:bd:96:d3:39:0d:e8:55:e3:2c:6f:f6:e8:4e:25:
cf:bc:6f:84:de:e9:63:db:b6:cb:03:c4:33:14:34:
1f:f2:ef:60:c3:76:ec:0b:44:53:83:a2:99:26:24:
67:0c:4c:1e:4f:5e:18:4e:20:a2:18:42:73:ac:56:
96:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:71:5F:B8:0D:D2:61:79:4C:40:BB:82:BA:1B:46:48:C2:3E:BE:30
X509v3 Authority Key Identifier:
keyid:15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/kXFfuA3SYXlMQLuCuhtGSMI-vjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.64.0.0/16
185.149.136.0/22
193.168.64.0/18
IPv6:
2001:a18::/29
Signature Algorithm: sha256WithRSAEncryption
5f:bf:0f:4f:f6:8f:eb:9a:05:e5:36:99:94:ef:92:4a:4f:de:
81:3f:40:94:32:80:79:64:ad:45:aa:fa:67:84:e1:3b:c6:09:
98:ee:5c:1f:78:50:09:d7:a3:53:5c:8a:27:42:2b:4a:d6:32:
81:19:1a:b6:7b:15:96:5f:98:d2:ac:ce:7d:94:06:19:d7:52:
4a:e2:8e:d2:fd:3d:b8:66:b2:94:45:52:81:9b:98:97:eb:37:
7e:37:4b:ca:66:21:1e:3c:7c:14:0d:e7:ae:8d:d0:76:02:fc:
a9:23:66:98:b9:9b:b2:f1:a2:02:86:a8:ff:58:d1:8c:11:f8:
25:09:23:93:ec:d6:b2:3c:ea:b9:f8:b6:55:9e:8f:a5:e0:1a:
69:09:fd:b6:8b:86:c3:fa:19:ad:f3:8e:5e:e1:37:2c:b5:46:
fd:33:17:e7:19:cb:78:ab:bd:5d:64:dd:16:a7:63:59:8f:5f:
ba:73:06:89:c1:e2:a5:e4:f6:31:6f:f4:a8:f9:09:14:6a:6b:
9b:d4:43:06:3c:30:c1:da:92:2a:6d:01:68:65:71:d7:f1:d0:
63:9a:e4:de:ae:34:11:8a:c3:ba:78:c0:43:6d:11:a9:a5:72:
15:00:f6:29:cd:0b:e0:1f:d5:28:0e:ef:b1:d8:99:df:96:3d:
05:ba:f0:19
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvXbDPKhSIjkAKblfOKFqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MzQ4MzhiYjMxN2I4MTg2Njk5ZjBhNDQ4NWRiNmQ5ZGEx
OTA4ZDIwHhcNMjMwMTAxMjIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTcxNWZiODBkZDI2MTc5NGM0MGJiODJiYTFiNDY0OGMyM2ViZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/MKOVFcSpdIMiV/8CTifeMu2YEC
s8VYQVNhLRTj3Ropo/H/HsaGNumDETbuHmXGzrOwb218yH+3lKWRPCnTeKslAMLu
r02wFXRkp3h2X6ZnYw8DoZ5kg4y9bDMdyamZHfrKpVRbzJURfJ61YYMdvgASVQbv
hC88cbpa3i0i7EnFKycK8ovU4uIzxqzvjB9WNqhzNmakzlsQbZslEdDd9sg3t8Nu
F4wUM5CkS079kfOfRPnZv1bm0eNotZYe+LHRAqGlvZbTOQ3oVeMsb/boTiXPvG+E
3ulj27bLA8QzFDQf8u9gw3bsC0RTg6KZJiRnDEweT14YTiCiGEJzrFaWfwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJFxX7gN0mF5TEC7grobRkjCPr4wMB8GA1UdIwQY
MBaAFBU0g4uzF7gYZpnwpEhdttnaGQjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUt
M2ExNDRjNzBlMGIwLzEva1hGZnVBM1NZWGxNUUx1Q3VodEdTTUktdmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUtM2ExNDRjNzBlMGIw
LzEvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAnkADBAK5
lYgDBAbBqEAwDQQCAAIwBwMFAyABChgwDQYJKoZIhvcNAQELBQADggEBAF+/D0/2
j+uaBeU2mZTvkkpP3oE/QJQygHlkrUWq+meE4TvGCZjuXB94UAnXo1NciidCK0rW
MoEZGrZ7FZZfmNKszn2UBhnXUkrijtL9PbhmspRFUoGbmJfrN343S8pmIR48fBQN
566N0HYC/KkjZpi5m7LxogKGqP9Y0YwR+CUJI5Ps1rI86rn4tlWej6XgGmkJ/baL
hsP6Ga3zjl7hNyy1Rv0zF+cZy3irvV1k3RanY1mPX7pzBonB4qXk9jFv9Kj5CRRq
a5vUQwY8MMHakiptAWhlcdfx0GOa5N6uNBGKw7p4wENtEamlchUA9inNC+Af1SgO
77HYmd+WPQW68Bk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:50 2024 by rpki-client on console-fra.rpki-client.org