Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/KchObRTeTuRXrmWCmt9yghsk3JA.roa
File: KchObRTeTuRXrmWCmt9yghsk3JA.roa (raw, json)
Hash identifier: NmXMzOW+jiHu5V5bls8LMEjDW8UdgyiHj5lY0eWSP74=
Subject key identifier: 29:C8:4E:6D:14:DE:4E:E4:57:AE:65:82:9A:DF:72:82:1B:24:DC:90
Certificate issuer: /CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Certificate serial: 018B1DD5D887C3DA7853A8F157BAA71DCB84
Authority key identifier: DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/KchObRTeTuRXrmWCmt9yghsk3JA.roa
Signing time: Wed 11 Oct 2023 08:23:55 +0000
ROA not before: Wed 11 Oct 2023 08:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12748
IP address blocks: 185.225.140.0/22 maxlen: 22
5.183.20.0/22 maxlen: 22
45.137.56.0/22 maxlen: 22
193.104.216.0/24 maxlen: 24
194.31.198.0/24 maxlen: 24
2a0d:d400::/29 maxlen: 29
2a0e:8c00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:d5:d8:87:c3:da:78:53:a8:f1:57:ba:a7:1d:cb:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Validity
Not Before: Oct 11 08:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29c84e6d14de4ee457ae65829adf72821b24dc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e3:76:4f:51:a7:10:7f:29:df:58:23:a6:40:
f8:0e:d4:b6:02:b4:31:17:b6:c9:66:fd:98:3d:9b:
ba:4c:a2:5e:87:35:1d:9a:8c:f8:c3:32:1f:36:ff:
66:92:2d:09:08:f0:b8:ce:d2:ee:3b:49:9f:84:ab:
c5:4a:04:12:bb:81:e1:75:23:12:71:af:8b:7a:40:
fe:42:6d:89:5b:28:54:fe:ae:51:ae:96:c1:6c:4a:
2d:00:33:38:a2:77:24:dc:ba:01:cd:4f:7b:16:2c:
97:4f:fd:da:36:6a:db:9b:1d:70:40:84:ad:17:6a:
b5:5b:a1:13:d8:93:f7:52:10:bf:bb:71:77:e7:9f:
6d:56:9f:dd:75:63:3e:83:fb:d0:8f:55:18:97:d2:
a5:0e:b9:43:8d:9b:76:da:95:67:2e:6c:38:74:07:
1f:00:8b:0a:b0:ab:ce:3b:df:b6:db:b7:2d:c6:d9:
bd:55:31:72:c6:10:ec:99:2f:9f:37:93:40:86:89:
61:42:56:1e:67:0f:a4:c1:d5:33:38:ac:16:fe:c5:
08:98:25:ec:c1:6a:63:31:88:2d:af:61:5b:64:6b:
b3:0b:6b:ea:a0:dd:30:f5:36:36:9f:72:0a:57:1b:
d9:80:ba:c8:bb:08:a7:0d:3f:c6:88:3d:92:c4:a6:
53:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C8:4E:6D:14:DE:4E:E4:57:AE:65:82:9A:DF:72:82:1B:24:DC:90
X509v3 Authority Key Identifier:
keyid:DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/KchObRTeTuRXrmWCmt9yghsk3JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.20.0/22
45.137.56.0/22
185.225.140.0/22
193.104.216.0/24
194.31.198.0/24
IPv6:
2a0d:d400::/29
2a0e:8c00::/29
Signature Algorithm: sha256WithRSAEncryption
35:b9:15:29:6c:15:4e:30:6b:5c:1e:b1:6f:46:a1:80:9c:e2:
d3:09:cc:0c:03:3a:cf:34:4f:a0:d7:b1:5f:7f:bd:dc:2e:32:
44:df:ee:ed:89:14:bf:c1:7f:48:96:f1:df:af:2e:81:00:40:
5c:a6:e3:4f:bb:6f:13:06:9b:73:64:b2:43:18:34:99:8e:40:
5b:54:35:c2:e1:66:ab:2e:54:1b:43:81:0b:82:54:2e:8f:d6:
f7:7a:5e:0e:35:09:ad:c9:da:01:2c:c9:b9:c7:67:c9:aa:cb:
dd:be:c0:f8:d0:0f:c6:ba:f5:a1:ab:f8:ae:2f:4a:a8:b1:07:
55:d7:16:9c:c3:e1:9d:64:1c:4e:06:a7:6c:0f:02:36:fa:62:
5a:55:dd:ff:4c:45:86:53:6c:41:45:77:a7:aa:34:8d:82:2c:
2b:87:1e:a8:b1:94:08:87:98:b8:fe:23:be:1c:27:a3:b0:b0:
ad:f8:9b:61:1f:14:bf:9b:e6:9e:85:dd:b1:40:14:9d:b7:ea:
b1:69:08:ad:ea:61:f6:ad:3f:2e:8d:07:8a:38:9f:c3:c9:d2:
ac:87:9e:56:a0:2c:92:6f:c5:d9:4b:9b:2c:5b:0f:d2:3a:29:
19:76:b7:17:aa:55:71:37:8a:c5:36:42:4a:ae:af:2d:14:86:
04:ed:02:1f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYsd1diHw9p4U6jxV7qnHcuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzc4MTJiZDQ1MjczZWEzYjJhNTNkOWU5NmY2ZGJhMjE1
ODI2ZjMwHhcNMjMxMDExMDgyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM4NGU2ZDE0ZGU0ZWU0NTdhZTY1ODI5YWRmNzI4MjFiMjRkYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlON2T1GnEH8p31gjpkD4DtS2ArQx
F7bJZv2YPZu6TKJehzUdmoz4wzIfNv9mki0JCPC4ztLuO0mfhKvFSgQSu4HhdSMS
ca+LekD+Qm2JWyhU/q5RrpbBbEotADM4onck3LoBzU97FiyXT/3aNmrbmx1wQISt
F2q1W6ET2JP3UhC/u3F3559tVp/ddWM+g/vQj1UYl9KlDrlDjZt22pVnLmw4dAcf
AIsKsKvOO9+227ctxtm9VTFyxhDsmS+fN5NAholhQlYeZw+kwdUzOKwW/sUImCXs
wWpjMYgtr2FbZGuzC2vqoN0w9TY2n3IKVxvZgLrIuwinDT/GiD2SxKZTgwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCnITm0U3k7kV65lgprfcoIbJNyQMB8GA1UdIwQY
MBaAFN43gSvUUnPqOypT2elvbbohWCbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQt
YWY2NDZjOGY0YWY2LzEvS2NoT2JSVGVUdVJYcm1XQ210OXlnaHNrM0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQtYWY2NDZjOGY0YWY2
LzEvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCBbcUAwQC
LYk4AwQCueGMAwQAwWjYAwQAwh/GMBQEAgACMA4DBQMqDdQAAwUDKg6MADANBgkq
hkiG9w0BAQsFAAOCAQEANbkVKWwVTjBrXB6xb0ahgJzi0wnMDAM6zzRPoNexX3+9
3C4yRN/u7YkUv8F/SJbx368ugQBAXKbjT7tvEwabc2SyQxg0mY5AW1Q1wuFmqy5U
G0OBC4JULo/W93peDjUJrcnaASzJucdnyarL3b7A+NAPxrr1oav4ri9KqLEHVdcW
nMPhnWQcTganbA8CNvpiWlXd/0xFhlNsQUV3p6o0jYIsK4ceqLGUCIeYuP4jvhwn
o7CwrfibYR8Uv5vmnoXdsUAUnbfqsWkIreph9q0/Lo0Hijifw8nSrIeeVqAskm/F
2UubLFsP0jopGXa3F6pVcTeKxTZCSq6vLRSGBO0CHw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:28 2024 by rpki-client on console-ams.rpki-client.org