Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/kbxg5W0d-BGB-fPpCXX7pVhJKr8.roa
File: kbxg5W0d-BGB-fPpCXX7pVhJKr8.roa (raw, json)
Hash identifier: A6b+e5FMkSuSVcETz7c2OcCJ3SaC0cf3Q7udSEldtkg=
Subject key identifier: 91:BC:60:E5:6D:1D:F8:11:81:F9:F3:E9:09:75:FB:A5:58:49:2A:BF
Certificate issuer: /CN=af2b68f0c83add9a3a3b86ab24fb910a960262c6
Certificate serial: 01856F0B5456F375F1FD273E907B31CAC836
Authority key identifier: AF:2B:68:F0:C8:3A:DD:9A:3A:3B:86:AB:24:FB:91:0A:96:02:62:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryto8Mg63Zo6O4arJPuRCpYCYsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/kbxg5W0d-BGB-fPpCXX7pVhJKr8.roa
Signing time: Sun 01 Jan 2023 20:34:51 +0000
ROA not before: Sun 01 Jan 2023 20:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14297
IP address blocks: 185.147.172.0/23 maxlen: 23
185.147.174.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:54:56:f3:75:f1:fd:27:3e:90:7b:31:ca:c8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b68f0c83add9a3a3b86ab24fb910a960262c6
Validity
Not Before: Jan 1 20:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91bc60e56d1df81181f9f3e90975fba558492abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2c:67:bd:17:f9:5f:2d:e3:cc:4f:3b:35:ff:
d3:51:d1:b4:70:8d:65:8d:78:af:4e:0b:b1:56:2b:
1e:0d:81:a4:f6:0d:33:4f:c8:0a:5f:16:ae:36:94:
fd:4a:26:a7:be:95:ae:d6:73:de:82:30:3a:43:a5:
60:87:27:b1:a7:37:ec:d2:e8:e3:79:77:ec:32:29:
a7:36:34:d7:9a:9b:8d:4b:d6:59:88:56:4a:34:ab:
79:f4:e3:80:36:13:75:cf:ce:16:40:07:6b:1b:2d:
fb:82:8a:48:5b:a2:d2:50:a0:71:27:ba:71:a1:c0:
38:3c:02:95:32:36:15:48:0e:3e:eb:2c:a3:18:99:
b8:6e:53:5d:da:ec:45:8f:39:52:1c:e8:db:f8:2a:
aa:4d:f9:98:fd:3c:96:7e:cc:b0:20:de:a2:74:90:
63:e3:ac:e5:53:28:fb:84:b1:9e:7e:23:8a:10:c1:
27:2a:85:96:6a:9a:45:5c:35:f5:ff:5d:91:79:0e:
74:9e:ab:d4:46:e1:f4:d9:0c:57:f7:06:49:12:81:
bf:10:ed:d0:65:90:b0:35:90:1d:0f:3b:67:2e:3c:
8c:ff:7f:d9:fc:9c:3e:f3:90:46:05:9a:e5:b8:18:
58:fe:aa:3e:24:02:2d:32:eb:b4:17:d9:53:19:1a:
f8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BC:60:E5:6D:1D:F8:11:81:F9:F3:E9:09:75:FB:A5:58:49:2A:BF
X509v3 Authority Key Identifier:
keyid:AF:2B:68:F0:C8:3A:DD:9A:3A:3B:86:AB:24:FB:91:0A:96:02:62:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryto8Mg63Zo6O4arJPuRCpYCYsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/kbxg5W0d-BGB-fPpCXX7pVhJKr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.172.0/22
Signature Algorithm: sha256WithRSAEncryption
77:93:8d:81:d5:ca:aa:a7:ec:c4:92:e2:76:6a:82:e8:62:c9:
1b:5b:84:6f:3a:e8:6b:0d:70:2a:09:42:98:3f:92:58:36:be:
c6:26:7e:71:21:d2:df:39:b1:93:45:30:0f:9d:cf:61:9f:54:
a2:5b:60:d8:86:29:67:0f:03:6e:ef:45:22:6a:c2:04:98:6b:
7b:99:80:92:98:28:38:0e:ad:b6:17:63:96:53:31:29:42:89:
b5:b6:bd:6f:48:fb:e9:70:c3:b8:7f:d6:32:7d:79:f8:d8:2f:
ff:a9:51:15:4b:96:ab:61:93:8e:23:a4:20:0e:ce:08:7d:38:
29:55:97:d4:ab:56:2f:81:2c:20:a3:a3:4c:a2:5e:fa:f2:9d:
e4:ef:36:49:2c:3e:b8:cd:c3:1f:57:21:46:c5:e0:0b:5e:0f:
82:7c:02:f7:8f:ec:f4:a5:c0:e7:b2:be:07:00:af:21:4d:5c:
cb:4b:15:39:c4:30:1c:23:30:83:22:04:6c:5a:38:4f:3b:20:
d9:d4:56:db:18:9a:fc:29:3f:f6:a9:4f:33:18:81:f5:a3:e0:
b3:71:58:98:38:3e:f6:e4:55:88:97:d1:39:89:af:ed:19:38:
3e:95:98:ab:5a:5f:20:04:2e:88:64:79:2a:99:76:45:0c:ce:
a7:8f:12:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC1RW83Xx/Sc+kHsxysg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmI2OGYwYzgzYWRkOWEzYTNiODZhYjI0ZmI5MTBhOTYw
MjYyYzYwHhcNMjMwMTAxMjAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJjNjBlNTZkMWRmODExODFmOWYzZTkwOTc1ZmJhNTU4NDkyYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqixnvRf5Xy3jzE87Nf/TUdG0cI1l
jXivTguxViseDYGk9g0zT8gKXxauNpT9SianvpWu1nPegjA6Q6Vghyexpzfs0ujj
eXfsMimnNjTXmpuNS9ZZiFZKNKt59OOANhN1z84WQAdrGy37gopIW6LSUKBxJ7px
ocA4PAKVMjYVSA4+6yyjGJm4blNd2uxFjzlSHOjb+CqqTfmY/TyWfsywIN6idJBj
46zlUyj7hLGefiOKEMEnKoWWappFXDX1/12ReQ50nqvURuH02QxX9wZJEoG/EO3Q
ZZCwNZAdDztnLjyM/3/Z/Jw+85BGBZrluBhY/qo+JAItMuu0F9lTGRr4yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJG8YOVtHfgRgfnz6Ql1+6VYSSq/MB8GA1UdIwQY
MBaAFK8raPDIOt2aOjuGqyT7kQqWAmLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnl0bzhNZzYzWm82TzRhckpQdVJDcFlDWXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83OTNlMDAtMGM1My00OWM0LWE1MWIt
ZWRhMzE2YTJhZmI4LzEva2J4ZzVXMGQtQkdCLWZQcENYWDdwVmhKS3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83OTNlMDAtMGM1My00OWM0LWE1MWItZWRhMzE2YTJhZmI4
LzEvcnl0bzhNZzYzWm82TzRhckpQdVJDcFlDWXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZOsMA0G
CSqGSIb3DQEBCwUAA4IBAQB3k42B1cqqp+zEkuJ2aoLoYskbW4RvOuhrDXAqCUKY
P5JYNr7GJn5xIdLfObGTRTAPnc9hn1SiW2DYhilnDwNu70UiasIEmGt7mYCSmCg4
Dq22F2OWUzEpQom1tr1vSPvpcMO4f9YyfXn42C//qVEVS5arYZOOI6QgDs4IfTgp
VZfUq1YvgSwgo6NMol768p3k7zZJLD64zcMfVyFGxeALXg+CfAL3j+z0pcDnsr4H
AK8hTVzLSxU5xDAcIzCDIgRsWjhPOyDZ1FbbGJr8KT/2qU8zGIH1o+CzcViYOD72
5FWIl9E5ia/tGTg+lZirWl8gBC6IZHkqmXZFDM6njxIg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org