Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/KIWhK-QYRT76OizJKWYMIm6n1zA.roa
File: KIWhK-QYRT76OizJKWYMIm6n1zA.roa (raw, json)
Hash identifier: TOUTfXE/GzCfBwicys24q0quwyX87AArnJqUTSBG8TU=
Subject key identifier: 28:85:A1:2B:E4:18:45:3E:FA:3A:2C:C9:29:66:0C:22:6E:A7:D7:30
Certificate issuer: /CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Certificate serial: 018CC5000EE25170807272EFF5C6C15E914B
Authority key identifier: 80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/KIWhK-QYRT76OizJKWYMIm6n1zA.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61232
IP address blocks: 193.135.56.0/24 maxlen: 24
2001:678:e44::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 17 Sep 2024 06:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0e:e2:51:70:80:72:72:ef:f5:c6:c1:5e:91:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2885a12be418453efa3a2cc929660c226ea7d730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e6:58:5b:85:d9:6e:7f:b3:db:33:46:a6:c0:
64:bc:4f:ea:e8:70:60:58:12:3d:9f:a5:be:60:cb:
7e:9a:91:ef:6a:3a:11:7b:38:88:0d:2f:81:d9:16:
f6:91:c6:87:56:79:66:36:09:55:a6:bc:48:35:6d:
f6:8f:9d:a5:15:c3:71:38:39:8f:f5:19:91:1a:42:
aa:21:45:56:98:85:e3:8c:fc:6f:cf:99:3f:1d:48:
6a:77:2c:19:11:82:2e:c3:47:21:a1:00:5c:0a:c6:
09:42:2b:e3:ac:92:42:0e:9a:cb:63:85:c9:6c:fb:
24:57:ef:4c:6a:24:d1:97:7b:f2:07:41:3c:e7:17:
e0:1a:df:84:fc:3b:11:5a:42:ff:f8:72:4c:22:00:
5f:24:3c:be:9d:9c:a1:7a:07:64:30:a3:4b:86:33:
ab:ea:e3:b0:c7:6c:79:f7:d6:45:32:6d:a0:09:b7:
35:67:cd:a0:b6:d6:f0:a8:fc:63:bb:f7:7f:e8:dd:
36:b9:c3:6e:ed:60:d8:5a:8d:f5:25:44:11:1a:06:
1d:70:c0:09:76:97:18:fb:53:b1:df:74:56:35:c1:
3c:b9:5b:a9:65:cc:f0:49:d0:64:47:95:4c:84:96:
9b:3d:93:9d:cb:12:a9:35:96:8c:97:87:30:c4:31:
5e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:85:A1:2B:E4:18:45:3E:FA:3A:2C:C9:29:66:0C:22:6E:A7:D7:30
X509v3 Authority Key Identifier:
keyid:80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/KIWhK-QYRT76OizJKWYMIm6n1zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.56.0/24
IPv6:
2001:678:e44::/48
Signature Algorithm: sha256WithRSAEncryption
8b:93:27:2e:b0:2d:ec:05:bf:83:5f:0c:38:36:7c:4b:e4:6f:
13:84:01:18:d6:8a:ed:61:a9:dc:90:4d:86:1e:18:7f:55:9b:
a0:59:9f:3c:18:48:5b:13:7b:24:52:df:5d:9f:42:77:b0:4e:
bc:aa:dd:7e:8a:22:24:99:4b:f4:25:51:e0:f0:24:70:2a:93:
f6:68:ad:ca:5e:88:2b:63:fe:ff:9c:40:cd:f7:21:ca:ac:97:
e3:71:cf:2d:b1:82:3a:61:cb:50:d8:ef:74:91:9a:dd:37:bb:
b0:91:9b:88:df:1a:a9:f2:8f:f8:97:72:ea:7b:87:4c:b2:b8:
26:56:4a:68:73:5a:5a:41:d0:34:8d:04:4a:d9:36:35:ee:36:
f2:60:15:08:66:75:4a:1d:3f:f0:51:f2:1e:8d:f8:a5:69:e0:
b8:2b:23:1c:52:97:5c:f1:bb:e2:06:d0:b7:21:37:0c:08:59:
ca:1a:b8:3d:60:f2:2d:8a:47:50:fe:93:2f:80:4d:f4:6a:90:
af:c9:50:6a:37:c6:a9:d5:ca:53:df:a8:70:d2:8e:25:6e:01:
02:bd:1b:ec:e2:29:24:d2:f9:07:a9:3e:7c:1c:b1:d2:6f:a6:
b5:d3:3e:6d:6e:1a:59:3e:a9:77:4d:8d:fa:fc:93:d9:82:26:
11:7f:95:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFAA7iUXCAcnLv9cbBXpFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNTA1MDRmNGIxNzc2ZTgwYjhhZDlmOGIzNTZlNjEzYjU4
NWIzNWEwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg1YTEyYmU0MTg0NTNlZmEzYTJjYzkyOTY2MGMyMjZlYTdkNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+ZYW4XZbn+z2zNGpsBkvE/q6HBg
WBI9n6W+YMt+mpHvajoReziIDS+B2Rb2kcaHVnlmNglVprxINW32j52lFcNxODmP
9RmRGkKqIUVWmIXjjPxvz5k/HUhqdywZEYIuw0choQBcCsYJQivjrJJCDprLY4XJ
bPskV+9MaiTRl3vyB0E85xfgGt+E/DsRWkL/+HJMIgBfJDy+nZyhegdkMKNLhjOr
6uOwx2x599ZFMm2gCbc1Z82gttbwqPxju/d/6N02ucNu7WDYWo31JUQRGgYdcMAJ
dpcY+1Ox33RWNcE8uVupZczwSdBkR5VMhJabPZOdyxKpNZaMl4cwxDFeAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCiFoSvkGEU++josySlmDCJup9cwMB8GA1UdIwQY
MBaAFIBQUE9LF3boC4rZ+LNW5hO1hbNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjIt
MDE0NGEzMjgyYTJlLzEvS0lXaEstUVlSVDc2T2l6SktXWU1JbTZuMXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjItMDE0NGEzMjgyYTJl
LzEvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwYc4MA8E
AgACMAkDBwAgAQZ4DkQwDQYJKoZIhvcNAQELBQADggEBAIuTJy6wLewFv4NfDDg2
fEvkbxOEARjWiu1hqdyQTYYeGH9Vm6BZnzwYSFsTeyRS312fQnewTryq3X6KIiSZ
S/QlUeDwJHAqk/ZorcpeiCtj/v+cQM33Icqsl+Nxzy2xgjphy1DY73SRmt03u7CR
m4jfGqnyj/iXcup7h0yyuCZWSmhzWlpB0DSNBErZNjXuNvJgFQhmdUodP/BR8h6N
+KVp4LgrIxxSl1zxu+IG0LchNwwIWcoauD1g8i2KR1D+ky+ATfRqkK/JUGo3xqnV
ylPfqHDSjiVuAQK9G+ziKSTS+QepPnwcsdJvprXTPm1uGlk+qXdNjfr8k9mCJhF/
lUU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:03 2025 by rpki-client