Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/KWxoIGK-z9gaeoXxEg4mpgGIsL4.roa
File: KWxoIGK-z9gaeoXxEg4mpgGIsL4.roa (raw, json)
Hash identifier: 2K0qWZbJMd9KE4P5ECgeXttW8/kqYFRPG9TKcoGiScY=
Subject key identifier: 29:6C:68:20:62:BE:CF:D8:1A:7A:85:F1:12:0E:26:A6:01:88:B0:BE
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0193923420C93F7254D74382AEBB2639FCCC
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/KWxoIGK-z9gaeoXxEg4mpgGIsL4.roa
Signing time: Wed 04 Dec 2024 15:05:09 +0000
ROA not before: Wed 04 Dec 2024 15:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47674
IP address blocks: 171.22.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:92:34:20:c9:3f:72:54:d7:43:82:ae:bb:26:39:fc:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Dec 4 15:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=296c682062becfd81a7a85f1120e26a60188b0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9d:bf:76:a1:de:3f:cc:42:c9:0d:6c:b3:5b:
6e:90:17:5b:97:40:57:bf:e7:29:5f:bd:21:25:1c:
bc:cf:7e:46:de:a6:a4:43:c9:13:2f:b5:e8:b2:01:
e9:c9:3e:99:11:9f:04:49:c8:f7:a4:f2:ae:9c:fd:
0f:ba:96:04:aa:25:a1:d2:77:31:cf:33:0f:78:ff:
08:10:ed:34:f9:19:7d:2a:44:91:55:f6:64:2b:59:
5b:99:83:6c:e8:09:38:6c:46:5a:1f:14:b7:85:b5:
18:51:68:d1:40:2b:a7:49:63:ab:d1:3e:91:bb:c6:
f9:11:d5:b6:21:66:d2:31:2e:3a:c1:09:4c:e6:cb:
e4:d5:58:4a:f5:81:8d:91:28:77:b0:8b:23:fb:a1:
d5:02:0a:05:15:66:0f:60:fc:a0:22:e4:10:f4:c9:
12:be:ec:bf:92:cc:8b:ff:07:d7:a5:46:b8:85:33:
25:7e:20:77:ab:35:a2:2d:6b:b1:5f:4f:c7:6a:93:
5d:35:f7:ea:59:76:26:27:6f:be:97:f4:52:19:a4:
40:79:c4:86:a0:43:8f:a7:ca:77:bf:5b:03:9c:d5:
d6:c4:f0:0b:59:5a:f2:9a:af:6f:e2:fc:9f:45:83:
67:59:6c:3e:ef:94:12:ae:ac:32:7e:4c:e1:dc:63:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6C:68:20:62:BE:CF:D8:1A:7A:85:F1:12:0E:26:A6:01:88:B0:BE
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/KWxoIGK-z9gaeoXxEg4mpgGIsL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.255.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:7f:2e:de:1c:bb:c6:52:72:60:80:89:7d:31:14:21:8b:cf:
c6:17:82:fb:8a:dc:c6:c6:65:d6:e5:ba:26:c2:38:f3:87:45:
69:13:05:ad:a4:61:27:07:83:5a:d3:27:81:40:77:2f:cb:61:
92:00:8a:13:88:91:bc:eb:42:0b:2d:c5:cd:6e:46:04:d5:40:
dd:7d:45:d4:9e:5d:d8:53:81:27:90:b7:a5:9c:8b:39:f9:73:
b3:98:bf:88:d7:99:1d:cd:eb:fb:84:a2:5d:e8:ed:64:c8:55:
2d:55:4d:8a:d3:80:15:21:96:0d:20:b7:32:3a:6b:52:41:25:
a7:ff:1d:46:ce:71:95:8d:29:b2:3f:38:24:6f:97:db:3d:ea:
a9:99:27:61:7d:5f:ca:08:ae:ac:3b:4c:23:52:38:ba:c7:d6:
2b:ba:ee:0f:3d:28:81:f7:b9:c4:e6:6c:e1:49:28:49:d3:92:
db:36:5a:55:d1:23:36:fd:60:1f:ce:34:12:65:d4:a8:a2:a8:
0f:e7:0f:a1:4d:11:2d:8b:40:71:84:21:b2:aa:48:a6:66:18:
5d:6b:2c:c3:c6:92:c7:8d:c0:9d:4c:3c:07:06:79:43:92:c2:
5b:c8:49:cb:c7:62:6e:a7:63:42:7a:82:7e:c0:0f:5b:62:b0:
c9:91:b2:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOSNCDJP3JU10OCrrsmOfzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQxMjA0MTUwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTZjNjgyMDYyYmVjZmQ4MWE3YTg1ZjExMjBlMjZhNjAxODhiMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw52/dqHeP8xCyQ1ss1tukBdbl0BX
v+cpX70hJRy8z35G3qakQ8kTL7XosgHpyT6ZEZ8EScj3pPKunP0PupYEqiWh0ncx
zzMPeP8IEO00+Rl9KkSRVfZkK1lbmYNs6Ak4bEZaHxS3hbUYUWjRQCunSWOr0T6R
u8b5EdW2IWbSMS46wQlM5svk1VhK9YGNkSh3sIsj+6HVAgoFFWYPYPygIuQQ9MkS
vuy/ksyL/wfXpUa4hTMlfiB3qzWiLWuxX0/HapNdNffqWXYmJ2++l/RSGaRAecSG
oEOPp8p3v1sDnNXWxPALWVrymq9v4vyfRYNnWWw+75QSrqwyfkzh3GPTXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClsaCBivs/YGnqF8RIOJqYBiLC+MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvS1d4b0lHSy16OWdhZW9YeEVnNG1wZ0dJc0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxb/MA0G
CSqGSIb3DQEBCwUAA4IBAQAtfy7eHLvGUnJggIl9MRQhi8/GF4L7itzGxmXW5bom
wjjzh0VpEwWtpGEnB4Na0yeBQHcvy2GSAIoTiJG860ILLcXNbkYE1UDdfUXUnl3Y
U4EnkLelnIs5+XOzmL+I15kdzev7hKJd6O1kyFUtVU2K04AVIZYNILcyOmtSQSWn
/x1GznGVjSmyPzgkb5fbPeqpmSdhfV/KCK6sO0wjUji6x9Yruu4PPSiB97nE5mzh
SShJ05LbNlpV0SM2/WAfzjQSZdSooqgP5w+hTREti0BxhCGyqkimZhhdayzDxpLH
jcCdTDwHBnlDksJbyEnLx2Jup2NCeoJ+wA9bYrDJkbK2
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:32:09 2025 by rpki-client