Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/KlKrbsA_i0EGGDJ-Ba0Jbj51EOQ.roa
File: KlKrbsA_i0EGGDJ-Ba0Jbj51EOQ.roa (raw, json)
Hash identifier: 5nTAsn3nd2AuY2sesShY9pfpFXCvBh8WgE7xw3E+fxE=
Subject key identifier: 2A:52:AB:6E:C0:3F:8B:41:06:18:32:7E:05:AD:09:6E:3E:75:10:E4
Certificate issuer: /CN=4dd23422264a79c0315482ed4f27c751353f26bb
Certificate serial: 018A366F03A6F097AF2ABC07BBF0AD27E9CE
Authority key identifier: 4D:D2:34:22:26:4A:79:C0:31:54:82:ED:4F:27:C7:51:35:3F:26:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdI0IiZKecAxVILtTyfHUTU_Jrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/KlKrbsA_i0EGGDJ-Ba0Jbj51EOQ.roa
Signing time: Sun 27 Aug 2023 09:59:19 +0000
ROA not before: Sun 27 Aug 2023 09:59:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43625
IP address blocks: 91.198.84.0/24 maxlen: 24
185.160.132.0/22 maxlen: 22
109.232.48.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:36:6f:03:a6:f0:97:af:2a:bc:07:bb:f0:ad:27:e9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd23422264a79c0315482ed4f27c751353f26bb
Validity
Not Before: Aug 27 09:59:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a52ab6ec03f8b410618327e05ad096e3e7510e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fc:29:33:6c:87:48:d5:a1:4a:f0:2b:d1:f7:
6c:3b:b7:b5:ff:da:98:1b:d0:57:a2:59:27:5e:3c:
2d:ca:70:91:cb:0f:19:79:f1:ff:7e:f3:14:3d:b3:
30:75:91:78:d0:f8:1e:10:88:cd:84:7d:e2:8a:f8:
c0:87:a5:ba:17:39:c2:3b:e4:fa:7b:ee:5c:7e:7a:
2f:b1:14:60:9a:d1:26:3d:67:f5:66:38:6d:19:6e:
ae:58:f7:5a:ba:45:c1:ad:d0:58:06:5c:d2:6c:4f:
90:66:e5:4b:b0:f0:bd:0e:5c:b0:7b:9a:d4:cb:da:
88:49:d9:fb:31:a8:c6:c3:c9:a9:59:40:68:f1:45:
ee:0b:85:71:de:7f:07:57:73:96:21:f9:31:92:46:
8b:77:37:4a:fb:ca:6f:4a:1e:7a:b2:ac:f6:0b:16:
70:9a:fd:c1:26:6c:c0:fd:74:6e:3f:52:45:a3:8d:
fb:0b:95:de:dc:ec:a6:4c:44:3e:c7:77:97:bc:90:
43:9e:c0:ff:af:c4:45:f8:17:4e:8c:71:01:7a:2f:
a0:2f:fc:9d:f4:b0:e4:d6:dd:3e:cf:f3:48:96:16:
03:09:fd:88:5b:17:da:38:9b:46:64:df:05:3a:d1:
bb:9e:78:07:02:1a:c9:16:0a:15:39:98:2c:6d:58:
3c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:52:AB:6E:C0:3F:8B:41:06:18:32:7E:05:AD:09:6E:3E:75:10:E4
X509v3 Authority Key Identifier:
keyid:4D:D2:34:22:26:4A:79:C0:31:54:82:ED:4F:27:C7:51:35:3F:26:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdI0IiZKecAxVILtTyfHUTU_Jrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/KlKrbsA_i0EGGDJ-Ba0Jbj51EOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/TdI0IiZKecAxVILtTyfHUTU_Jrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.84.0/24
109.232.48.0/21
185.160.132.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:e0:41:62:b9:9e:93:7e:32:38:77:dc:13:68:d0:2e:2b:97:
79:0e:28:11:48:46:dd:92:2c:27:a3:6a:e8:15:b5:39:f7:f5:
60:16:e8:27:6a:70:fa:d3:78:4a:41:11:0d:bc:78:02:d5:7d:
e4:ab:16:63:e8:f2:ce:ed:35:64:8b:ae:67:0a:12:26:52:f6:
c9:c2:7c:89:f2:2b:b2:23:1d:bf:38:d3:d7:bf:c2:76:e4:ea:
d5:c7:ae:2e:3c:b6:27:bd:31:00:97:41:74:98:46:1e:f1:23:
1e:ee:3d:b9:44:e1:ec:f6:1c:34:fd:41:ea:27:70:33:be:e0:
14:41:08:7d:87:4f:4e:cd:02:61:9a:92:e5:66:86:dd:db:35:
b7:f9:8e:71:7a:c2:5d:da:54:39:f6:cc:ca:4a:78:df:64:de:
69:26:4f:7e:07:bf:f4:29:3c:a7:2d:9c:97:96:27:f9:b2:b7:
fb:05:ca:8b:8e:27:65:7c:eb:cf:d3:d9:06:9a:aa:10:6f:76:
ae:2c:e8:8c:b1:6f:23:f4:7c:f3:d0:d6:bb:70:26:23:1d:43:
ca:76:36:b7:4d:98:98:25:5b:d8:4f:65:fb:cc:78:35:71:6b:
93:26:96:bf:9c:bc:6b:06:d4:f1:1c:a9:8f:90:5d:17:4a:f9:
9c:73:33:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYo2bwOm8JevKrwHu/CtJ+nOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDIzNDIyMjY0YTc5YzAzMTU0ODJlZDRmMjdjNzUxMzUz
ZjI2YmIwHhcNMjMwODI3MDk1OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTUyYWI2ZWMwM2Y4YjQxMDYxODMyN2UwNWFkMDk2ZTNlNzUxMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPwpM2yHSNWhSvAr0fdsO7e1/9qY
G9BXolknXjwtynCRyw8ZefH/fvMUPbMwdZF40PgeEIjNhH3iivjAh6W6FznCO+T6
e+5cfnovsRRgmtEmPWf1ZjhtGW6uWPdaukXBrdBYBlzSbE+QZuVLsPC9Dlywe5rU
y9qISdn7MajGw8mpWUBo8UXuC4Vx3n8HV3OWIfkxkkaLdzdK+8pvSh56sqz2CxZw
mv3BJmzA/XRuP1JFo437C5Xe3OymTEQ+x3eXvJBDnsD/r8RF+BdOjHEBei+gL/yd
9LDk1t0+z/NIlhYDCf2IWxfaOJtGZN8FOtG7nngHAhrJFgoVOZgsbVg8NwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCpSq27AP4tBBhgyfgWtCW4+dRDkMB8GA1UdIwQY
MBaAFE3SNCImSnnAMVSC7U8nx1E1Pya7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRJMElpWktlY0F4VklMdFR5ZkhVVFVfSnJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9mNWM2YmEtMTcwZC00N2M1LTljN2Mt
MTc2NmEyNzdkODViLzEvS2xLcmJzQV9pMEVHR0RKLUJhMEpiajUxRU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9mNWM2YmEtMTcwZC00N2M1LTljN2MtMTc2NmEyNzdkODVi
LzEvVGRJMElpWktlY0F4VklMdFR5ZkhVVFVfSnJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8ZUAwQD
begwAwQCuaCEMA0GCSqGSIb3DQEBCwUAA4IBAQCt4EFiuZ6TfjI4d9wTaNAuK5d5
DigRSEbdkiwno2roFbU59/VgFugnanD603hKQRENvHgC1X3kqxZj6PLO7TVki65n
ChImUvbJwnyJ8iuyIx2/ONPXv8J25OrVx64uPLYnvTEAl0F0mEYe8SMe7j25ROHs
9hw0/UHqJ3AzvuAUQQh9h09OzQJhmpLlZobd2zW3+Y5xesJd2lQ59szKSnjfZN5p
Jk9+B7/0KTynLZyXlif5srf7BcqLjidlfOvP09kGmqoQb3auLOiMsW8j9Hzz0Na7
cCYjHUPKdja3TZiYJVvYT2X7zHg1cWuTJpa/nLxrBtTxHKmPkF0XSvmcczML
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:51 2024 by rpki-client on console-fra.rpki-client.org