Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/KBULh-AuzTobNQNKMw7DFrpFj5o.roa
File: KBULh-AuzTobNQNKMw7DFrpFj5o.roa (raw, json)
Hash identifier: WZNtvuoq4EM4n//US9dDEhH6xo5ICzVFxoKAS7iUiKw=
Subject key identifier: 28:15:0B:87:E0:2E:CD:3A:1B:35:03:4A:33:0E:C3:16:BA:45:8F:9A
Certificate issuer: /CN=478d24898d1cf52d23f9561dc6ac0f1363e6c760
Certificate serial: 0185714C4B01F9A86C4FF00130BC27184445
Authority key identifier: 47:8D:24:89:8D:1C:F5:2D:23:F9:56:1D:C6:AC:0F:13:63:E6:C7:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R40kiY0c9S0j-VYdxqwPE2Pmx2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/KBULh-AuzTobNQNKMw7DFrpFj5o.roa
Signing time: Mon 02 Jan 2023 07:05:03 +0000
ROA not before: Mon 02 Jan 2023 07:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42718
IP address blocks: 176.117.62.0/24 maxlen: 24
2001:678:3e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:4b:01:f9:a8:6c:4f:f0:01:30:bc:27:18:44:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=478d24898d1cf52d23f9561dc6ac0f1363e6c760
Validity
Not Before: Jan 2 07:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28150b87e02ecd3a1b35034a330ec316ba458f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:72:52:25:6d:42:de:7c:5c:46:33:d2:5a:45:
b0:e8:b5:0a:f5:f2:b9:e7:2b:76:23:e4:b1:29:7f:
b7:b2:99:9c:73:1a:c4:ec:81:b3:6c:2c:58:a1:06:
fa:5e:8d:08:51:5a:c8:26:b9:6d:4e:3b:63:05:97:
87:16:a3:eb:3b:48:41:11:ff:c5:22:f9:9d:8f:7e:
67:14:dc:7a:9b:ed:be:7b:7e:74:ff:8b:38:cc:80:
fd:02:c8:cd:21:84:c0:2e:6a:dc:bc:b9:81:1d:51:
2d:e6:14:29:d6:04:c3:46:07:64:c5:36:b0:03:f7:
29:c9:68:51:2b:91:93:28:b3:b6:bd:e2:28:0f:12:
86:49:75:49:57:3d:e4:c0:6b:e5:1b:10:aa:b3:2a:
06:8f:0d:77:8e:ff:91:7c:13:a4:d3:2d:bf:82:32:
36:04:8c:84:19:7a:fd:81:42:91:33:54:5d:cc:6b:
a3:c8:8a:07:29:38:60:10:c7:4d:be:33:59:80:06:
a9:76:dc:f6:6b:77:3e:41:3a:17:50:a8:3c:fd:14:
4b:81:59:17:6f:ee:b7:ce:4d:60:c1:3e:16:92:e4:
51:1c:57:21:2b:b5:ae:09:14:cf:54:0d:7b:97:8d:
4d:8b:4b:c6:0b:b6:99:26:74:67:b0:af:f1:0f:4c:
7d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:15:0B:87:E0:2E:CD:3A:1B:35:03:4A:33:0E:C3:16:BA:45:8F:9A
X509v3 Authority Key Identifier:
keyid:47:8D:24:89:8D:1C:F5:2D:23:F9:56:1D:C6:AC:0F:13:63:E6:C7:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R40kiY0c9S0j-VYdxqwPE2Pmx2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/KBULh-AuzTobNQNKMw7DFrpFj5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/R40kiY0c9S0j-VYdxqwPE2Pmx2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.62.0/24
IPv6:
2001:678:3e0::/48
Signature Algorithm: sha256WithRSAEncryption
9e:36:e3:78:24:2f:3c:fb:ec:0b:5c:9a:ed:ce:08:14:5d:64:
53:38:f8:ea:e8:d9:bc:76:68:19:d4:6d:35:e3:5a:dd:2d:d7:
fe:f7:55:d7:46:c3:f6:e9:5a:76:6f:17:01:47:a4:e0:dd:67:
73:78:82:47:e8:3b:aa:69:e6:ac:7e:15:cd:c4:3a:9d:ef:f8:
3b:37:f5:ee:42:ea:20:98:55:3b:e1:e6:35:7e:41:c5:c6:0a:
70:db:f8:48:28:ce:c2:cd:e2:4e:bd:87:4d:f7:f0:fe:7e:25:
34:83:e2:2f:c5:67:a3:88:82:71:b8:80:3f:cb:b1:f0:4e:72:
e4:0c:48:9d:70:a5:72:e9:a2:75:0f:57:f5:34:c1:14:58:5b:
88:97:5a:23:cf:90:09:9f:bf:e6:46:d9:01:37:fc:79:b6:1d:
91:03:b5:00:f2:4f:73:fb:8e:d7:19:3c:6a:92:a1:7d:13:d8:
f8:4e:54:f5:05:ec:3b:64:71:fd:aa:34:07:44:c1:d3:a6:46:
0f:da:c7:e4:4b:c4:f8:04:62:d2:8e:e9:b1:34:08:27:47:ca:
0b:6b:c0:4d:50:61:fb:69:4d:1b:a9:30:f9:69:64:c6:7a:5e:
93:3f:d7:54:96:cd:eb:75:43:5f:47:14:08:b4:ec:57:7c:20:
95:54:18:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxTEsB+ahsT/ABMLwnGERFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OGQyNDg5OGQxY2Y1MmQyM2Y5NTYxZGM2YWMwZjEzNjNl
NmM3NjAwHhcNMjMwMTAyMDcwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE1MGI4N2UwMmVjZDNhMWIzNTAzNGEzMzBlYzMxNmJhNDU4ZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nJSJW1C3nxcRjPSWkWw6LUK9fK5
5yt2I+SxKX+3spmccxrE7IGzbCxYoQb6Xo0IUVrIJrltTjtjBZeHFqPrO0hBEf/F
Ivmdj35nFNx6m+2+e350/4s4zID9AsjNIYTALmrcvLmBHVEt5hQp1gTDRgdkxTaw
A/cpyWhRK5GTKLO2veIoDxKGSXVJVz3kwGvlGxCqsyoGjw13jv+RfBOk0y2/gjI2
BIyEGXr9gUKRM1RdzGujyIoHKThgEMdNvjNZgAapdtz2a3c+QToXUKg8/RRLgVkX
b+63zk1gwT4WkuRRHFchK7WuCRTPVA17l41Ni0vGC7aZJnRnsK/xD0x9gQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCgVC4fgLs06GzUDSjMOwxa6RY+aMB8GA1UdIwQY
MBaAFEeNJImNHPUtI/lWHcasDxNj5sdgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjQwa2lZMGM5UzBqLVZZZHhxd1BFMlBteDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82Y2I3MmQtNDVhNy00NDkwLTljNTkt
OTNlYWQzNWExMmNhLzEvS0JVTGgtQXV6VG9iTlFOS013N0RGcnBGajVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy82Y2I3MmQtNDVhNy00NDkwLTljNTktOTNlYWQzNWExMmNh
LzEvUjQwa2lZMGM5UzBqLVZZZHhxd1BFMlBteDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHU+MA8E
AgACMAkDBwAgAQZ4A+AwDQYJKoZIhvcNAQELBQADggEBAJ4243gkLzz77Atcmu3O
CBRdZFM4+Oro2bx2aBnUbTXjWt0t1/73VddGw/bpWnZvFwFHpODdZ3N4gkfoO6pp
5qx+Fc3EOp3v+Ds39e5C6iCYVTvh5jV+QcXGCnDb+EgozsLN4k69h0338P5+JTSD
4i/FZ6OIgnG4gD/LsfBOcuQMSJ1wpXLponUPV/U0wRRYW4iXWiPPkAmfv+ZG2QE3
/Hm2HZEDtQDyT3P7jtcZPGqSoX0T2PhOVPUF7Dtkcf2qNAdEwdOmRg/ax+RLxPgE
YtKO6bE0CCdHygtrwE1QYftpTRupMPlpZMZ6XpM/11SWzet1Q19HFAi07Fd8IJVU
GDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:11 2024 by rpki-client on console-ams.rpki-client.org