Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/kz_Nqtr7m1HNYdsvpkSQ53xlIh0.roa
File: kz_Nqtr7m1HNYdsvpkSQ53xlIh0.roa (raw, json)
Hash identifier: 8439+I/TzLr1ua6a183xEYulQwIzgBnKIxCTuNalNEI=
Subject key identifier: 93:3F:CD:AA:DA:FB:9B:51:CD:61:DB:2F:A6:44:90:E7:7C:65:22:1D
Certificate issuer: /CN=df0ba4f56e6f037725286037afc3c14c293b9b82
Certificate serial: 018713D609B0181936F4C79C91AF0D1E7C3F
Authority key identifier: DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/kz_Nqtr7m1HNYdsvpkSQ53xlIh0.roa
Signing time: Fri 24 Mar 2023 13:36:46 +0000
ROA not before: Fri 24 Mar 2023 13:36:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58323
IP address blocks: 31.172.0.0/18 maxlen: 18
Validation: Failed, certificate revoked on Fri 24 Mar 2023 14:38:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:d6:09:b0:18:19:36:f4:c7:9c:91:af:0d:1e:7c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0ba4f56e6f037725286037afc3c14c293b9b82
Validity
Not Before: Mar 24 13:36:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=933fcdaadafb9b51cd61db2fa64490e77c65221d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d1:e0:13:78:87:98:50:12:57:8a:cf:00:b8:
b9:60:b5:7f:8d:1a:07:1a:90:a1:3d:2c:15:24:1d:
b0:ca:02:44:1d:a6:7d:9a:1c:99:dc:61:0c:0f:09:
6f:1f:26:06:f3:0d:98:5e:98:2a:a9:f6:36:44:b9:
43:19:c0:98:29:2a:44:54:6f:cd:0b:a4:64:be:c1:
79:8b:f4:9e:8d:3b:85:c0:6a:55:04:37:dc:96:a6:
fa:ca:f4:a7:cf:d1:64:1c:cf:d2:9d:2a:20:61:62:
e6:a8:98:21:db:7b:3f:22:0a:3c:06:97:40:c9:b5:
0b:ca:79:b8:57:ee:e0:76:7c:c6:1c:c2:6a:e4:28:
dc:05:5e:17:2a:6a:54:be:b2:37:94:77:82:ea:5c:
7e:c9:d3:5e:cf:e1:5b:16:18:b0:93:00:17:be:99:
34:0a:c5:99:05:3c:82:c2:61:12:d0:5f:c8:1c:dd:
cc:08:78:61:6d:b2:6a:ac:74:0c:6d:6e:0c:03:1f:
ee:ff:45:23:cb:3c:92:31:83:02:2d:3a:89:5e:24:
d1:19:03:fe:04:cd:ac:3e:f5:a9:b1:da:1a:43:5b:
bd:8e:fd:a4:ee:10:ca:b6:5a:1c:ce:df:fc:e6:ec:
f7:c7:0f:0c:76:71:c9:f9:56:1a:e9:a5:bd:b6:1b:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3F:CD:AA:DA:FB:9B:51:CD:61:DB:2F:A6:44:90:E7:7C:65:22:1D
X509v3 Authority Key Identifier:
keyid:DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/kz_Nqtr7m1HNYdsvpkSQ53xlIh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.0.0/18
Signature Algorithm: sha256WithRSAEncryption
74:9d:a7:75:aa:4e:fe:f6:bc:ec:8d:44:8d:26:22:94:17:a2:
b8:f1:af:75:0d:7f:7e:33:11:61:07:01:12:82:10:c3:87:ed:
68:55:cd:bb:73:b8:31:7f:51:9c:31:00:e7:56:b9:06:8b:45:
01:95:7a:da:59:6f:c1:d0:30:2f:9f:3e:34:08:c5:73:f9:60:
45:62:e4:7a:b7:bb:34:57:d8:cf:b6:95:0b:c4:03:49:ec:3b:
af:56:d6:81:f6:85:33:0c:65:c0:4e:6f:55:a7:fe:c8:48:6e:
45:8d:97:e0:8a:24:7b:04:18:88:e9:1f:b8:6a:bf:25:91:3e:
5f:65:41:97:28:3d:be:fb:c2:20:63:43:be:73:6e:e8:49:3b:
6d:e6:b7:24:41:60:89:a6:7a:e7:c5:d1:24:5b:34:56:d3:11:
63:49:18:64:04:e4:b9:f3:a3:fe:6a:a7:6d:9b:ac:b1:84:62:
c7:14:61:28:5e:a4:21:67:64:55:be:b3:66:38:cc:03:6d:c8:
65:d6:de:5e:ab:74:f3:2a:0d:36:f5:f1:b6:89:0f:3c:1d:b4:
da:b3:92:d9:7b:fb:26:6c:9b:e3:a1:f3:84:de:0f:70:93:5c:
9c:24:3e:2d:79:68:b1:c5:a7:17:25:3e:da:da:39:65:83:87:
eb:a1:0c:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcT1gmwGBk29Mecka8NHnw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMGJhNGY1NmU2ZjAzNzcyNTI4NjAzN2FmYzNjMTRjMjkz
YjliODIwHhcNMjMwMzI0MTMzNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzNmY2RhYWRhZmI5YjUxY2Q2MWRiMmZhNjQ0OTBlNzdjNjUyMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtHgE3iHmFASV4rPALi5YLV/jRoH
GpChPSwVJB2wygJEHaZ9mhyZ3GEMDwlvHyYG8w2YXpgqqfY2RLlDGcCYKSpEVG/N
C6RkvsF5i/SejTuFwGpVBDfclqb6yvSnz9FkHM/SnSogYWLmqJgh23s/Igo8BpdA
ybULynm4V+7gdnzGHMJq5CjcBV4XKmpUvrI3lHeC6lx+ydNez+FbFhiwkwAXvpk0
CsWZBTyCwmES0F/IHN3MCHhhbbJqrHQMbW4MAx/u/0UjyzySMYMCLTqJXiTRGQP+
BM2sPvWpsdoaQ1u9jv2k7hDKtloczt/85uz3xw8MdnHJ+VYa6aW9thu/HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJM/zara+5tRzWHbL6ZEkOd8ZSIdMB8GA1UdIwQY
MBaAFN8LpPVubwN3JShgN6/DwUwpO5uCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTIt
MzZjNjc4OTAwZjc5LzEva3pfTnF0cjdtMUhOWWRzdnBrU1E1M3hsSWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTItMzZjNjc4OTAwZjc5
LzEvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGH6wAMA0G
CSqGSIb3DQEBCwUAA4IBAQB0nad1qk7+9rzsjUSNJiKUF6K48a91DX9+MxFhBwES
ghDDh+1oVc27c7gxf1GcMQDnVrkGi0UBlXraWW/B0DAvnz40CMVz+WBFYuR6t7s0
V9jPtpULxANJ7DuvVtaB9oUzDGXATm9Vp/7ISG5FjZfgiiR7BBiI6R+4ar8lkT5f
ZUGXKD2++8IgY0O+c27oSTtt5rckQWCJpnrnxdEkWzRW0xFjSRhkBOS586P+aqdt
m6yxhGLHFGEoXqQhZ2RVvrNmOMwDbchl1t5eq3TzKg029fG2iQ88HbTas5LZe/sm
bJvjofOE3g9wk1ycJD4teWixxacXJT7a2jllg4froQxD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:13 2024 by rpki-client on console-ams.rpki-client.org