Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/kcZLbZPurXH1vxn6hU8E33bN5os.roa
File: kcZLbZPurXH1vxn6hU8E33bN5os.roa (raw, json)
Hash identifier: 0NkCKPK+ErO/gXHXFqxocVnlC0bSfSuhDy55sxWGzLM=
Subject key identifier: 91:C6:4B:6D:93:EE:AD:71:F5:BF:19:FA:85:4F:04:DF:76:CD:E6:8B
Certificate issuer: /CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Certificate serial: 01860497E180374EBEE515F4FBEB0EAF1D67
Authority key identifier: 29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/kcZLbZPurXH1vxn6hU8E33bN5os.roa
Signing time: Mon 30 Jan 2023 21:31:47 +0000
ROA not before: Mon 30 Jan 2023 21:31:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 195.60.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:04:97:e1:80:37:4e:be:e5:15:f4:fb:eb:0e:af:1d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Validity
Not Before: Jan 30 21:31:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91c64b6d93eead71f5bf19fa854f04df76cde68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:83:ac:67:b6:c4:46:92:84:b7:c9:f2:a8:e1:
9c:0a:d2:92:60:52:06:83:46:fa:c0:ec:4a:69:ff:
68:c8:1d:b2:9f:ad:57:94:b6:fa:f4:fe:94:32:c5:
da:2f:16:c3:0d:99:6c:c6:6f:de:f0:e5:e8:7b:d6:
63:80:e0:cc:8a:f5:c7:d5:a9:cc:54:a0:ef:8e:cf:
51:c1:d6:9c:f3:47:b1:29:c4:0a:37:4d:97:a0:a8:
11:04:07:b6:3c:d9:b8:db:cc:58:e4:d4:50:b1:56:
15:ed:1e:c0:6f:4b:6a:99:cd:9a:36:ff:5c:6f:d8:
7f:d1:aa:0e:4e:9e:e8:95:78:14:4b:47:b4:92:b5:
34:71:52:80:de:b8:b1:07:02:79:75:fe:2c:6a:2e:
e0:e1:b6:03:db:28:01:97:36:9f:f0:0f:94:8a:73:
61:f0:ff:1a:40:a7:b3:ce:ee:69:20:f6:8e:c8:1e:
71:ff:12:96:47:94:35:32:ea:a2:e6:b8:be:8f:f8:
f5:eb:a4:03:4a:9d:ea:dd:19:9d:e3:c8:a6:ab:8d:
d1:ed:87:8f:6e:e9:82:2f:1b:cd:43:22:f9:dd:de:
2d:91:27:be:62:d7:02:fe:af:aa:44:4b:b2:de:e2:
38:ef:a1:23:35:b7:c6:ce:e0:b2:82:a6:2c:73:93:
03:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C6:4B:6D:93:EE:AD:71:F5:BF:19:FA:85:4F:04:DF:76:CD:E6:8B
X509v3 Authority Key Identifier:
keyid:29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/kcZLbZPurXH1vxn6hU8E33bN5os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/KS7c4J8RKrLT_69MsqOOrxwa-S4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.86.0/24
Signature Algorithm: sha256WithRSAEncryption
16:1c:2e:45:01:95:c3:c6:c1:30:2e:9a:13:f3:41:8e:fc:27:
73:74:47:28:3b:5e:7a:39:6f:fc:44:b1:cc:de:a1:41:e3:e9:
31:ec:01:cf:c6:24:50:ea:9b:dd:b6:cf:c5:61:06:a9:b4:b5:
cb:75:55:d7:00:26:53:36:13:7b:98:2a:c5:61:b5:2d:80:6e:
80:01:bf:7c:f1:69:63:cc:ce:25:37:8e:20:03:36:af:22:44:
11:36:f0:e1:20:fd:81:99:0d:c3:59:3d:b8:9d:51:c3:17:60:
d5:94:af:27:79:f4:41:a1:2c:ea:29:0a:29:7d:33:e9:f9:61:
9c:90:73:00:58:7d:a0:37:03:44:d8:0d:e2:69:ee:c8:3b:c7:
12:8c:4e:4f:03:ee:aa:4d:bb:f3:4d:ba:47:a8:2c:e3:5c:d6:
9b:86:41:62:20:bc:80:04:18:57:53:23:8d:45:99:23:38:9b:
e8:73:ca:60:0a:60:da:4a:6c:2f:62:06:fa:0c:d9:62:a0:29:
86:c3:2d:7c:ea:33:58:11:ed:05:f9:5e:38:06:23:58:b9:6a:
f8:8e:3a:9a:5c:00:f4:3d:10:2d:6e:a8:e8:00:62:7e:a6:6d:
9e:f1:02:1c:1f:08:5e:9c:72:2b:40:74:c5:2f:fb:5a:fa:87:
20:7a:52:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYEl+GAN06+5RX0++sOrx1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmVkY2UwOWYxMTJhYjJkM2ZmYWY0Y2IyYTM4ZWFmMWMx
YWY5MmUwHhcNMjMwMTMwMjEzMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM2NGI2ZDkzZWVhZDcxZjViZjE5ZmE4NTRmMDRkZjc2Y2RlNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIOsZ7bERpKEt8nyqOGcCtKSYFIG
g0b6wOxKaf9oyB2yn61XlLb69P6UMsXaLxbDDZlsxm/e8OXoe9ZjgODMivXH1anM
VKDvjs9Rwdac80exKcQKN02XoKgRBAe2PNm428xY5NRQsVYV7R7Ab0tqmc2aNv9c
b9h/0aoOTp7olXgUS0e0krU0cVKA3rixBwJ5df4sai7g4bYD2ygBlzaf8A+UinNh
8P8aQKezzu5pIPaOyB5x/xKWR5Q1Muqi5ri+j/j166QDSp3q3Rmd48imq43R7YeP
bumCLxvNQyL53d4tkSe+YtcC/q+qREuy3uI476EjNbfGzuCygqYsc5MDbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHGS22T7q1x9b8Z+oVPBN92zeaLMB8GA1UdIwQY
MBaAFCku3OCfESqy0/+vTLKjjq8cGvkuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMt
ZGNmZWIzZjEwYzg2LzEva2NaTGJaUHVyWEgxdnhuNmhVOEUzM2JONW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMtZGNmZWIzZjEwYzg2
LzEvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzxWMA0G
CSqGSIb3DQEBCwUAA4IBAQAWHC5FAZXDxsEwLpoT80GO/CdzdEcoO156OW/8RLHM
3qFB4+kx7AHPxiRQ6pvdts/FYQaptLXLdVXXACZTNhN7mCrFYbUtgG6AAb988Wlj
zM4lN44gAzavIkQRNvDhIP2BmQ3DWT24nVHDF2DVlK8nefRBoSzqKQopfTPp+WGc
kHMAWH2gNwNE2A3iae7IO8cSjE5PA+6qTbvzTbpHqCzjXNabhkFiILyABBhXUyON
RZkjOJvoc8pgCmDaSmwvYgb6DNlioCmGwy186jNYEe0F+V44BiNYuWr4jjqaXAD0
PRAtbqjoAGJ+pm2e8QIcHwhenHIrQHTFL/ta+ocgelLT
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:48 2024 by rpki-client on console-fra.rpki-client.org