Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/kwCHjzXV-E2N7dFefr2zP333gr0.roa
File: kwCHjzXV-E2N7dFefr2zP333gr0.roa (raw, json)
Hash identifier: WvrURveqHM4seQGrJ5FwmWcJhzlGU9hR/6/cxLa6ouY=
Subject key identifier: 93:00:87:8F:35:D5:F8:4D:8D:ED:D1:5E:7E:BD:B3:3F:7D:F7:82:BD
Certificate issuer: /CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Certificate serial: 01856F14ACE7BB630E4264C81919431821D4
Authority key identifier: F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/kwCHjzXV-E2N7dFefr2zP333gr0.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203557
IP address blocks: 84.38.133.0/24 maxlen: 24
185.29.11.0/24 maxlen: 24
84.38.129.0/24 maxlen: 24
2a02:4840:101::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ac:e7:bb:63:0e:42:64:c8:19:19:43:18:21:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9300878f35d5f84d8dedd15e7ebdb33f7df782bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:aa:f0:89:45:3b:07:93:1e:71:ce:58:62:1c:
ca:df:27:ea:b9:49:68:7e:5d:40:6c:47:a0:2b:f8:
84:8c:3a:51:54:91:ae:c7:47:f4:2e:08:dd:af:c2:
e7:02:73:6a:07:6c:a9:78:91:de:f9:1e:99:7b:df:
79:42:97:5f:c6:c1:e7:e4:31:4c:07:0f:3e:c2:c2:
a4:82:c0:3c:1d:2b:f9:c6:9a:4e:c2:d8:26:a6:c9:
83:7a:30:7a:6c:60:a2:bd:ba:f1:f8:d7:12:2f:b8:
ef:68:40:fe:ad:b4:28:92:9a:bb:79:4e:a1:9c:69:
61:93:3d:ee:8e:a6:73:76:1c:13:a0:55:7e:fb:81:
1b:16:2e:05:b6:5c:4d:8d:75:01:84:ce:47:9a:03:
99:52:e7:d3:b9:92:38:c0:33:6b:c6:70:d0:e5:dc:
f8:2f:17:cf:7e:36:d2:2b:d6:48:4b:75:95:30:be:
f4:b4:b8:2f:91:49:90:26:6b:89:0f:a8:d4:bd:36:
7a:28:9f:f3:f2:95:e3:da:5a:16:82:a0:aa:db:72:
fd:6b:49:b3:5b:33:33:56:10:43:62:d1:db:23:f2:
e9:73:03:33:38:2b:54:f4:c6:92:b9:2e:3e:ac:d7:
27:04:71:9c:11:91:e7:5c:b1:43:cb:f8:e5:53:8c:
a4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:00:87:8F:35:D5:F8:4D:8D:ED:D1:5E:7E:BD:B3:3F:7D:F7:82:BD
X509v3 Authority Key Identifier:
keyid:F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/kwCHjzXV-E2N7dFefr2zP333gr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/92Tu0VxStMgRCiIpY9x7fUui0UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.129.0/24
84.38.133.0/24
185.29.11.0/24
IPv6:
2a02:4840:101::/48
Signature Algorithm: sha256WithRSAEncryption
78:c5:c1:8d:b3:e4:bf:68:f2:e6:9c:7a:11:c5:f2:2e:51:28:
b2:84:00:36:6e:e3:74:80:8a:ec:db:2f:cd:36:ae:0b:5e:75:
f8:d6:45:15:12:38:a2:be:d4:a8:f6:ea:66:85:6f:5e:eb:8e:
89:de:8f:69:13:ce:c5:52:2e:0f:4e:6e:11:6d:7b:b7:db:42:
c2:5c:b3:7f:9c:3f:9f:66:94:12:e1:3e:db:e3:c2:3b:dc:13:
ea:f3:7b:04:4f:d7:b4:8c:b5:d2:47:55:c7:41:07:7f:ad:27:
cc:6d:3f:33:15:28:41:cd:6d:b9:2b:88:85:1f:2a:a9:40:49:
7c:be:a6:ca:f9:17:85:ef:f2:7f:68:8c:60:11:83:77:05:fb:
97:1f:0f:d4:6e:33:83:d6:d6:de:32:55:ac:6d:ab:a3:84:fc:
3f:d7:87:d8:e5:5f:4b:29:2a:03:bc:74:63:9d:6d:59:e7:b7:
5e:9c:5b:a3:dd:fb:32:22:1d:a3:a2:0e:3c:fa:bb:46:44:a4:
80:7c:5a:3b:63:5c:9a:6f:77:01:0c:0a:e5:04:0c:3f:36:ee:
a1:13:37:11:29:22:25:7d:98:16:c8:0b:6d:6d:d5:86:de:d7:
42:b1:f0:ae:f1:37:8c:b5:cb:2f:b6:2b:dd:df:9a:f0:5b:4d:
02:10:70:6d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvFKznu2MOQmTIGRlDGCHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NjRlZWQxNWM1MmI0YzgxMTBhMjIyOTYzZGM3YjdkNGJh
MmQxNDYwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAwODc4ZjM1ZDVmODRkOGRlZGQxNWU3ZWJkYjMzZjdkZjc4MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqarwiUU7B5Mecc5YYhzK3yfquUlo
fl1AbEegK/iEjDpRVJGux0f0Lgjdr8LnAnNqB2ypeJHe+R6Ze995QpdfxsHn5DFM
Bw8+wsKkgsA8HSv5xppOwtgmpsmDejB6bGCivbrx+NcSL7jvaED+rbQokpq7eU6h
nGlhkz3ujqZzdhwToFV++4EbFi4FtlxNjXUBhM5HmgOZUufTuZI4wDNrxnDQ5dz4
LxfPfjbSK9ZIS3WVML70tLgvkUmQJmuJD6jUvTZ6KJ/z8pXj2loWgqCq23L9a0mz
WzMzVhBDYtHbI/LpcwMzOCtU9MaSuS4+rNcnBHGcEZHnXLFDy/jlU4ykqwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJMAh4811fhNje3RXn69sz9994K9MB8GA1UdIwQY
MBaAFPdk7tFcUrTIEQoiKWPce31LotFGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTJUdTBWeFN0TWdSQ2lJcFk5eDdmVXVpMFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83NDFmMDYtYzNkMS00ODNiLWI5MDgt
MjhhNDk1M2YwNTMwLzEva3dDSGp6WFYtRTJON2RGZWZyMnpQMzMzZ3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83NDFmMDYtYzNkMS00ODNiLWI5MDgtMjhhNDk1M2YwNTMw
LzEvOTJUdTBWeFN0TWdSQ2lJcFk5eDdmVXVpMFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAVCaBAwQA
VCaFAwQAuR0LMA8EAgACMAkDBwAqAkhAAQEwDQYJKoZIhvcNAQELBQADggEBAHjF
wY2z5L9o8uacehHF8i5RKLKEADZu43SAiuzbL802rgtedfjWRRUSOKK+1Kj26maF
b17rjonej2kTzsVSLg9ObhFte7fbQsJcs3+cP59mlBLhPtvjwjvcE+rzewRP17SM
tdJHVcdBB3+tJ8xtPzMVKEHNbbkriIUfKqlASXy+psr5F4Xv8n9ojGARg3cF+5cf
D9RuM4PW1t4yVaxtq6OE/D/Xh9jlX0spKgO8dGOdbVnnt16cW6Pd+zIiHaOiDjz6
u0ZEpIB8WjtjXJpvdwEMCuUEDD827qETNxEpIiV9mBbIC21t1Ybe10Kx8K7xN4y1
yy+2K93fmvBbTQIQcG0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org