Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/KIicJf6_sAy5YmhrFkoLt9h8N1E.roa
File: KIicJf6_sAy5YmhrFkoLt9h8N1E.roa (raw, json)
Hash identifier: dRJjk6NUphwi8eYxetrLn3IxmV5iLu/VKS67BiI2H5o=
Subject key identifier: 28:88:9C:25:FE:BF:B0:0C:B9:62:68:6B:16:4A:0B:B7:D8:7C:37:51
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018570D547B686932CDEAB5C8322BE9F87C5
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/KIicJf6_sAy5YmhrFkoLt9h8N1E.roa
Signing time: Mon 02 Jan 2023 04:55:03 +0000
ROA not before: Mon 02 Jan 2023 04:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62003
IP address blocks: 144.43.240.0/21 maxlen: 24
144.43.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:47:b6:86:93:2c:de:ab:5c:83:22:be:9f:87:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 04:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28889c25febfb00cb962686b164a0bb7d87c3751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:88:8d:09:ff:34:96:ec:5a:99:7f:19:10:93:
58:34:19:4b:f0:eb:2a:13:c9:94:70:04:cc:29:e0:
88:65:c0:66:8a:79:aa:a0:ff:cd:ef:aa:f6:85:02:
5a:4b:2e:d7:af:bc:1d:43:73:43:ae:c5:5a:a4:2a:
cb:0c:e5:d0:16:eb:5f:d4:1b:24:b4:33:51:cb:1b:
ae:8a:84:c2:56:57:1e:f7:1e:ab:40:93:d4:4e:69:
98:e5:13:0f:29:4a:10:f4:d4:b9:df:61:61:b6:86:
a6:76:5a:a6:72:07:51:fc:28:0f:22:22:54:bc:ba:
93:83:67:d8:30:5e:e4:33:a0:93:15:8a:8f:c7:79:
12:83:20:06:e5:fa:20:96:4f:b2:de:ff:ab:a0:4b:
de:a6:30:f6:45:a5:57:c4:7b:b8:56:f3:34:08:dc:
d9:69:e8:31:57:26:7f:31:3b:8a:01:39:41:62:cd:
4e:b1:74:a5:69:a2:02:55:46:ee:d2:65:d0:8f:67:
31:56:19:84:ee:42:2c:74:56:1d:2e:0b:e4:ee:67:
40:5d:f6:e5:7a:6b:f7:84:8a:91:64:4c:e9:e2:9e:
21:3d:e2:42:8c:a8:e4:f4:b8:02:1a:a2:6e:f6:be:
0c:37:6e:ae:ef:a3:a6:bd:e8:14:4f:8d:df:7b:ef:
12:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:88:9C:25:FE:BF:B0:0C:B9:62:68:6B:16:4A:0B:B7:D8:7C:37:51
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/KIicJf6_sAy5YmhrFkoLt9h8N1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.240.0/21
144.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:2c:66:7b:e8:d2:99:05:92:1f:e5:df:77:84:89:36:44:39:
6d:fc:ff:2c:9c:ab:31:26:85:79:c9:a7:92:4d:a5:d8:a6:7f:
a0:06:c6:00:3d:e0:36:ef:7f:db:fe:8e:34:7a:11:65:0a:bb:
ad:2f:2c:ee:5b:c7:96:82:45:57:4d:d0:50:28:95:4a:42:b0:
e3:53:0d:9d:5a:b2:38:7b:03:38:2d:fd:54:56:c5:26:97:88:
b6:65:41:46:74:52:9f:48:59:1d:35:50:18:77:a1:ca:7e:06:
1d:2a:4e:1d:0d:71:59:d6:aa:5c:6b:d4:64:a2:2a:10:f4:b2:
23:63:7f:90:5a:43:e5:d1:4f:fc:20:12:05:93:0f:38:5b:eb:
83:db:00:ae:5b:19:1f:9f:1a:48:86:c3:62:2c:36:0c:75:f9:
b8:99:2d:98:b7:b9:5f:58:6c:54:7b:dd:e0:60:1c:6f:d7:88:
45:1b:3d:7c:83:65:a4:06:61:21:7c:38:e3:68:6d:3a:2f:3c:
16:3f:5b:74:86:bc:f3:e6:ed:c2:d1:54:b2:33:e5:7f:2e:17:
54:f2:13:0a:6a:50:39:67:c9:1f:2b:94:7c:01:83:15:95:e1:
50:32:41:1f:e7:c2:99:a9:db:6c:35:c4:85:83:66:28:c5:54:
6b:9e:d5:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw1Ue2hpMs3qtcgyK+n4fFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjMwMTAyMDQ1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg4OWMyNWZlYmZiMDBjYjk2MjY4NmIxNjRhMGJiN2Q4N2MzNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIiNCf80luxamX8ZEJNYNBlL8Osq
E8mUcATMKeCIZcBminmqoP/N76r2hQJaSy7Xr7wdQ3NDrsVapCrLDOXQFutf1Bsk
tDNRyxuuioTCVlce9x6rQJPUTmmY5RMPKUoQ9NS532FhtoamdlqmcgdR/CgPIiJU
vLqTg2fYMF7kM6CTFYqPx3kSgyAG5foglk+y3v+roEvepjD2RaVXxHu4VvM0CNzZ
aegxVyZ/MTuKATlBYs1OsXSlaaICVUbu0mXQj2cxVhmE7kIsdFYdLgvk7mdAXfbl
emv3hIqRZEzp4p4hPeJCjKjk9LgCGqJu9r4MN26u76OmvegUT43fe+8SUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCiInCX+v7AMuWJoaxZKC7fYfDdRMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvS0lpY0pmNl9zQXk1WW1ockZrb0x0OWg4TjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkCvwAwQC
kCv8MA0GCSqGSIb3DQEBCwUAA4IBAQCxLGZ76NKZBZIf5d93hIk2RDlt/P8snKsx
JoV5yaeSTaXYpn+gBsYAPeA273/b/o40ehFlCrutLyzuW8eWgkVXTdBQKJVKQrDj
Uw2dWrI4ewM4Lf1UVsUml4i2ZUFGdFKfSFkdNVAYd6HKfgYdKk4dDXFZ1qpca9Rk
oioQ9LIjY3+QWkPl0U/8IBIFkw84W+uD2wCuWxkfnxpIhsNiLDYMdfm4mS2Yt7lf
WGxUe93gYBxv14hFGz18g2WkBmEhfDjjaG06LzwWP1t0hrzz5u3C0VSyM+V/LhdU
8hMKalA5Z8kfK5R8AYMVleFQMkEf58KZqdtsNcSFg2YoxVRrntXl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:02 2024 by rpki-client on console-ams.rpki-client.org