Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/KLwfRGbQZxq-WoxKGjF_vRazhzI.roa
File: KLwfRGbQZxq-WoxKGjF_vRazhzI.roa (raw, json)
Hash identifier: A5fpzi4vC+Z/GViPuCTz3/4C2pZw+yTbcXjzjDJig58=
Subject key identifier: 28:BC:1F:44:66:D0:67:1A:BE:5A:8C:4A:1A:31:7F:BD:16:B3:87:32
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018CC94ADC68F8A731384A030D56E8C658EA
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/KLwfRGbQZxq-WoxKGjF_vRazhzI.roa
Signing time: Tue 02 Jan 2024 08:29:35 +0000
ROA not before: Tue 02 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16243
IP address blocks: 144.43.240.0/21 maxlen: 24
144.43.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:dc:68:f8:a7:31:38:4a:03:0d:56:e8:c6:58:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28bc1f4466d0671abe5a8c4a1a317fbd16b38732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:81:65:27:a8:53:2e:09:56:42:b2:8b:01:c9:
9d:78:b8:08:4a:60:0c:8e:c8:53:7a:a5:24:f3:77:
8d:00:26:8b:cf:56:01:2d:7d:8a:5a:68:33:7b:76:
02:bf:86:aa:08:11:9e:2f:ae:bc:06:04:0d:46:03:
8a:69:ce:64:b4:7c:3d:8b:ee:25:4e:4e:6e:19:f8:
c4:69:b0:4a:0c:54:9c:27:0b:c6:17:c2:30:7c:0f:
00:9e:54:b9:2b:59:07:7e:7e:0c:19:6a:8a:85:17:
51:8d:e3:3e:da:68:88:73:57:56:31:9f:0a:71:a5:
11:64:c7:ad:d2:de:b3:78:7b:18:ac:1b:04:f4:e9:
4e:24:ac:a0:0f:a1:dc:2c:b2:e9:af:fc:7f:3d:41:
87:cf:6b:e2:1a:ec:2c:e8:a1:12:14:30:ec:6e:e3:
a0:f3:a2:3b:91:4e:93:55:ea:f2:da:d1:e8:15:b8:
02:cf:a9:b9:67:66:4f:bd:04:ba:c6:e3:0e:49:a1:
88:6a:4a:e1:41:0c:49:ee:87:67:23:21:e3:c0:e6:
d7:a7:e2:2e:2e:06:68:45:07:ed:66:45:63:ea:4b:
c2:88:f7:a8:15:86:14:29:c8:64:69:2e:ea:c2:67:
a4:47:54:46:8a:25:22:f9:02:8a:19:e5:e5:1c:75:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BC:1F:44:66:D0:67:1A:BE:5A:8C:4A:1A:31:7F:BD:16:B3:87:32
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/KLwfRGbQZxq-WoxKGjF_vRazhzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.240.0/21
144.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
80:2e:d8:bf:8b:b3:17:4c:cb:02:e9:92:ff:fc:2c:cb:c1:eb:
fa:76:3d:cc:26:08:e1:1a:27:ed:07:59:a6:e3:f5:c2:cc:e1:
e0:6d:97:e0:25:6e:6b:c7:13:b9:f3:c3:af:cd:d9:94:be:c0:
80:fb:be:1e:c5:1f:01:80:7e:4b:4f:8d:17:5a:29:3b:63:30:
90:82:5f:ad:9f:d4:8c:7e:36:e8:9b:24:6c:9d:91:bd:d0:7d:
82:41:20:c4:6f:89:64:3d:f9:d3:91:ae:ba:28:39:bb:18:b7:
91:5f:4a:b7:33:8c:bf:aa:f7:f1:d3:c3:e3:0f:66:46:2d:92:
9f:ce:07:88:c0:ec:57:a4:13:65:54:73:d9:4b:d1:ea:52:48:
d4:56:f3:86:dc:1c:79:80:87:e1:e8:1e:d5:b3:9b:9b:eb:c6:
cd:44:83:32:56:e6:45:7d:d2:05:34:4a:c3:f8:0e:cf:d0:fe:
f6:d0:f1:8e:f3:85:9b:9c:6e:f2:40:34:53:16:a2:30:90:db:
9b:f2:08:87:cd:90:eb:69:be:bc:a3:f3:f6:52:4f:19:4c:ae:
c0:c6:e1:d3:93:fd:d2:91:42:23:8e:c2:74:e4:ad:62:3d:18:
e3:f0:2d:85:c0:be:ba:48:67:33:e8:7f:c9:59:a7:9b:c1:fa:
c2:16:69:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJStxo+KcxOEoDDVboxljqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjQwMTAyMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJjMWY0NDY2ZDA2NzFhYmU1YThjNGExYTMxN2ZiZDE2YjM4NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IFlJ6hTLglWQrKLAcmdeLgISmAM
jshTeqUk83eNACaLz1YBLX2KWmgze3YCv4aqCBGeL668BgQNRgOKac5ktHw9i+4l
Tk5uGfjEabBKDFScJwvGF8IwfA8AnlS5K1kHfn4MGWqKhRdRjeM+2miIc1dWMZ8K
caURZMet0t6zeHsYrBsE9OlOJKygD6HcLLLpr/x/PUGHz2viGuws6KESFDDsbuOg
86I7kU6TVery2tHoFbgCz6m5Z2ZPvQS6xuMOSaGIakrhQQxJ7odnIyHjwObXp+Iu
LgZoRQftZkVj6kvCiPeoFYYUKchkaS7qwmekR1RGiiUi+QKKGeXlHHUvGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCi8H0Rm0GcavlqMShoxf70Ws4cyMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvS0x3ZlJHYlFaeHEtV294S0dqRl92UmF6aHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkCvwAwQC
kCv8MA0GCSqGSIb3DQEBCwUAA4IBAQCALti/i7MXTMsC6ZL//CzLwev6dj3MJgjh
GiftB1mm4/XCzOHgbZfgJW5rxxO588OvzdmUvsCA+74exR8BgH5LT40XWik7YzCQ
gl+tn9SMfjbomyRsnZG90H2CQSDEb4lkPfnTka66KDm7GLeRX0q3M4y/qvfx08Pj
D2ZGLZKfzgeIwOxXpBNlVHPZS9HqUkjUVvOG3Bx5gIfh6B7Vs5ub68bNRIMyVuZF
fdIFNErD+A7P0P720PGO84WbnG7yQDRTFqIwkNub8giHzZDrab68o/P2Uk8ZTK7A
xuHTk/3SkUIjjsJ05K1iPRjj8C2FwL66SGcz6H/JWaebwfrCFmlD
-----END CERTIFICATE-----
Generated at Tue Feb 18 06:51:55 2025 by rpki-client