Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/kJNjg64q6AT60D0PbGACZTytV5Q.roa
File: kJNjg64q6AT60D0PbGACZTytV5Q.roa (raw, json)
Hash identifier: Epbp9I4ra50q46ZdMKFcAyBjyxvkDN1IjJoSS7WNikQ=
Subject key identifier: 90:93:63:83:AE:2A:E8:04:FA:D0:3D:0F:6C:60:02:65:3C:AD:57:94
Certificate issuer: /CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Certificate serial: 0185BA61FCA9D527C19CBE5C578BF14D2C1D
Authority key identifier: F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/kJNjg64q6AT60D0PbGACZTytV5Q.roa
Signing time: Mon 16 Jan 2023 11:41:01 +0000
ROA not before: Mon 16 Jan 2023 11:41:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205051
IP address blocks: 185.231.208.0/22 maxlen: 24
91.205.80.0/22 maxlen: 24
45.142.168.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jan 2023 14:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:61:fc:a9:d5:27:c1:9c:be:5c:57:8b:f1:4d:2c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Validity
Not Before: Jan 16 11:41:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90936383ae2ae804fad03d0f6c6002653cad5794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:60:d6:dc:a7:79:83:1a:6d:aa:14:34:bd:b4:
b9:d4:7a:a0:96:ff:87:f2:a0:06:07:93:60:c0:f1:
2a:af:df:98:e5:7b:c2:85:6e:ec:8e:2e:5e:8b:f3:
67:9e:d5:c9:2e:a3:4f:da:ce:12:8f:41:90:17:84:
46:b8:e6:58:b9:04:78:28:07:39:ab:1e:3b:18:91:
23:85:c5:e3:8c:92:7e:85:f3:46:89:e0:20:01:62:
2c:c6:cd:14:de:df:b8:75:e1:fd:f0:de:48:aa:4c:
d3:31:a5:0e:3c:eb:64:b3:7b:de:84:40:4d:9e:2a:
47:b7:6e:a2:92:8a:a9:e2:ae:c5:7b:94:74:ad:50:
a8:bf:88:d5:ac:71:25:5b:ab:5d:7a:87:94:b3:bd:
19:3a:86:d1:b6:d2:d4:6f:1f:66:35:ee:83:7f:0c:
00:24:f7:7d:f2:ec:1f:33:19:11:b0:5a:ff:79:8d:
19:aa:e8:03:83:0e:da:e8:a5:13:af:7b:68:af:63:
0f:ca:0d:3c:45:10:f7:69:c9:35:51:01:c5:92:4e:
ae:d8:30:e5:ca:c9:f6:8f:12:98:da:9f:ee:a3:6f:
07:57:69:99:6a:ad:f8:52:a0:01:1f:16:27:3b:ca:
a6:e1:05:45:e8:1e:cd:d8:10:a6:2d:4e:ea:d5:5f:
61:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:93:63:83:AE:2A:E8:04:FA:D0:3D:0F:6C:60:02:65:3C:AD:57:94
X509v3 Authority Key Identifier:
keyid:F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/kJNjg64q6AT60D0PbGACZTytV5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.168.0/22
91.205.80.0/22
185.231.208.0/22
Signature Algorithm: sha256WithRSAEncryption
21:a3:25:59:30:a7:e1:d3:ba:8c:d3:4e:68:80:82:36:8f:33:
b2:2e:e5:e1:a9:77:5f:64:5d:da:0f:90:ff:a3:be:f1:c0:70:
8b:8b:5a:03:9b:58:17:e9:77:55:53:b0:83:a8:f9:38:e0:7b:
03:c7:a3:0e:6e:8b:01:67:5b:64:bb:5e:fd:a1:20:cc:da:1b:
38:51:0a:91:9f:ed:c5:1e:9d:21:12:39:2d:93:98:d8:f4:67:
c0:a9:95:90:6b:b4:f6:34:29:bc:74:eb:ff:67:fc:f6:bf:95:
99:67:a9:2f:29:e9:82:b0:5a:6a:e8:42:0b:2f:63:cf:88:24:
ea:1a:64:9a:24:4f:a4:6c:8a:6a:e8:bf:36:d0:8c:ac:ed:9f:
f9:f7:9b:51:6c:72:99:63:b1:d3:e0:bb:b1:6b:1e:4f:58:8b:
91:f4:46:4e:05:89:ab:02:2b:3c:5a:5c:42:ef:e4:d6:4b:74:
b6:4a:af:a0:0a:6a:2b:b8:f2:5b:63:4f:3f:22:ea:29:ec:7e:
95:ce:70:99:55:9e:54:c4:7a:84:9a:a6:8d:5e:68:72:ca:ad:
bc:97:60:8e:e2:dd:b1:35:62:8f:be:36:d5:b5:2d:6a:3f:63:
db:4f:cd:89:73:61:4f:ef:31:6d:8c:32:e2:ef:a7:45:f3:2c:
54:da:da:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYW6Yfyp1SfBnL5cV4vxTSwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NTdjMDIwY2RjMjJiNjhkYTI2YTQ2OWY2ZmZhNmI0NDgz
NzBkMWQwHhcNMjMwMTE2MTE0MTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDkzNjM4M2FlMmFlODA0ZmFkMDNkMGY2YzYwMDI2NTNjYWQ1Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmDW3Kd5gxptqhQ0vbS51Hqglv+H
8qAGB5NgwPEqr9+Y5XvChW7sji5ei/NnntXJLqNP2s4Sj0GQF4RGuOZYuQR4KAc5
qx47GJEjhcXjjJJ+hfNGieAgAWIsxs0U3t+4deH98N5IqkzTMaUOPOtks3vehEBN
nipHt26ikoqp4q7Fe5R0rVCov4jVrHElW6tdeoeUs70ZOobRttLUbx9mNe6DfwwA
JPd98uwfMxkRsFr/eY0ZqugDgw7a6KUTr3tor2MPyg08RRD3ack1UQHFkk6u2DDl
ysn2jxKY2p/uo28HV2mZaq34UqABHxYnO8qm4QVF6B7N2BCmLU7q1V9hBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJCTY4OuKugE+tA9D2xgAmU8rVeUMB8GA1UdIwQY
MBaAFPRXwCDNwito2iakafb/prRINw0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAt
N2JhZmQ0M2U3ODYyLzEva0pOamc2NHE2QVQ2MEQwUGJHQUNaVHl0VjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAtN2JhZmQ0M2U3ODYy
LzEvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY6oAwQC
W81QAwQCuefQMA0GCSqGSIb3DQEBCwUAA4IBAQAhoyVZMKfh07qM005ogII2jzOy
LuXhqXdfZF3aD5D/o77xwHCLi1oDm1gX6XdVU7CDqPk44HsDx6MObosBZ1tku179
oSDM2hs4UQqRn+3FHp0hEjktk5jY9GfAqZWQa7T2NCm8dOv/Z/z2v5WZZ6kvKemC
sFpq6EILL2PPiCTqGmSaJE+kbIpq6L820Iys7Z/595tRbHKZY7HT4Luxax5PWIuR
9EZOBYmrAis8WlxC7+TWS3S2Sq+gCmoruPJbY08/Iuop7H6VznCZVZ5UxHqEmqaN
Xmhyyq28l2CO4t2xNWKPvjbVtS1qP2PbT82Jc2FP7zFtjDLi76dF8yxU2toj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org