Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/KhIYh4Io2R9BTcupKFG4psxYOkY.roa
File: KhIYh4Io2R9BTcupKFG4psxYOkY.roa (raw, json)
Hash identifier: XzxLsRPmmfZToZl6Cudz/quTtp7Pqw6W30LKkG68J5U=
Subject key identifier: 2A:12:18:87:82:28:D9:1F:41:4D:CB:A9:28:51:B8:A6:CC:58:3A:46
Certificate issuer: /CN=abf587571c0c698458c385b15d60c7f08c70b6fe
Certificate serial: 01865591773F28ECCC2AC524674D38E17599
Authority key identifier: AB:F5:87:57:1C:0C:69:84:58:C3:85:B1:5D:60:C7:F0:8C:70:B6:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/KhIYh4Io2R9BTcupKFG4psxYOkY.roa
Signing time: Wed 15 Feb 2023 14:54:01 +0000
ROA not before: Wed 15 Feb 2023 14:54:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200984
IP address blocks: 2.58.184.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:91:77:3f:28:ec:cc:2a:c5:24:67:4d:38:e1:75:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abf587571c0c698458c385b15d60c7f08c70b6fe
Validity
Not Before: Feb 15 14:54:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a1218878228d91f414dcba92851b8a6cc583a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:64:df:b8:78:9b:a2:aa:fb:19:2c:65:88:06:
85:a8:45:4c:76:aa:9f:83:d6:28:b0:63:ad:4b:8f:
50:6a:19:07:d7:73:dd:45:49:09:ca:ac:65:6c:fd:
61:3b:e9:83:ff:79:60:40:23:59:20:f6:d4:44:5b:
3f:f9:77:5b:f8:34:ed:6d:28:54:00:53:51:eb:06:
eb:7a:1f:50:ec:91:34:5b:09:a9:3c:7c:a7:b3:67:
04:83:c0:9a:70:d3:f0:d1:6e:cf:09:56:f4:a6:0e:
bc:6c:ab:70:52:44:3a:b8:58:cd:51:f2:5f:35:36:
7f:ae:5f:4f:c3:d4:f2:78:ee:a0:6b:b4:66:57:55:
84:59:03:36:45:78:ad:9d:1b:2c:1f:25:31:26:1f:
21:2e:c5:ac:17:ff:7f:c3:be:2e:72:e4:67:c7:86:
05:dd:7a:e3:9e:e6:b9:61:d2:14:c9:96:99:a5:36:
2d:36:39:d0:56:6e:dc:1e:7d:3d:8f:0c:01:ee:f1:
4e:c1:f6:42:24:6f:68:21:34:9d:56:dc:b7:a2:69:
bb:45:0f:54:55:04:a8:cb:7e:ac:e8:b8:e2:50:01:
5e:ca:55:19:1a:56:9b:5a:a2:0d:65:c7:2b:bd:da:
8c:b3:42:07:12:82:e5:03:1f:03:b5:e7:b3:27:48:
a8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:12:18:87:82:28:D9:1F:41:4D:CB:A9:28:51:B8:A6:CC:58:3A:46
X509v3 Authority Key Identifier:
keyid:AB:F5:87:57:1C:0C:69:84:58:C3:85:B1:5D:60:C7:F0:8C:70:B6:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/KhIYh4Io2R9BTcupKFG4psxYOkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.184.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:5f:d3:ba:0b:e7:a9:9f:46:92:78:8d:80:4a:9d:4c:30:fc:
a0:a5:bd:97:d8:36:c5:dd:79:3a:d6:e5:26:3b:c1:39:88:d4:
ea:47:72:2f:72:3f:73:96:e5:96:8b:c4:ff:75:7a:db:cd:cb:
cd:a6:02:e4:f0:a7:57:cb:1a:f8:75:44:e1:c5:63:fb:ed:63:
ab:cc:ab:ac:f6:6f:2e:56:ba:1b:4a:ac:94:f3:23:58:4d:a2:
69:43:a8:5b:79:d9:93:ba:07:44:a5:41:c6:62:2a:6e:5e:4d:
31:93:87:4c:3b:a9:de:e7:aa:c0:a2:b8:b4:84:6d:ad:b4:bb:
dd:aa:7a:70:ba:0f:1b:4b:0c:8d:49:7d:35:94:b3:0f:87:fc:
3a:50:c6:b4:8d:6f:7f:23:70:e6:9b:91:28:00:f9:f8:33:c8:
ca:ba:78:5b:32:c5:5f:cb:a8:b6:fe:07:f3:ab:2f:2e:b6:52:
74:62:76:22:63:dd:40:bd:a2:81:c6:ee:36:b4:0e:89:59:e8:
e7:df:9f:4f:61:30:02:36:87:4c:78:1f:72:8f:a8:93:df:bf:
9c:5c:98:d5:5d:6f:62:4f:ef:91:09:59:d3:7a:6e:fd:bf:a5:
cd:02:24:a3:90:f1:b9:ca:9d:b7:6d:1b:84:57:19:88:9d:b7:
36:e2:60:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZVkXc/KOzMKsUkZ0044XWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZjU4NzU3MWMwYzY5ODQ1OGMzODViMTVkNjBjN2YwOGM3
MGI2ZmUwHhcNMjMwMjE1MTQ1NDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTEyMTg4NzgyMjhkOTFmNDE0ZGNiYTkyODUxYjhhNmNjNTgzYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2TfuHiboqr7GSxliAaFqEVMdqqf
g9YosGOtS49QahkH13PdRUkJyqxlbP1hO+mD/3lgQCNZIPbURFs/+Xdb+DTtbShU
AFNR6wbreh9Q7JE0WwmpPHyns2cEg8CacNPw0W7PCVb0pg68bKtwUkQ6uFjNUfJf
NTZ/rl9Pw9TyeO6ga7RmV1WEWQM2RXitnRssHyUxJh8hLsWsF/9/w74ucuRnx4YF
3Xrjnua5YdIUyZaZpTYtNjnQVm7cHn09jwwB7vFOwfZCJG9oITSdVty3omm7RQ9U
VQSoy36s6LjiUAFeylUZGlabWqINZccrvdqMs0IHEoLlAx8DteezJ0iodwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoSGIeCKNkfQU3LqShRuKbMWDpGMB8GA1UdIwQY
MBaAFKv1h1ccDGmEWMOFsV1gx/CMcLb+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV9XSFZ4d01hWVJZdzRXeFhXREg4SXh3dHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85ZDhiODItNDdhZS00ZTEyLTlhNGQt
NzgyZmU3MDkyMDEwLzEvS2hJWWg0SW8yUjlCVGN1cEtGRzRwc3hZT2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85ZDhiODItNDdhZS00ZTEyLTlhNGQtNzgyZmU3MDkyMDEw
LzEvcV9XSFZ4d01hWVJZdzRXeFhXREg4SXh3dHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjq4MA0G
CSqGSIb3DQEBCwUAA4IBAQA+X9O6C+epn0aSeI2ASp1MMPygpb2X2DbF3Xk61uUm
O8E5iNTqR3Ivcj9zluWWi8T/dXrbzcvNpgLk8KdXyxr4dUThxWP77WOrzKus9m8u
VrobSqyU8yNYTaJpQ6hbedmTugdEpUHGYipuXk0xk4dMO6ne56rAori0hG2ttLvd
qnpwug8bSwyNSX01lLMPh/w6UMa0jW9/I3Dmm5EoAPn4M8jKunhbMsVfy6i2/gfz
qy8utlJ0YnYiY91AvaKBxu42tA6JWejn359PYTACNodMeB9yj6iT37+cXJjVXW9i
T++RCVnTem79v6XNAiSjkPG5yp23bRuEVxmInbc24mBV
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:01 2024 by rpki-client on console.sobornost.net