Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/KMtO2LoxEcGzLH02Kafuf3vXgA0.roa
File: KMtO2LoxEcGzLH02Kafuf3vXgA0.roa (raw, json)
Hash identifier: KmE9rih8Uk9ODdTTFaQCgIts/2ClUkHWeAopYTtl+r8=
Subject key identifier: 28:CB:4E:D8:BA:31:11:C1:B3:2C:7D:36:29:A7:EE:7F:7B:D7:80:0D
Certificate issuer: /CN=97668547a433343dde9bb36595bc903b4f149604
Certificate serial: 01856F0230D01B5330BF0772F5FC5A232F58
Authority key identifier: 97:66:85:47:A4:33:34:3D:DE:9B:B3:65:95:BC:90:3B:4F:14:96:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/KMtO2LoxEcGzLH02Kafuf3vXgA0.roa
Signing time: Sun 01 Jan 2023 20:24:52 +0000
ROA not before: Sun 01 Jan 2023 20:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3292
IP address blocks: 194.54.68.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:30:d0:1b:53:30:bf:07:72:f5:fc:5a:23:2f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97668547a433343dde9bb36595bc903b4f149604
Validity
Not Before: Jan 1 20:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28cb4ed8ba3111c1b32c7d3629a7ee7f7bd7800d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3a:65:ad:0c:35:7a:a1:a8:64:43:5a:96:04:
7b:2e:a9:a6:12:c6:1e:0f:6e:5d:e9:a2:f4:62:99:
34:4d:5a:96:e3:e0:6b:2e:5a:15:3f:c3:77:84:4c:
c9:7a:b4:71:99:8f:f2:ed:67:ab:e5:83:d7:d3:66:
ad:62:7d:e0:5f:75:4c:cc:86:c8:ed:8c:e0:2a:cd:
1b:1f:43:bc:5a:40:3c:77:f6:3c:4e:60:0f:48:c2:
9c:1b:27:57:df:55:62:56:22:b6:23:08:87:a7:2f:
a6:62:c9:4d:53:7a:bb:63:94:2c:f2:d9:22:80:b8:
f0:80:77:14:13:2e:ee:86:90:fc:42:e8:36:35:ff:
9a:b8:42:a5:d0:d7:2d:98:83:bc:67:02:11:a3:22:
04:71:04:72:38:6e:51:07:6d:d3:54:8d:20:67:77:
0f:10:af:06:a7:b8:1e:e9:0b:65:04:ba:ed:d9:2d:
bc:f9:36:6e:0e:66:ba:56:59:03:eb:f3:d3:15:46:
66:99:76:0b:95:6e:a9:ad:3d:b3:78:1d:65:18:22:
a8:b7:d6:30:a2:1f:de:7a:88:eb:80:33:40:4f:54:
37:cd:16:d7:af:8e:af:92:43:24:f7:2f:79:89:8a:
61:02:d9:0f:f2:70:51:2e:70:48:3d:43:6d:3c:91:
58:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CB:4E:D8:BA:31:11:C1:B3:2C:7D:36:29:A7:EE:7F:7B:D7:80:0D
X509v3 Authority Key Identifier:
keyid:97:66:85:47:A4:33:34:3D:DE:9B:B3:65:95:BC:90:3B:4F:14:96:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/KMtO2LoxEcGzLH02Kafuf3vXgA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.68.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:15:a2:15:26:fa:c0:1c:2c:e1:ab:56:08:d9:0e:7c:03:90:
95:c6:85:4b:6c:79:39:ed:41:ed:e6:53:cb:14:1d:10:de:9c:
ea:2e:96:08:5d:e3:f7:f2:60:19:6f:5a:09:38:62:b8:db:79:
f5:85:55:a3:73:28:44:82:f8:2e:fd:1b:89:aa:6d:ca:b1:23:
9c:7f:2e:b3:d0:fd:4c:71:a9:a1:0a:e2:cf:d7:28:e4:b9:67:
14:7d:cb:f4:96:9d:3a:f3:24:b6:aa:bc:ef:c9:52:43:82:f8:
7e:35:20:f9:cd:71:0e:34:89:90:32:40:e0:93:ad:24:26:26:
1e:5d:ec:16:20:d5:8b:02:98:de:80:06:0d:43:38:e4:a1:e8:
e2:42:a2:c7:e0:d4:39:cf:9a:3f:da:38:ad:fe:1e:4d:ae:8e:
bf:f6:ff:e7:ce:5f:3a:0f:21:5f:bd:02:0d:88:8b:48:2a:f2:
46:96:1f:72:3b:6e:2e:0a:7b:d1:75:40:a2:77:13:1c:97:f8:
01:71:bb:db:97:1e:31:50:61:b5:b3:05:3b:66:5b:5f:e2:ee:
8d:71:ba:91:f3:0f:ea:2e:63:88:b3:dc:98:f0:08:b7:2e:a7:
9e:05:a2:5e:7d:fb:8c:16:fb:0a:1f:8f:fc:e6:ac:1a:3f:1a:
1c:ad:56:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjDQG1Mwvwdy9fxaIy9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NjY4NTQ3YTQzMzM0M2RkZTliYjM2NTk1YmM5MDNiNGYx
NDk2MDQwHhcNMjMwMTAxMjAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNiNGVkOGJhMzExMWMxYjMyYzdkMzYyOWE3ZWU3ZjdiZDc4MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzplrQw1eqGoZENalgR7LqmmEsYe
D25d6aL0Ypk0TVqW4+BrLloVP8N3hEzJerRxmY/y7Wer5YPX02atYn3gX3VMzIbI
7YzgKs0bH0O8WkA8d/Y8TmAPSMKcGydX31ViViK2IwiHpy+mYslNU3q7Y5Qs8tki
gLjwgHcUEy7uhpD8Qug2Nf+auEKl0NctmIO8ZwIRoyIEcQRyOG5RB23TVI0gZ3cP
EK8Gp7ge6QtlBLrt2S28+TZuDma6VlkD6/PTFUZmmXYLlW6prT2zeB1lGCKot9Yw
oh/eeojrgDNAT1Q3zRbXr46vkkMk9y95iYphAtkP8nBRLnBIPUNtPJFY9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjLTti6MRHBsyx9Nimn7n9714ANMB8GA1UdIwQY
MBaAFJdmhUekMzQ93puzZZW8kDtPFJYEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS85NzhjMmUtMWI3Ni00OGIwLWE2MDMt
NjRjMWMyNzljY2MwLzEvS010TzJMb3hFY0d6TEgwMkthZnVmM3ZYZ0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS85NzhjMmUtMWI3Ni00OGIwLWE2MDMtNjRjMWMyNzljY2Mw
LzEvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjZEMA0G
CSqGSIb3DQEBCwUAA4IBAQAeFaIVJvrAHCzhq1YI2Q58A5CVxoVLbHk57UHt5lPL
FB0Q3pzqLpYIXeP38mAZb1oJOGK423n1hVWjcyhEgvgu/RuJqm3KsSOcfy6z0P1M
camhCuLP1yjkuWcUfcv0lp068yS2qrzvyVJDgvh+NSD5zXEONImQMkDgk60kJiYe
XewWINWLApjegAYNQzjkoejiQqLH4NQ5z5o/2jit/h5Nro6/9v/nzl86DyFfvQIN
iItIKvJGlh9yO24uCnvRdUCidxMcl/gBcbvblx4xUGG1swU7Zltf4u6NcbqR8w/q
LmOIs9yY8Ai3LqeeBaJeffuMFvsKH4/85qwaPxocrVbY
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:54 2024 by rpki-client on console.sobornost.net