Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/kgel-AmTJ3xx5Wb_CdmHs1BCyEY.roa
File: kgel-AmTJ3xx5Wb_CdmHs1BCyEY.roa (raw, json)
Hash identifier: 1y3Xh7qOfNtYu/mAmI8ap8An84jV7PTHoCefV3ciyi0=
Subject key identifier: 92:07:A5:F8:09:93:27:7C:71:E5:66:FF:09:D9:87:B3:50:42:C8:46
Certificate issuer: /CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Certificate serial: 01868507A025AA8BDDC63990852E724826A8
Authority key identifier: B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/kgel-AmTJ3xx5Wb_CdmHs1BCyEY.roa
Signing time: Fri 24 Feb 2023 20:05:14 +0000
ROA not before: Fri 24 Feb 2023 20:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20911
IP address blocks: 195.230.29.0/24 maxlen: 24
195.230.28.0/24 maxlen: 24
195.230.31.0/24 maxlen: 24
195.230.28.0/23 maxlen: 23
195.230.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:85:07:a0:25:aa:8b:dd:c6:39:90:85:2e:72:48:26:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Validity
Not Before: Feb 24 20:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9207a5f80993277c71e566ff09d987b35042c846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:be:5e:52:74:bd:80:72:64:09:9d:30:24:62:
b9:97:f8:34:95:11:7b:1e:63:f7:24:32:f8:2c:c4:
37:b2:8a:92:6a:4b:9d:a4:10:92:3a:f7:8e:01:61:
30:dc:4b:21:ce:44:98:8b:a3:cd:17:e6:ff:50:6d:
8e:75:b5:4c:ed:dd:98:40:d0:09:f3:ff:99:d4:e7:
02:73:4d:1e:6d:07:4b:f8:20:c0:da:14:40:e7:12:
6d:35:65:cd:4f:2f:c7:7f:3e:da:fd:6b:51:79:5c:
54:65:51:f5:cc:60:dd:b3:7a:9e:e8:80:d3:7d:0e:
b2:e5:d1:90:fb:d1:d7:94:03:e7:ca:e3:81:eb:f2:
b4:8c:e4:3f:19:4a:2e:d6:3e:c3:8c:cc:65:c3:df:
29:af:e3:d4:74:a6:8a:cd:7b:92:f1:74:20:d7:ef:
d2:c9:16:40:dc:76:47:0d:91:3f:e6:09:5a:b6:33:
ed:3f:78:eb:86:eb:db:5f:f4:97:99:4d:d4:d7:b2:
e1:76:d3:1f:3b:04:75:0d:f9:68:6c:66:4b:33:24:
b8:c7:82:43:e2:0d:9b:5b:86:44:20:18:9d:58:0e:
cb:5b:80:9c:7f:47:68:34:40:c6:c0:80:9b:bb:1b:
56:37:3f:57:01:57:43:4a:cc:a9:ad:74:df:2a:6b:
74:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:07:A5:F8:09:93:27:7C:71:E5:66:FF:09:D9:87:B3:50:42:C8:46
X509v3 Authority Key Identifier:
keyid:B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/kgel-AmTJ3xx5Wb_CdmHs1BCyEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.28.0/22
Signature Algorithm: sha256WithRSAEncryption
51:64:88:60:5e:f1:82:cd:cf:8d:77:04:15:87:04:2b:c9:41:
0b:75:b0:60:7d:a0:ef:ab:c3:38:21:b7:05:e3:ed:0e:bf:ea:
c6:87:7e:3b:c9:a1:59:4d:bd:4c:8a:69:ca:1c:a1:08:6e:79:
bf:61:fd:d7:be:fb:e0:1b:63:80:ab:03:ea:c5:47:03:7d:e8:
76:bb:cc:9d:af:93:e1:78:61:e0:f6:70:09:6b:e7:27:9d:d0:
3c:25:f9:3f:90:e9:c5:fd:86:ec:e5:53:6e:06:af:49:3f:61:
2f:fd:ad:95:86:60:c5:5d:89:60:47:6a:b2:79:fc:83:92:3d:
3a:38:b5:c9:c8:7e:cd:a7:23:e6:d5:3f:54:0f:ea:02:ea:ad:
35:db:cc:c2:8b:42:ff:79:fe:fc:33:ab:db:b2:1c:58:47:46:
39:c8:7a:94:dd:95:14:4f:28:c4:22:8a:ea:a6:d3:09:ba:a4:
5d:ce:29:0f:41:55:6a:d9:35:49:5b:e2:31:c0:87:68:ff:9c:
c9:ba:a9:72:b0:03:2a:6a:f9:83:7d:65:47:36:3b:57:63:13:
ee:ad:de:68:02:43:d4:c2:82:ec:76:ad:c6:cc:15:9e:60:77:
3f:e5:59:3b:2b:80:5d:45:7b:c3:85:bc:2f:9f:52:ba:76:ad:
20:14:e7:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaFB6AlqovdxjmQhS5ySCaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyM2ViODQ5ZTBiNjk0MGU0ZmY1NDdkZTBiNDFiMDAzZjll
MTEwNWMwHhcNMjMwMjI0MjAwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA3YTVmODA5OTMyNzdjNzFlNTY2ZmYwOWQ5ODdiMzUwNDJjODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb5eUnS9gHJkCZ0wJGK5l/g0lRF7
HmP3JDL4LMQ3soqSakudpBCSOveOAWEw3EshzkSYi6PNF+b/UG2OdbVM7d2YQNAJ
8/+Z1OcCc00ebQdL+CDA2hRA5xJtNWXNTy/Hfz7a/WtReVxUZVH1zGDds3qe6IDT
fQ6y5dGQ+9HXlAPnyuOB6/K0jOQ/GUou1j7DjMxlw98pr+PUdKaKzXuS8XQg1+/S
yRZA3HZHDZE/5glatjPtP3jrhuvbX/SXmU3U17LhdtMfOwR1DflobGZLMyS4x4JD
4g2bW4ZEIBidWA7LW4Ccf0doNEDGwICbuxtWNz9XAVdDSsyprXTfKmt06QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIHpfgJkyd8ceVm/wnZh7NQQshGMB8GA1UdIwQY
MBaAFLI+uEngtpQOT/VH3gtBsAP54RBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAt
MTU1ZjQyZGNhYTczLzEva2dlbC1BbVRKM3h4NVdiX0NkbUhzMUJDeUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAtMTU1ZjQyZGNhYTcz
LzEvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+YcMA0G
CSqGSIb3DQEBCwUAA4IBAQBRZIhgXvGCzc+NdwQVhwQryUELdbBgfaDvq8M4IbcF
4+0Ov+rGh347yaFZTb1MimnKHKEIbnm/Yf3XvvvgG2OAqwPqxUcDfeh2u8ydr5Ph
eGHg9nAJa+cnndA8Jfk/kOnF/Ybs5VNuBq9JP2Ev/a2VhmDFXYlgR2qyefyDkj06
OLXJyH7NpyPm1T9UD+oC6q0128zCi0L/ef78M6vbshxYR0Y5yHqU3ZUUTyjEIorq
ptMJuqRdzikPQVVq2TVJW+IxwIdo/5zJuqlysAMqavmDfWVHNjtXYxPurd5oAkPU
woLsdq3GzBWeYHc/5Vk7K4BdRXvDhbwvn1K6dq0gFOep
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:00 2024 by rpki-client on console.sobornost.net