Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/0827e0-3331-40b4-99b2-9a137092cdd0/1/KfAZDVyw0tfmreMEsfNolfTGar4.roa
File: KfAZDVyw0tfmreMEsfNolfTGar4.roa (raw, json)
Hash identifier: hxxbYuMCFiCmTRYkhIL/53FUxbC8K0Ln49LH367L6h4=
Subject key identifier: 29:F0:19:0D:5C:B0:D2:D7:E6:AD:E3:04:B1:F3:68:95:F4:C6:6A:BE
Certificate issuer: /CN=ac5fc6c6aea3f0e4edf7ccb92e6eb2377a7479a5
Certificate serial: 018799ABBC4FEEE5407B56D4F58C01F0EAE6
Authority key identifier: AC:5F:C6:C6:AE:A3:F0:E4:ED:F7:CC:B9:2E:6E:B2:37:7A:74:79:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rF_Gxq6j8OTt98y5Lm6yN3p0eaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/0827e0-3331-40b4-99b2-9a137092cdd0/1/KfAZDVyw0tfmreMEsfNolfTGar4.roa
Signing time: Wed 19 Apr 2023 13:19:41 +0000
ROA not before: Wed 19 Apr 2023 13:19:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202254
IP address blocks: 185.24.83.0/24 maxlen: 24
185.24.82.0/24 maxlen: 24
185.24.81.0/24 maxlen: 24
185.24.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:ab:bc:4f:ee:e5:40:7b:56:d4:f5:8c:01:f0:ea:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac5fc6c6aea3f0e4edf7ccb92e6eb2377a7479a5
Validity
Not Before: Apr 19 13:19:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29f0190d5cb0d2d7e6ade304b1f36895f4c66abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4b:78:c1:69:8c:2d:c1:db:7d:fe:6b:0c:18:
72:a2:9d:60:01:dd:6c:bd:d7:9f:2b:2a:5b:46:82:
aa:10:de:da:01:0c:50:c6:ec:8a:04:f6:cf:4c:44:
31:a0:ac:70:cf:0d:9f:fa:a3:6c:99:c2:ee:31:23:
04:dc:88:cb:5e:a7:25:89:02:f2:11:32:2d:af:85:
65:24:17:15:7e:61:2d:52:43:ae:65:8d:03:3b:79:
f5:ad:c8:31:5f:c6:ef:2e:45:f2:43:a6:69:47:7c:
ea:75:b3:1b:0f:ca:f3:51:54:4f:a2:45:cb:fb:c0:
d3:3d:da:dd:2b:5b:75:83:1d:c2:da:7e:40:d5:06:
fd:3a:92:a8:34:28:e9:08:85:d0:ac:e8:0b:ff:0d:
36:a5:e4:32:44:94:17:09:b8:e1:0c:e3:b5:54:4c:
99:34:6c:fe:62:ea:4c:34:d4:66:03:4e:c5:7b:ef:
7f:0d:d6:dd:c9:83:d1:a2:d3:ec:75:78:e5:1f:71:
0e:3d:da:80:d5:80:7a:4d:43:00:21:81:1c:9b:04:
78:ff:3e:4a:f2:f4:d7:24:ba:4a:fc:7f:56:2e:81:
7a:e1:81:47:cf:44:55:10:21:4d:1c:f5:3b:5f:1f:
1b:1a:72:4f:04:e7:33:ba:6b:51:cf:89:31:45:86:
ce:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F0:19:0D:5C:B0:D2:D7:E6:AD:E3:04:B1:F3:68:95:F4:C6:6A:BE
X509v3 Authority Key Identifier:
keyid:AC:5F:C6:C6:AE:A3:F0:E4:ED:F7:CC:B9:2E:6E:B2:37:7A:74:79:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rF_Gxq6j8OTt98y5Lm6yN3p0eaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0827e0-3331-40b4-99b2-9a137092cdd0/1/KfAZDVyw0tfmreMEsfNolfTGar4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0827e0-3331-40b4-99b2-9a137092cdd0/1/rF_Gxq6j8OTt98y5Lm6yN3p0eaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.80.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:a8:bf:72:e8:fa:08:84:22:86:d8:34:b9:1d:fd:58:75:25:
82:a6:d6:11:53:83:76:c7:1c:c1:bb:8c:2f:47:92:9e:94:51:
3a:a8:ad:15:f7:21:c3:23:37:12:05:ae:c6:4e:43:ac:89:94:
66:87:db:91:32:32:23:c7:07:8a:fa:a4:a5:0b:d2:54:04:0b:
d9:da:0b:52:2d:4c:6d:ce:5f:ea:eb:6f:15:5f:61:2a:d7:df:
2f:1a:4d:eb:1e:bb:d6:1d:2b:a1:9e:0c:2b:20:0e:b7:1e:a1:
26:3e:c5:69:a4:96:33:5f:35:89:99:63:2a:9c:11:c9:5e:42:
51:88:b9:6d:0e:62:d8:ce:2c:85:6e:3f:2a:73:b7:e2:e1:6d:
c6:45:a1:96:44:c7:21:20:63:e3:63:9b:d9:62:d4:4d:3d:7d:
95:d4:dc:16:63:0d:72:81:0d:b2:59:ad:2e:12:dc:df:4f:7c:
c9:0a:03:7f:7a:bf:8c:6b:5c:ae:99:ab:7f:ca:b4:57:45:98:
32:4d:c2:bb:8f:66:1f:ba:af:a0:46:10:7c:0f:e9:c4:1f:17:
b2:b9:b5:27:56:12:36:d8:b4:ca:65:bb:38:9c:82:1e:04:31:
d3:c7:25:4a:7f:31:82:21:a5:26:f9:18:a0:15:9e:09:31:70:
db:b5:a6:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeZq7xP7uVAe1bU9YwB8OrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNWZjNmM2YWVhM2YwZTRlZGY3Y2NiOTJlNmViMjM3N2E3
NDc5YTUwHhcNMjMwNDE5MTMxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYwMTkwZDVjYjBkMmQ3ZTZhZGUzMDRiMWYzNjg5NWY0YzY2YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUt4wWmMLcHbff5rDBhyop1gAd1s
vdefKypbRoKqEN7aAQxQxuyKBPbPTEQxoKxwzw2f+qNsmcLuMSME3IjLXqcliQLy
ETItr4VlJBcVfmEtUkOuZY0DO3n1rcgxX8bvLkXyQ6ZpR3zqdbMbD8rzUVRPokXL
+8DTPdrdK1t1gx3C2n5A1Qb9OpKoNCjpCIXQrOgL/w02peQyRJQXCbjhDOO1VEyZ
NGz+YupMNNRmA07Fe+9/DdbdyYPRotPsdXjlH3EOPdqA1YB6TUMAIYEcmwR4/z5K
8vTXJLpK/H9WLoF64YFHz0RVECFNHPU7Xx8bGnJPBOczumtRz4kxRYbOtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnwGQ1csNLX5q3jBLHzaJX0xmq+MB8GA1UdIwQY
MBaAFKxfxsauo/Dk7ffMuS5usjd6dHmlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckZfR3hxNmo4T1R0OTh5NUxtNnlOM3AwZWFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wODI3ZTAtMzMzMS00MGI0LTk5YjIt
OWExMzcwOTJjZGQwLzEvS2ZBWkRWeXcwdGZtcmVNRXNmTm9sZlRHYXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wODI3ZTAtMzMzMS00MGI0LTk5YjItOWExMzcwOTJjZGQw
LzEvckZfR3hxNmo4T1R0OTh5NUxtNnlOM3AwZWFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRhQMA0G
CSqGSIb3DQEBCwUAA4IBAQA8qL9y6PoIhCKG2DS5Hf1YdSWCptYRU4N2xxzBu4wv
R5KelFE6qK0V9yHDIzcSBa7GTkOsiZRmh9uRMjIjxweK+qSlC9JUBAvZ2gtSLUxt
zl/q628VX2Eq198vGk3rHrvWHSuhngwrIA63HqEmPsVppJYzXzWJmWMqnBHJXkJR
iLltDmLYziyFbj8qc7fi4W3GRaGWRMchIGPjY5vZYtRNPX2V1NwWYw1ygQ2yWa0u
EtzfT3zJCgN/er+Ma1yumat/yrRXRZgyTcK7j2Yfuq+gRhB8D+nEHxeyubUnVhI2
2LTKZbs4nIIeBDHTxyVKfzGCIaUm+RigFZ4JMXDbtaaA
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:50 2024 by rpki-client on console.sobornost.net