Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xKMAhwoF6O3QkgUIYC7WU1ofKRA.roa
File: xKMAhwoF6O3QkgUIYC7WU1ofKRA.roa (raw, json)
Hash identifier: 6GUpaPqEjBnDlwrxo7ilHxdziTdeXZ6euCmjjl5bEw0=
Subject key identifier: C4:A3:00:87:0A:05:E8:ED:D0:92:05:08:60:2E:D6:53:5A:1F:29:10
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018FE28AF1D5EE5694D0AAB4B66D656979F0
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xKMAhwoF6O3QkgUIYC7WU1ofKRA.roa
Signing time: Tue 04 Jun 2024 09:18:27 +0000
ROA not before: Tue 04 Jun 2024 09:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212552
IP address blocks: 43.225.90.0/24 maxlen: 24
45.146.241.0/24 maxlen: 24
46.249.98.0/23 maxlen: 24
46.249.100.0/22 maxlen: 24
46.249.111.0/24 maxlen: 24
82.115.8.0/24 maxlen: 24
82.115.13.0/24 maxlen: 24
82.115.16.0/24 maxlen: 24
82.115.17.0/24 maxlen: 24
82.115.18.0/24 maxlen: 24
82.115.19.0/24 maxlen: 24
82.115.20.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
89.251.8.0/23 maxlen: 24
103.75.196.0/22 maxlen: 24
185.80.196.0/24 maxlen: 24
185.215.244.0/23 maxlen: 24
193.36.84.0/23 maxlen: 24
202.133.88.0/24 maxlen: 24
202.133.89.0/24 maxlen: 24
202.133.90.0/24 maxlen: 24
202.133.91.0/24 maxlen: 24
212.90.102.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 12:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:8a:f1:d5:ee:56:94:d0:aa:b4:b6:6d:65:69:79:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 4 09:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4a300870a05e8edd0920508602ed6535a1f2910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:db:a0:2e:e9:b5:d8:07:95:95:54:f6:dd:
cd:92:32:21:1b:76:17:99:0f:b6:d4:81:33:f7:4c:
c1:16:6b:85:5c:32:a7:a1:c4:12:66:fc:1f:49:80:
69:a2:17:80:95:36:5b:03:41:56:90:17:02:f4:30:
e6:2e:54:0f:2d:81:b0:e4:4a:28:fb:4a:9d:0d:02:
a8:72:7e:f3:91:31:e9:d1:e6:5c:2e:2e:7d:85:16:
94:3b:6e:13:29:86:17:76:ee:f4:bc:8b:e4:5a:64:
e8:ba:6b:ea:35:3e:d9:80:4b:d0:3b:4f:10:c7:86:
b6:29:fc:4e:06:6e:36:37:01:25:12:d3:15:9b:21:
8b:73:a6:ba:8d:55:d2:2d:70:fb:ee:3d:4c:a7:d2:
33:d6:2b:da:d4:54:91:6b:4e:32:76:32:90:4b:98:
8a:3a:9c:9b:f3:60:ee:22:fe:81:bb:fe:b4:63:9f:
04:62:4f:fe:a7:77:76:be:d6:c4:5b:3c:11:6b:01:
db:ad:6e:72:dc:37:81:e5:16:d4:48:50:cd:4a:04:
53:e4:58:59:9e:8b:df:e7:cf:87:4c:c8:fd:f3:27:
85:ea:45:23:90:4a:4c:38:00:f4:00:82:e4:bb:0d:
e3:bc:5e:84:79:11:6d:14:ca:47:63:02:ed:f8:66:
43:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A3:00:87:0A:05:E8:ED:D0:92:05:08:60:2E:D6:53:5A:1F:29:10
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xKMAhwoF6O3QkgUIYC7WU1ofKRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.225.90.0/24
45.146.241.0/24
46.249.98.0-46.249.103.255
46.249.111.0/24
82.115.8.0/24
82.115.13.0/24
82.115.16.0-82.115.21.255
82.115.24.0/22
89.251.8.0/23
103.75.196.0/22
185.80.196.0/24
185.215.244.0/23
193.36.84.0/23
202.133.88.0/22
212.90.102.0/23
Signature Algorithm: sha256WithRSAEncryption
46:ce:40:f7:b6:01:5c:a1:a3:3f:2b:c8:b8:45:2c:63:3c:0a:
c5:dd:bf:88:ce:e1:94:06:fe:98:5d:23:1d:e5:48:c4:3d:04:
62:a6:23:68:d5:08:a4:0d:76:cd:06:68:45:a4:e1:06:47:63:
df:df:23:e2:f3:2d:fe:71:53:33:30:52:62:5d:14:54:36:d0:
fd:1d:79:61:8e:be:48:d6:51:7b:54:dc:ae:29:91:57:46:3e:
67:51:cd:1d:5d:bc:0f:02:fe:e4:b8:2c:64:38:c9:f6:ef:36:
7e:36:43:df:d2:43:69:f5:81:1c:21:0f:67:10:ad:f1:a1:71:
b1:99:bb:0c:16:80:8a:cf:b1:7a:98:78:cf:75:ed:eb:4a:41:
ca:9e:9d:31:8e:23:c8:f0:de:c8:1a:f9:ae:b0:75:6a:4d:9b:
17:53:70:05:28:ec:9c:3f:d1:c0:84:17:e9:fb:59:0b:7e:1c:
80:2c:ea:a0:c9:02:7d:84:e9:32:2b:cf:ea:d2:63:6b:ef:5e:
66:0b:8c:e4:13:0e:7e:3c:fb:32:35:08:44:10:37:c6:4d:57:
80:9b:a5:e0:87:35:b2:f5:5b:16:03:a0:bc:d2:d6:f8:eb:10:
f7:e5:7c:de:d3:6f:bc:af:8e:87:1d:10:84:b6:4f:d0:87:46:
59:d5:61:e0
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAY/iivHV7laU0Kq0tm1laXnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjA0MDkxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGEzMDA4NzBhMDVlOGVkZDA5MjA1MDg2MDJlZDY1MzVhMWYyOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh7boC7ptdgHlZVU9t3NkjIhG3YX
mQ+21IEz90zBFmuFXDKnocQSZvwfSYBpoheAlTZbA0FWkBcC9DDmLlQPLYGw5Eoo
+0qdDQKocn7zkTHp0eZcLi59hRaUO24TKYYXdu70vIvkWmToumvqNT7ZgEvQO08Q
x4a2KfxOBm42NwElEtMVmyGLc6a6jVXSLXD77j1Mp9Iz1iva1FSRa04ydjKQS5iK
Opyb82DuIv6Bu/60Y58EYk/+p3d2vtbEWzwRawHbrW5y3DeB5RbUSFDNSgRT5FhZ
novf58+HTMj98yeF6kUjkEpMOAD0AILkuw3jvF6EeRFtFMpHYwLt+GZDdwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFMSjAIcKBejt0JIFCGAu1lNaHykQMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveEtNQWh3b0Y2TzNRa2dVSVlDN1dVMW9mS1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEACvhWgME
AC2S8TAMAwQBLvliAwQDLvlgAwQALvlvAwQAUnMIAwQAUnMNMAwDBARScxADBAFS
cxQDBAJScxgDBAFZ+wgDBAJnS8QDBAC5UMQDBAG51/QDBAHBJFQDBALKhVgDBAHU
WmYwDQYJKoZIhvcNAQELBQADggEBAEbOQPe2AVyhoz8ryLhFLGM8CsXdv4jO4ZQG
/phdIx3lSMQ9BGKmI2jVCKQNds0GaEWk4QZHY9/fI+LzLf5xUzMwUmJdFFQ20P0d
eWGOvkjWUXtU3K4pkVdGPmdRzR1dvA8C/uS4LGQ4yfbvNn42Q9/SQ2n1gRwhD2cQ
rfGhcbGZuwwWgIrPsXqYeM917etKQcqenTGOI8jw3sga+a6wdWpNmxdTcAUo7Jw/
0cCEF+n7WQt+HIAs6qDJAn2E6TIrz+rSY2vvXmYLjOQTDn48+zI1CEQQN8ZNV4Cb
peCHNbL1WxYDoLzS1vjrEPflfN7Tb7yvjocdEIS2T9CHRlnVYeA=
-----END CERTIFICATE-----
Generated at Wed Nov 20 15:03:35 2024 by rpki-client on console-fra.rpki-client.org