Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kmXVrIAh_ApvN4WXCHaearRPSrA.roa
File: kmXVrIAh_ApvN4WXCHaearRPSrA.roa (raw, json)
Hash identifier: 3uZGqMQB/FoCscVBf+kbJgVk0/dDC0JkaGi9z7Amru0=
Subject key identifier: 92:65:D5:AC:80:21:FC:0A:6F:37:85:97:08:76:9E:6A:B4:4F:4A:B0
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018F19BA08E9B612815AC78FC859AE2EEDB5
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kmXVrIAh_ApvN4WXCHaearRPSrA.roa
Signing time: Fri 26 Apr 2024 09:26:13 +0000
ROA not before: Fri 26 Apr 2024 09:26:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 10:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:ba:08:e9:b6:12:81:5a:c7:8f:c8:59:ae:2e:ed:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 26 09:26:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9265d5ac8021fc0a6f37859708769e6ab44f4ab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:aa:6a:06:b2:17:bf:07:dc:a5:37:75:18:00:
ec:6e:65:27:31:d7:3a:71:06:36:f9:1b:54:0a:7a:
0a:9a:01:8c:a5:43:49:11:55:09:81:ab:f8:24:2f:
c3:b4:3f:ec:84:3c:77:f6:2f:3f:23:a4:bd:33:27:
2f:1f:37:f4:6a:4e:59:30:db:9f:2b:cf:68:33:8b:
81:4a:f1:b3:f0:ed:0d:df:2a:5a:1c:10:26:f7:d4:
2d:ff:ef:67:0b:75:26:00:ef:d5:0a:c4:53:f0:32:
28:b7:55:37:56:c2:7d:f4:4e:b7:b6:9b:88:fd:d3:
c1:43:fb:4c:0e:a2:16:95:81:dd:d9:b2:b1:ad:14:
86:13:d5:08:1b:84:45:34:cd:3f:6d:b4:64:ac:2d:
24:aa:22:32:a5:a9:50:80:d0:65:2b:b2:7b:32:91:
d9:2c:48:ac:0a:f6:6b:b4:2f:88:00:0d:51:5d:66:
08:3a:27:bf:34:5d:2b:91:5b:7f:59:9d:bc:46:15:
bd:6c:2c:d7:6a:25:2d:14:bb:c8:1b:94:96:c5:a7:
e0:dd:c3:60:a7:e4:98:8c:2d:98:41:37:4d:2b:2d:
f1:cb:e5:e2:78:d2:7e:af:25:49:e1:36:de:e9:2d:
c1:ac:2a:b6:3a:9d:25:3e:0c:74:0e:e1:7a:95:3b:
c0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:65:D5:AC:80:21:FC:0A:6F:37:85:97:08:76:9E:6A:B4:4F:4A:B0
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kmXVrIAh_ApvN4WXCHaearRPSrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
193.180.61.0/24
193.183.118.0/24
193.234.68.0/23
193.234.237.0/24
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:ca:05:6a:df:93:00:2b:fa:35:e0:5e:fe:09:5d:3b:f6:8c:
ac:83:af:e8:4c:ba:9d:18:10:8c:14:cf:44:5a:e9:3e:68:64:
2e:6c:ba:1b:80:49:41:49:58:eb:48:71:97:fe:96:79:80:13:
a2:7c:0d:e1:88:58:49:9d:a9:8c:13:6f:a4:fe:15:37:ce:ca:
cb:86:b3:43:aa:67:71:4c:16:7e:bc:d7:e6:df:4b:07:d4:97:
fd:59:67:38:ae:0a:41:55:5c:8e:03:e3:7b:ee:78:96:a2:03:
fc:e8:3b:05:7b:45:47:aa:ca:71:43:d1:8c:98:87:7b:c0:8d:
ab:6f:f9:cc:49:22:a6:b3:30:02:55:a7:af:67:50:6a:a8:c5:
04:26:b1:56:a7:0c:cf:4f:55:30:36:18:bf:04:c4:a3:67:30:
de:58:03:5f:f7:fa:9c:28:f5:76:c4:6f:94:1b:87:24:89:b6:
d2:57:ad:f9:fa:15:0b:e1:47:32:21:97:61:b5:92:26:71:86:
a7:da:aa:66:25:ac:95:ad:b9:0f:85:e8:64:8c:14:7c:56:7e:
e5:cd:ea:01:56:38:65:21:a6:da:8e:3d:b8:83:3b:7d:da:f2:
35:10:85:08:be:72:ad:28:53:a3:dd:5d:33:b9:6b:9c:b1:b5:
e1:a7:3f:a1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY8ZugjpthKBWsePyFmuLu21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNDI2MDkyNjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjY1ZDVhYzgwMjFmYzBhNmYzNzg1OTcwODc2OWU2YWI0NGY0YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKpqBrIXvwfcpTd1GADsbmUnMdc6
cQY2+RtUCnoKmgGMpUNJEVUJgav4JC/DtD/shDx39i8/I6S9MycvHzf0ak5ZMNuf
K89oM4uBSvGz8O0N3ypaHBAm99Qt/+9nC3UmAO/VCsRT8DIot1U3VsJ99E63tpuI
/dPBQ/tMDqIWlYHd2bKxrRSGE9UIG4RFNM0/bbRkrC0kqiIypalQgNBlK7J7MpHZ
LEisCvZrtC+IAA1RXWYIOie/NF0rkVt/WZ28RhW9bCzXaiUtFLvIG5SWxafg3cNg
p+SYjC2YQTdNKy3xy+XieNJ+ryVJ4Tbe6S3BrCq2Op0lPgx0DuF6lTvAmQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFJJl1ayAIfwKbzeFlwh2nmq0T0qwMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEva21YVnJJQWhfQXB2TjRXWENIYWVhclJQU3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAwEee
AwQAwHmsAwQAwHnAAwQAwbQ9AwQAwbd2AwQBwepEAwQAwertAwQAwg6BAwQAwg7U
AwQBwkQ4AwQAwkRjAwQAwkR+AwQBwkTCAwQAwkcbAwQAwkdTAwQBwkeMAwQDwkf4
AwQAwmcyAwQBwoRsAwQBwoSuMA0GCSqGSIb3DQEBCwUAA4IBAQAbygVq35MAK/o1
4F7+CV079oysg6/oTLqdGBCMFM9EWuk+aGQubLobgElBSVjrSHGX/pZ5gBOifA3h
iFhJnamME2+k/hU3zsrLhrNDqmdxTBZ+vNfm30sH1Jf9WWc4rgpBVVyOA+N77niW
ogP86DsFe0VHqspxQ9GMmId7wI2rb/nMSSKmszACVaevZ1BqqMUEJrFWpwzPT1Uw
Nhi/BMSjZzDeWANf9/qcKPV2xG+UG4ckibbSV635+hUL4UcyIZdhtZImcYan2qpm
JayVrbkPhehkjBR8Vn7lzeoBVjhlIabajj24gzt92vI1EIUIvnKtKFOj3V0zuWuc
sbXhpz+h
-----END CERTIFICATE-----
Generated at Thu May 16 14:27:35 2024 by rpki-client on console-ams.rpki-client.org