Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KR76lmugiMD00wIX1UeqlNFrGDc.roa
File: KR76lmugiMD00wIX1UeqlNFrGDc.roa (raw, json)
Hash identifier: l5va7HmncCxQ65gObik1cGEQJfPZ+G9PjtDQgrjeA1E=
Subject key identifier: 29:1E:FA:96:6B:A0:88:C0:F4:D3:02:17:D5:47:AA:94:D1:6B:18:37
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0190502621CE4945F4914328C84BA73AD658
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KR76lmugiMD00wIX1UeqlNFrGDc.roa
Signing time: Tue 25 Jun 2024 16:06:34 +0000
ROA not before: Tue 25 Jun 2024 16:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.76.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 30 Jun 2024 13:38:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:50:26:21:ce:49:45:f4:91:43:28:c8:4b:a7:3a:d6:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 25 16:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=291efa966ba088c0f4d30217d547aa94d16b1837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:21:1d:61:29:c9:bf:56:2a:5c:06:bf:2a:87:
5b:5b:29:66:7b:c1:ab:89:a1:4a:a5:69:71:03:58:
21:f7:19:41:be:f0:e4:76:8d:72:85:3f:90:20:fa:
8c:77:c0:63:d6:57:ae:54:6f:11:bd:21:3e:ca:24:
ff:d8:44:bd:50:bd:72:b9:5e:55:67:ce:a4:ac:0d:
b7:fd:10:3a:13:59:4a:6b:c7:98:be:aa:b2:95:73:
39:95:76:12:76:a9:2c:cf:a2:40:2a:12:f4:47:06:
31:e9:89:a0:a0:e8:ec:e7:e2:1d:de:3f:dc:9c:3d:
fe:d9:69:ed:85:be:e4:c9:45:d3:6e:c8:8c:03:2f:
80:fd:04:f6:d3:db:95:f0:58:e7:7a:d1:da:44:b4:
9f:b8:b9:b4:5e:a7:31:b9:27:b1:0e:7b:00:93:e9:
25:6b:6c:2d:c0:24:d5:19:56:93:ff:6c:6d:62:ea:
1e:e1:9b:ba:93:99:31:fa:89:0d:56:35:9e:cc:b4:
33:d0:a7:c4:25:75:10:f2:7e:eb:ed:d5:55:94:36:
f6:95:77:71:cd:80:24:ac:5c:9a:3c:86:e8:9a:37:
57:ae:01:67:10:0a:d9:ba:76:44:25:3a:a4:4b:7c:
f9:bf:1b:1e:3b:1a:fe:8f:b1:f3:cc:30:cf:f9:d2:
8b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1E:FA:96:6B:A0:88:C0:F4:D3:02:17:D5:47:AA:94:D1:6B:18:37
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KR76lmugiMD00wIX1UeqlNFrGDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.169.0/24
195.58.39.0/24
195.133.25.0/24
195.133.50.0/23
195.133.76.0/24
195.133.92.0/23
212.192.1.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
82:35:59:d4:2d:e0:47:a9:b5:ca:9b:50:0b:4d:2e:fa:2a:8d:
9f:7b:a9:19:68:ca:c0:ca:c0:43:a5:98:47:77:c7:4e:55:c1:
61:d9:e6:1d:ba:46:6d:ed:43:ee:98:f3:04:44:89:9c:4c:ba:
72:ee:63:9f:e5:b9:41:e9:1f:33:57:26:80:a9:d9:f2:d1:8d:
2a:c4:1c:2a:6b:01:a3:29:ef:37:2f:21:53:6f:2b:b7:9f:4a:
f3:05:41:f2:e5:46:23:f9:10:ad:34:d9:8d:61:0c:1d:0e:0f:
7d:8f:b1:17:18:61:c9:75:b9:dd:76:2f:c7:6c:96:ff:e6:af:
46:ce:47:51:92:66:d9:35:d2:1e:d2:59:9b:d6:0f:1a:86:13:
2a:ff:d3:29:13:24:90:44:85:59:8c:a1:45:98:61:49:42:09:
1a:3c:60:94:36:a2:b8:14:37:72:d6:8e:41:9b:d0:d8:a9:2d:
fd:72:e2:33:6b:52:77:40:68:b0:d2:c6:52:a6:5b:87:f2:76:
f1:c2:24:64:f3:78:c9:b1:39:52:b7:91:82:63:2b:b4:26:b0:
ef:90:5d:5d:6a:32:9d:c1:55:2d:0d:18:1d:86:61:00:47:e5:
22:32:e5:59:9f:8d:3e:5e:63:ba:4f:25:e9:ac:5f:8b:85:b9:
e6:25:d9:68
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZBQJiHOSUX0kUMoyEunOtZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjI1MTYwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTFlZmE5NjZiYTA4OGMwZjRkMzAyMTdkNTQ3YWE5NGQxNmIxODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriEdYSnJv1YqXAa/KodbWylme8Gr
iaFKpWlxA1gh9xlBvvDkdo1yhT+QIPqMd8Bj1leuVG8RvSE+yiT/2ES9UL1yuV5V
Z86krA23/RA6E1lKa8eYvqqylXM5lXYSdqksz6JAKhL0RwYx6YmgoOjs5+Id3j/c
nD3+2Wnthb7kyUXTbsiMAy+A/QT209uV8FjnetHaRLSfuLm0XqcxuSexDnsAk+kl
a2wtwCTVGVaT/2xtYuoe4Zu6k5kx+okNVjWezLQz0KfEJXUQ8n7r7dVVlDb2lXdx
zYAkrFyaPIbomjdXrgFnEArZunZEJTqkS3z5vxseOxr+j7HzzDDP+dKLYQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCke+pZroIjA9NMCF9VHqpTRaxg3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS1I3NmxtdWdpTUQwMHdJWDFVZXFsTkZyR0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQBwjo4AwQA
wlepAwQAwzonAwQAw4UZAwQBw4UyAwQAw4VMAwQBw4VcAwQA1MABMBQEAgACMA4D
BQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAgjVZ1C3gR6m1yptQC00u
+iqNn3upGWjKwMrAQ6WYR3fHTlXBYdnmHbpGbe1D7pjzBESJnEy6cu5jn+W5Qekf
M1cmgKnZ8tGNKsQcKmsBoynvNy8hU28rt59K8wVB8uVGI/kQrTTZjWEMHQ4PfY+x
FxhhyXW53XYvx2yW/+avRs5HUZJm2TXSHtJZm9YPGoYTKv/TKRMkkESFWYyhRZhh
SUIJGjxglDaiuBQ3ctaOQZvQ2Kkt/XLiM2tSd0BosNLGUqZbh/J28cIkZPN4ybE5
UreRgmMrtCaw75BdXWoyncFVLQ0YHYZhAEflIjLlWZ+NPl5juk8l6axfi4W55iXZ
aA==
-----END CERTIFICATE-----
Generated at Sun Jun 30 17:34:08 2024 by rpki-client on console-fra.rpki-client.org