Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KaKcyBX07Jt0vwugqJmAcA8kx_I.roa
File: KaKcyBX07Jt0vwugqJmAcA8kx_I.roa (raw, json)
Hash identifier: 1xcnB54XA2LHyMs6nm3f3Fii/cfzT625EwnygdL0j6c=
Subject key identifier: 29:A2:9C:C8:15:F4:EC:9B:74:BF:0B:A0:A8:99:80:70:0F:24:C7:F2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D319A98E2A988FB3D2AA290BA52AF8D7D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KaKcyBX07Jt0vwugqJmAcA8kx_I.roa
Signing time: Mon 22 Jan 2024 14:37:11 +0000
ROA not before: Mon 22 Jan 2024 14:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:25:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:9a:98:e2:a9:88:fb:3d:2a:a2:90:ba:52:af:8d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 22 14:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a29cc815f4ec9b74bf0ba0a89980700f24c7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:48:36:d3:5f:c7:86:d5:10:d0:0d:53:98:ad:
72:2d:fa:65:f2:be:5a:e0:c6:50:5a:e2:e7:38:9c:
79:35:4f:18:33:34:9b:e9:31:c9:aa:99:1b:af:64:
23:21:01:c0:03:d1:3f:5a:f3:3f:3a:fc:82:d9:7f:
2a:69:3f:59:4f:f0:75:0a:9d:4f:07:f8:eb:54:85:
01:87:ba:39:d4:b3:87:d6:dc:32:09:86:a1:61:8e:
a1:8e:4e:69:76:00:f5:4b:f6:ae:11:ba:98:1b:81:
c2:bd:5c:05:ab:c1:63:0b:72:fd:25:35:3a:60:80:
85:a6:bf:52:d1:40:93:bf:8f:d0:b8:e8:7b:d5:c7:
f5:84:5b:0e:35:08:0d:fe:5c:e9:16:cf:76:36:a6:
2b:50:17:be:38:f9:6d:7a:36:2b:31:37:07:90:4e:
0c:c8:bb:e3:83:9f:28:ee:f6:6b:02:48:a1:e6:55:
44:13:3c:cb:77:90:1a:d7:c8:98:4c:39:c7:8f:4e:
f0:0f:1c:ea:1f:6e:da:a5:1e:33:d4:66:06:9a:73:
9f:ac:75:a5:00:c5:93:d6:b3:86:8e:24:83:b3:04:
c4:7a:bb:50:a7:65:76:10:3d:f4:de:d9:4e:dd:ab:
f8:88:8c:0f:d7:9e:2b:af:83:04:c3:00:b7:61:54:
bd:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A2:9C:C8:15:F4:EC:9B:74:BF:0B:A0:A8:99:80:70:0F:24:C7:F2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KaKcyBX07Jt0vwugqJmAcA8kx_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.5.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.18.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c6:f0:00:19:2c:75:1d:38:a1:6b:01:2a:a5:8a:2b:46:3b:
8f:91:f5:99:bb:a2:03:2f:00:0d:2e:82:47:5d:25:6b:8b:5e:
b1:1e:5b:ea:15:03:67:59:b7:49:bc:c6:cb:ea:56:d0:e1:68:
10:3b:f2:79:84:70:b8:19:35:a5:f3:36:f1:e7:d8:d1:ce:26:
81:44:28:b7:34:a9:74:f9:a1:68:39:c9:8b:03:af:2f:09:fb:
d7:12:b6:95:cf:74:2e:e3:0f:c1:a0:a3:17:2f:97:01:7c:0f:
d9:27:75:d1:81:f1:b5:13:39:05:62:43:82:34:90:dd:b1:62:
04:dc:6e:32:18:7d:54:c8:07:e6:61:27:06:8f:1e:e0:e0:49:
ac:9c:65:d3:74:0a:4c:91:7b:ba:20:c1:92:41:9f:d8:69:c2:
e6:ba:4b:b9:07:c9:1d:29:f9:31:67:67:2f:71:26:08:ef:82:
60:86:24:30:50:e5:13:34:2f:6e:17:f6:cc:c3:b0:06:5b:cb:
40:9c:94:10:28:3b:49:54:9a:5c:af:fb:0c:69:fe:c0:9e:19:
93:13:c4:c9:a0:29:e2:b1:6e:64:34:fd:bb:da:1a:90:23:fb:
52:39:17:d0:93:f2:5c:6b:3d:ff:e1:3a:ba:b1:ca:c9:e2:27:
c5:af:c2:ca
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAY0xmpjiqYj7PSqikLpSr419MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIyMTQzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWEyOWNjODE1ZjRlYzliNzRiZjBiYTBhODk5ODA3MDBmMjRjN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0g201/HhtUQ0A1TmK1yLfpl8r5a
4MZQWuLnOJx5NU8YMzSb6THJqpkbr2QjIQHAA9E/WvM/OvyC2X8qaT9ZT/B1Cp1P
B/jrVIUBh7o51LOH1twyCYahYY6hjk5pdgD1S/auEbqYG4HCvVwFq8FjC3L9JTU6
YICFpr9S0UCTv4/QuOh71cf1hFsONQgN/lzpFs92NqYrUBe+OPltejYrMTcHkE4M
yLvjg58o7vZrAkih5lVEEzzLd5Aa18iYTDnHj07wDxzqH27apR4z1GYGmnOfrHWl
AMWT1rOGjiSDswTEertQp2V2ED303tlO3av4iIwP154rr4MEwwC3YVS9KwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFCminMgV9OybdL8LoKiZgHAPJMfyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS2FLY3lCWDA3SnQwdnd1Z3FKbUFjQThreF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQAPkzjAwQAuUgKAwQAwHy3AwQAwXwFAwQAwXwvAwQAwXxfAwQAwXzKMAwDBADC
OikDBADCOioDBADCOkIDBADCOpoDBADCVxoDBADCV0wDBADCV1EDBADCV4ADBADC
V5UDBADCV5cDBADCV6oDBADCV6wDBADCV7sDBADCV74DBADCV8kDBADCV9cDBADC
V+ADBADCV+UDBADCV+cDBADChxIDBADChyEDBADDOjYDBADDOjwDBADDOj8DBADD
hQIDBADDhRkDBADDhRsDBADDhUgDBADDhVQDBADDhcADBADUwAEDBADUwNYDBADU
wN4DBADUwQ0DBADUwRkwDQYJKoZIhvcNAQELBQADggEBAJjG8AAZLHUdOKFrASql
iitGO4+R9Zm7ogMvAA0ugkddJWuLXrEeW+oVA2dZt0m8xsvqVtDhaBA78nmEcLgZ
NaXzNvHn2NHOJoFEKLc0qXT5oWg5yYsDry8J+9cStpXPdC7jD8GgoxcvlwF8D9kn
ddGB8bUTOQViQ4I0kN2xYgTcbjIYfVTIB+ZhJwaPHuDgSaycZdN0CkyRe7ogwZJB
n9hpwua6S7kHyR0p+TFnZy9xJgjvgmCGJDBQ5RM0L24X9szDsAZby0CclBAoO0lU
mlyv+wxp/sCeGZMTxMmgKeKxbmQ0/bvaGpAj+1I5F9CT8lxrPf/hOrqxysniJ8Wv
wso=
-----END CERTIFICATE-----
Generated at Tue Jan 23 14:58:07 2024 by rpki-client on console-ams.rpki-client.org