Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/KLmqCqbc-aTt6uwbmyfDaCTZDgQ.roa
File: KLmqCqbc-aTt6uwbmyfDaCTZDgQ.roa (raw, json)
Hash identifier: T75phuGB7nNtten2v0u8K3GjSxVGpB1WCWohJfnsN0Q=
Subject key identifier: 28:B9:AA:0A:A6:DC:F9:A4:ED:EA:EC:1B:9B:27:C3:68:24:D9:0E:04
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 01942747B48AB2FBDB5F4471999AB19406D3
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/KLmqCqbc-aTt6uwbmyfDaCTZDgQ.roa
Signing time: Thu 02 Jan 2025 13:49:58 +0000
ROA not before: Thu 02 Jan 2025 13:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215597
IP address blocks: 5.181.196.0/24 maxlen: 24
5.181.197.0/24 maxlen: 24
82.199.222.0/23 maxlen: 23
82.199.222.0/24 maxlen: 24
82.199.223.0/24 maxlen: 24
91.213.191.0/24 maxlen: 24
91.217.185.0/24 maxlen: 24
185.95.206.0/23 maxlen: 23
185.95.206.0/24 maxlen: 24
185.95.207.0/24 maxlen: 24
212.95.142.0/24 maxlen: 24
212.95.148.0/24 maxlen: 24
2a12:f680:200::/48 maxlen: 48
2a12:f680:201::/48 maxlen: 48
2a12:f680:600::/48 maxlen: 48
2a12:f680:601::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 12 Jan 2025 12:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b4:8a:b2:fb:db:5f:44:71:99:9a:b1:94:06:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: Jan 2 13:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28b9aa0aa6dcf9a4edeaec1b9b27c36824d90e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:62:81:40:8e:ef:c9:74:20:52:8d:bc:20:2b:
d3:38:6a:f8:40:1a:dd:14:5e:0a:39:71:57:5a:d5:
24:46:81:a9:76:95:79:38:c4:15:c3:60:34:a9:d0:
9f:e1:da:4f:aa:83:b7:7b:57:a8:2a:16:3f:d6:d7:
0b:97:2d:95:53:8f:9b:48:a3:95:76:69:81:6b:73:
29:24:f0:f3:11:b1:29:ad:72:14:e0:d4:60:ca:fd:
6a:0a:84:74:66:3f:e4:f6:81:0d:80:c9:9d:b6:f8:
a6:61:af:40:4a:5c:b0:ca:58:fa:75:5b:73:66:91:
98:39:41:4a:95:51:2f:f2:e5:32:47:94:9e:3e:85:
23:29:03:17:2a:44:08:b0:bb:85:2d:8a:62:d5:e8:
13:5c:08:55:b4:1b:b5:0f:cb:f7:7f:6c:67:3b:ac:
22:66:9d:56:82:be:00:cd:f2:fa:6a:2b:d3:f0:f4:
39:75:ec:5f:89:b6:74:eb:7e:d2:16:c3:ae:17:ba:
6b:f6:1c:bc:e2:06:c2:9f:fa:37:ff:89:aa:68:4b:
63:da:6f:de:f1:b4:8a:e9:bd:29:f1:2b:a4:90:b8:
7e:2d:44:cc:72:98:6f:ab:cc:57:a0:59:6b:a5:0c:
bb:aa:14:de:cb:0e:c9:1c:3e:20:86:7f:58:26:84:
a9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B9:AA:0A:A6:DC:F9:A4:ED:EA:EC:1B:9B:27:C3:68:24:D9:0E:04
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/KLmqCqbc-aTt6uwbmyfDaCTZDgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.196.0/23
82.199.222.0/23
91.213.191.0/24
91.217.185.0/24
185.95.206.0/23
212.95.142.0/24
212.95.148.0/24
IPv6:
2a12:f680:200::/47
2a12:f680:600::/47
Signature Algorithm: sha256WithRSAEncryption
9a:9e:55:7f:d9:a0:0b:13:f2:09:35:46:55:df:4f:b4:28:e2:
34:05:4d:33:74:81:17:9b:08:cc:bc:0d:37:8e:a1:0c:6f:30:
d2:24:44:95:3b:bb:b6:f6:49:08:1f:f9:13:a6:d1:a1:88:83:
66:c3:ab:6b:ab:60:6d:c6:c0:25:45:1e:3e:04:1a:ad:d1:15:
9b:1f:d3:ba:8c:15:f7:21:b1:23:39:63:68:9f:1c:f3:91:8d:
45:b7:14:97:e4:95:ff:9e:6d:e9:5b:da:ae:17:56:a5:f4:96:
c2:25:24:dc:4c:7a:0c:4f:2c:32:eb:a8:6d:1b:33:07:2c:03:
10:f2:b6:ec:b1:bb:71:80:58:3e:cd:3b:57:dd:a7:ad:8d:ab:
31:33:f8:40:e4:6f:38:78:83:35:90:45:1a:fa:45:82:4a:8b:
62:2f:01:cc:b3:33:d2:72:31:41:5a:02:04:ee:a9:c5:dd:ea:
33:03:9d:1a:74:42:18:b6:12:56:d6:a6:27:68:17:63:25:78:
e8:a2:76:2f:6d:10:00:76:a1:c9:93:8c:46:e8:4c:c7:60:d1:
e8:31:50:b5:2e:95:ee:37:50:de:51:27:e9:94:11:cb:41:2f:
df:7d:36:08:a2:08:71:22:bb:24:60:9f:4e:8f:fb:4c:f1:32:
98:ff:40:c2
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQnR7SKsvvbX0RxmZqxlAbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjUwMTAyMTM0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI5YWEwYWE2ZGNmOWE0ZWRlYWVjMWI5YjI3YzM2ODI0ZDkwZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2KBQI7vyXQgUo28ICvTOGr4QBrd
FF4KOXFXWtUkRoGpdpV5OMQVw2A0qdCf4dpPqoO3e1eoKhY/1tcLly2VU4+bSKOV
dmmBa3MpJPDzEbEprXIU4NRgyv1qCoR0Zj/k9oENgMmdtvimYa9ASlywylj6dVtz
ZpGYOUFKlVEv8uUyR5SePoUjKQMXKkQIsLuFLYpi1egTXAhVtBu1D8v3f2xnO6wi
Zp1Wgr4AzfL6aivT8PQ5dexfibZ0637SFsOuF7pr9hy84gbCn/o3/4mqaEtj2m/e
8bSK6b0p8SukkLh+LUTMcphvq8xXoFlrpQy7qhTeyw7JHD4ghn9YJoSpoQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCi5qgqm3Pmk7ersG5snw2gk2Q4EMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvS0xtcUNxYmMtYVR0NnV3Ym15ZkRhQ1RaRGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAwBAIAATAqAwQBBbXEAwQB
UsfeAwQAW9W/AwQAW9m5AwQBuV/OAwQA1F+OAwQA1F+UMBgEAgACMBIDBwEqEvaA
AgADBwEqEvaABgAwDQYJKoZIhvcNAQELBQADggEBAJqeVX/ZoAsT8gk1RlXfT7Qo
4jQFTTN0gRebCMy8DTeOoQxvMNIkRJU7u7b2SQgf+ROm0aGIg2bDq2urYG3GwCVF
Hj4EGq3RFZsf07qMFfchsSM5Y2ifHPORjUW3FJfklf+ebelb2q4XVqX0lsIlJNxM
egxPLDLrqG0bMwcsAxDytuyxu3GAWD7NO1fdp62NqzEz+EDkbzh4gzWQRRr6RYJK
i2IvAcyzM9JyMUFaAgTuqcXd6jMDnRp0Qhi2ElbWpidoF2MleOiidi9tEAB2ocmT
jEboTMdg0egxULUule43UN5RJ+mUEctBL999NgiiCHEiuyRgn06P+0zxMpj/QMI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:27 2025 by rpki-client