Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/1KdbD1EVNHlQ0TBofVPXmVjtBL0.roa
File: 1KdbD1EVNHlQ0TBofVPXmVjtBL0.roa (raw, json)
Hash identifier: MsNJkr8D5NbfrabV/Z5lcnhr38EVUdeN8vFjzLdC8/8=
Subject key identifier: D4:A7:5B:0F:51:15:34:79:50:D1:30:68:7D:53:D7:99:58:ED:04:BD
Certificate issuer: /CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Certificate serial: 018D6821B677685B53462BB6E0E2FA5AA48F
Authority key identifier: FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/1KdbD1EVNHlQ0TBofVPXmVjtBL0.roa
Signing time: Fri 02 Feb 2024 04:44:16 +0000
ROA not before: Fri 02 Feb 2024 04:44:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16010
IP address blocks: 5.178.128.0/17 maxlen: 24
46.49.0.0/17 maxlen: 18
62.168.160.0/19 maxlen: 19
77.74.40.0/21 maxlen: 21
80.241.240.0/22 maxlen: 22
80.241.248.0/22 maxlen: 22
80.241.253.0/24 maxlen: 24
80.241.254.0/23 maxlen: 23
82.211.128.0/18 maxlen: 19
85.114.224.0/19 maxlen: 19
89.232.32.0/19 maxlen: 19
93.177.128.0/18 maxlen: 19
94.137.160.0/19 maxlen: 19
94.240.192.0/18 maxlen: 19
95.104.0.0/17 maxlen: 18
109.172.128.0/17 maxlen: 18
134.19.224.0/19 maxlen: 19
185.115.4.0/22 maxlen: 22
185.115.4.0/24 maxlen: 24
188.121.192.0/19 maxlen: 19
188.129.128.0/17 maxlen: 18
212.58.96.0/19 maxlen: 24
212.72.128.0/23 maxlen: 23
212.72.131.0/24 maxlen: 24
212.72.132.0/22 maxlen: 22
212.72.136.0/21 maxlen: 21
212.72.144.0/21 maxlen: 21
212.72.152.0/23 maxlen: 23
212.72.154.0/24 maxlen: 24
212.72.156.0/22 maxlen: 22
213.157.192.0/19 maxlen: 24
213.200.0.0/19 maxlen: 19
2a0b:6200::/29 maxlen: 64
Validation: Failed, certificate revoked on Fri 02 Feb 2024 04:45:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:21:b6:77:68:5b:53:46:2b:b6:e0:e2:fa:5a:a4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Validity
Not Before: Feb 2 04:44:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4a75b0f5115347950d130687d53d79958ed04bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:77:8a:db:60:d1:e1:c2:ba:58:7c:1d:04:09:
84:b3:84:7e:e2:64:20:ad:94:be:51:68:90:7d:79:
f9:c3:eb:8e:87:5e:d4:73:d4:cc:ed:88:f6:bb:bb:
06:d9:0f:ea:78:84:9e:82:23:22:bb:a2:7c:f5:8c:
77:3d:ad:ce:e0:09:76:db:75:1c:a5:2f:fa:56:ce:
6f:89:f0:ab:a7:9c:f1:67:e0:ca:d5:db:9b:d8:b6:
0a:c4:29:b2:c6:d3:7d:b1:4f:5d:35:97:d7:d9:db:
cc:1e:ea:77:8c:f0:7f:63:fe:60:aa:d3:4c:a8:7d:
ce:a3:88:f9:8e:92:15:85:94:31:0f:02:0e:60:b4:
24:3a:42:d1:57:fc:97:f2:a8:3b:53:df:48:f9:7e:
f6:6d:aa:27:5f:68:b4:65:e2:53:f7:bc:a5:86:e4:
4f:8b:1e:85:09:5e:2f:1a:de:85:a1:53:94:2d:d3:
14:4e:5e:fe:a3:25:35:b2:b3:6f:a5:d9:5a:04:df:
d2:32:3e:9d:87:f5:a8:d3:6a:4c:3d:bc:c5:54:34:
ab:0e:7e:81:db:d9:47:f7:39:e1:4a:ed:4e:0e:c5:
ee:9e:36:f6:a6:60:ff:2a:b1:16:23:7e:1a:20:49:
b8:c7:b2:8f:c8:4a:91:29:b1:66:27:3a:2b:94:67:
65:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A7:5B:0F:51:15:34:79:50:D1:30:68:7D:53:D7:99:58:ED:04:BD
X509v3 Authority Key Identifier:
keyid:FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/1KdbD1EVNHlQ0TBofVPXmVjtBL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.128.0/17
46.49.0.0/17
62.168.160.0/19
77.74.40.0/21
80.241.240.0/22
80.241.248.0/22
80.241.253.0-80.241.255.255
82.211.128.0/18
85.114.224.0/19
89.232.32.0/19
93.177.128.0/18
94.137.160.0/19
94.240.192.0/18
95.104.0.0/17
109.172.128.0/17
134.19.224.0/19
185.115.4.0/22
188.121.192.0/19
188.129.128.0/17
212.58.96.0/19
212.72.128.0/23
212.72.131.0-212.72.154.255
212.72.156.0/22
213.157.192.0/19
213.200.0.0/19
IPv6:
2a0b:6200::/29
Signature Algorithm: sha256WithRSAEncryption
82:af:65:cf:dd:63:db:a1:12:0c:c5:1e:a4:1a:8d:b9:29:1d:
74:5b:48:e8:70:30:f2:80:45:07:d8:2d:11:43:5f:67:3e:55:
81:b7:c6:4e:cf:20:9b:e9:6f:95:fd:31:5d:e6:7d:97:7f:f3:
19:9b:9c:46:ef:3a:5a:af:10:b3:3a:dd:14:02:3f:f1:81:db:
cf:08:89:5e:e6:ac:1d:35:01:53:13:5a:7a:91:a5:ee:30:c2:
c1:a7:18:82:22:35:f8:95:83:0e:12:64:63:32:58:92:4b:dd:
2e:f3:81:23:25:14:14:03:a1:ef:3a:11:2c:de:68:b2:67:ad:
8d:76:ed:63:19:b9:2a:e8:cd:fc:af:d3:cb:20:7c:78:55:6c:
ee:f8:08:9d:7f:a8:0b:f9:f5:06:6b:62:79:22:a9:cf:1a:aa:
86:e1:63:4d:fd:4e:b4:48:5b:e7:1a:64:e6:59:2f:73:49:e6:
d7:73:78:77:ac:92:84:0c:03:6d:05:b5:08:9a:06:39:77:f3:
f3:49:45:fd:78:02:06:bc:cc:eb:ce:5d:71:42:32:11:62:94:
c4:9a:60:57:68:59:30:b3:0e:63:ca:26:97:02:07:5f:fe:82:
20:22:41:93:a0:31:84:13:64:fd:fb:ee:36:ba:19:6f:cf:16:
e3:76:81:9d
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAY1oIbZ3aFtTRiu24OL6WqSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDJiMzYyMDY0MzliYmNlMTViMzYzZjA5ZWVmZjFkNzM4
Y2VjYzcwHhcNMjQwMjAyMDQ0NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE3NWIwZjUxMTUzNDc5NTBkMTMwNjg3ZDUzZDc5OTU4ZWQwNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjneK22DR4cK6WHwdBAmEs4R+4mQg
rZS+UWiQfXn5w+uOh17Uc9TM7Yj2u7sG2Q/qeISegiMiu6J89Yx3Pa3O4Al223Uc
pS/6Vs5vifCrp5zxZ+DK1dub2LYKxCmyxtN9sU9dNZfX2dvMHup3jPB/Y/5gqtNM
qH3Oo4j5jpIVhZQxDwIOYLQkOkLRV/yX8qg7U99I+X72baonX2i0ZeJT97ylhuRP
ix6FCV4vGt6FoVOULdMUTl7+oyU1srNvpdlaBN/SMj6dh/Wo02pMPbzFVDSrDn6B
29lH9znhSu1ODsXunjb2pmD/KrEWI34aIEm4x7KPyEqRKbFmJzorlGdl9wIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFNSnWw9RFTR5UNEwaH1T15lY7QS9MB8GA1UdIwQY
MBaAFP3Ss2IGQ5u84Vs2Pwnu/x1zjOzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQt
YjAxZTAyOTdiMDcwLzEvMUtkYkQxRVZOSGxRMFRCb2ZWUFhtVmp0QkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQtYjAxZTAyOTdiMDcw
LzEvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBrAQCAAEwgaUDBAcF
soADBAcuMQADBAU+qKADBANNSigDBAJQ8fADBAJQ8fgwCwMEAFDx/QMDAVDwAwQG
UtOAAwQFVXLgAwQFWeggAwQGXbGAAwQFXomgAwQGXvDAAwQHX2gAAwQHbayAAwQF
hhPgAwQCuXMEAwQFvHnAAwQHvIGAAwQF1DpgAwQB1EiAMAwDBADUSIMDBADUSJoD
BALUSJwDBAXVncADBAXVyAAwDQQCAAIwBwMFAyoLYgAwDQYJKoZIhvcNAQELBQAD
ggEBAIKvZc/dY9uhEgzFHqQajbkpHXRbSOhwMPKARQfYLRFDX2c+VYG3xk7PIJvp
b5X9MV3mfZd/8xmbnEbvOlqvELM63RQCP/GB288IiV7mrB01AVMTWnqRpe4wwsGn
GIIiNfiVgw4SZGMyWJJL3S7zgSMlFBQDoe86ESzeaLJnrY127WMZuSrozfyv08sg
fHhVbO74CJ1/qAv59QZrYnkiqc8aqobhY039TrRIW+caZOZZL3NJ5tdzeHeskoQM
A20FtQiaBjl38/NJRf14Aga8zOvOXXFCMhFilMSaYFdoWTCzDmPKJpcCB1/+giAi
QZOgMYQTZP377ja6GW/PFuN2gZ0=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:37:37 2025 by rpki-client