Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KNEsDmax7TJ7Z3uejou0f4UMMMU.roa
File: KNEsDmax7TJ7Z3uejou0f4UMMMU.roa (raw, json)
Hash identifier: qHXmOhpBFLsI22aCOg/NckWZRvxZpgdum/YUH7zZ3kw=
Subject key identifier: 28:D1:2C:0E:66:B1:ED:32:7B:67:7B:9E:8E:8B:B4:7F:85:0C:30:C5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01916F72D792F74C5B703C4091A68436171C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KNEsDmax7TJ7Z3uejou0f4UMMMU.roa
Signing time: Tue 20 Aug 2024 11:01:22 +0000
ROA not before: Tue 20 Aug 2024 11:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.9.30.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 26 Aug 2024 13:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:72:d7:92:f7:4c:5b:70:3c:40:91:a6:84:36:17:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 20 11:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28d12c0e66b1ed327b677b9e8e8bb47f850c30c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:08:94:29:7e:80:1d:43:c2:de:bf:76:89:
6e:b2:98:7e:22:78:61:37:3a:50:b6:11:63:a9:df:
e5:7b:ce:96:c8:20:58:40:ed:f1:53:10:fb:8c:e8:
12:03:71:fc:99:47:82:8e:36:e8:36:7a:f0:45:87:
3a:2a:06:cc:bc:9c:68:02:d6:17:2d:7b:d7:e8:3f:
d7:9c:25:c7:96:cc:10:fa:eb:a8:73:97:11:1a:28:
c5:b0:84:93:05:a4:bb:d4:2d:26:fa:5d:f1:46:8d:
c8:9e:c1:43:2e:32:c4:8e:31:f6:14:2d:64:f0:8e:
04:d3:09:07:fa:cb:ce:16:c0:d8:d3:de:38:84:c0:
10:88:ff:5c:88:af:bd:10:93:56:38:a1:e2:df:4d:
d5:c3:6c:f6:5a:c1:d8:94:08:a3:5c:1f:fe:40:9f:
f1:d6:3b:58:14:a8:7f:41:ec:17:92:a1:76:93:c2:
6f:b5:fc:6f:06:72:9d:6f:35:20:6e:61:aa:18:e6:
95:6f:3a:0c:da:47:d1:fc:9e:a7:b5:84:6c:36:7d:
17:46:03:f9:bf:93:b8:ed:f2:63:7d:73:18:9b:9a:
fc:38:a9:c5:1b:69:d7:7b:8d:b1:28:d2:4c:d9:8f:
5a:c0:24:c4:c1:5e:d5:37:0c:6e:86:6b:3f:7d:50:
e8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D1:2C:0E:66:B1:ED:32:7B:67:7B:9E:8E:8B:B4:7F:85:0C:30:C5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KNEsDmax7TJ7Z3uejou0f4UMMMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0-45.9.30.255
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
68:b1:62:92:54:0e:ac:8e:24:b4:90:45:2d:c9:cf:85:74:1b:
37:48:2a:5c:41:df:af:a7:68:94:32:3d:f7:42:b5:cc:37:60:
25:c4:c0:40:f6:2f:06:cd:e7:30:a4:d3:13:3a:03:3c:b7:b6:
1e:26:7e:27:2f:60:f2:36:ca:31:66:87:0b:fe:94:23:fd:37:
be:38:38:cf:fd:62:3d:3d:d1:cf:bd:65:e2:ec:d2:ae:4b:e5:
9c:6d:43:1d:5c:ff:b7:04:09:09:0c:6f:ac:4e:a2:06:8f:a9:
0a:45:9f:bc:de:01:81:1f:13:96:ea:1a:af:18:1a:1b:41:9b:
11:90:bb:a2:45:24:6c:af:83:7f:e3:b7:46:55:e9:79:7e:09:
b4:79:6d:8f:41:9c:c3:31:d9:08:60:a1:54:0e:e8:b6:6a:62:
7e:ec:87:3c:8e:f9:c6:0d:76:b0:13:69:2d:ca:83:36:a2:08:
65:c0:d4:8c:c0:a0:50:5d:26:cf:a8:47:64:e9:0d:7d:40:b2:
95:a3:c4:10:98:61:a7:4f:e0:0b:ca:9e:56:a9:4c:07:1f:ab:
31:c7:5d:ad:bd:f5:7c:5d:5e:38:24:c2:2d:01:91:a7:73:cd:
49:79:04:ae:42:8d:80:f1:8d:34:d8:e8:d4:ca:97:54:f6:cb:
26:05:f3:43
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZFvcteS90xbcDxAkaaENhccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODIwMTEwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQxMmMwZTY2YjFlZDMyN2I2NzdiOWU4ZThiYjQ3Zjg1MGMzMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudEIlCl+gB1Dwt6/dolusph+Inhh
NzpQthFjqd/le86WyCBYQO3xUxD7jOgSA3H8mUeCjjboNnrwRYc6KgbMvJxoAtYX
LXvX6D/XnCXHlswQ+uuoc5cRGijFsISTBaS71C0m+l3xRo3InsFDLjLEjjH2FC1k
8I4E0wkH+svOFsDY0944hMAQiP9ciK+9EJNWOKHi303Vw2z2WsHYlAijXB/+QJ/x
1jtYFKh/QewXkqF2k8JvtfxvBnKdbzUgbmGqGOaVbzoM2kfR/J6ntYRsNn0XRgP5
v5O47fJjfXMYm5r8OKnFG2nXe42xKNJM2Y9awCTEwV7VNwxuhms/fVDouQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFCjRLA5mse0ye2d7no6LtH+FDDDFMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvS05Fc0RtYXg3VEo3WjN1ZWpvdTBmNFVNTU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgaEEAgABMIGaAwQA
AjhtAwQABbVUAwQABbVXMAwDBAAtCR0DBAAtCR4DBAAtUXMDBAAtWIgDBAAtWIoD
BAAtXqsDBAIthLQDBAAtkNQDBAAtlwMDBABNUyUDBACSE30DBAG5K/gDBAC5K/sD
BAG5yD4DBADBHvADBAHBHvIDBADBOSsDBADC8mADBAHC8mIwDAMEAMOxXQMEBcOx
QAMEAsPTvDBTBAIAAjBNAwUAKgFxIAMFAyoHkgADBQAqCQNAAwUAKgnEQAMFACoM
XUADBQMqDKWAAwUDKhDfwAMFACoQ+sADBQMqEQWAAwUAKhEWAAMFACoRKoAwDQYJ
KoZIhvcNAQELBQADggEBAGixYpJUDqyOJLSQRS3Jz4V0GzdIKlxB36+naJQyPfdC
tcw3YCXEwED2LwbN5zCk0xM6Azy3th4mficvYPI2yjFmhwv+lCP9N744OM/9Yj09
0c+9ZeLs0q5L5ZxtQx1c/7cECQkMb6xOogaPqQpFn7zeAYEfE5bqGq8YGhtBmxGQ
u6JFJGyvg3/jt0ZV6Xl+CbR5bY9BnMMx2QhgoVQO6LZqYn7shzyO+cYNdrATaS3K
gzaiCGXA1IzAoFBdJs+oR2TpDX1AspWjxBCYYadP4AvKnlapTAcfqzHHXa299Xxd
Xjgkwi0BkadzzUl5BK5CjYDxjTTY6NTKl1T2yyYF80M=
-----END CERTIFICATE-----
Generated at Mon Aug 26 15:20:52 2024 by rpki-client on console-ams.rpki-client.org