Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1-KWFAab7oP9y9A6Jm03FCaKCNlE.roa
File: 1-KWFAab7oP9y9A6Jm03FCaKCNlE.roa (raw, json)
Hash identifier: DCZCPWcxyeOz7YD5EcRg3Ha+jFHGi+h/3+Bfdk26bjE=
Subject key identifier: F8:A5:85:01:A6:FB:A0:FF:72:F4:0E:89:9B:4D:C5:09:A2:82:36:51
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E3DCD41527E8E49F176137F22DB9D2EA4
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1-KWFAab7oP9y9A6Jm03FCaKCNlE.roa
Signing time: Thu 14 Mar 2024 16:30:45 +0000
ROA not before: Thu 14 Mar 2024 16:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21267
IP address blocks: 5.159.208.0/21 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Apr 2024 15:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:cd:41:52:7e:8e:49:f1:76:13:7f:22:db:9d:2e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 14 16:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8a58501a6fba0ff72f40e899b4dc509a2823651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d8:f1:1f:88:d5:82:f5:87:65:5a:2d:ef:09:
45:38:8b:a7:d0:39:8b:b7:aa:28:4b:b4:e3:93:32:
f3:1d:be:4a:e3:c1:4a:8d:4d:a3:22:f4:f1:33:6d:
17:c3:35:39:26:4c:34:8f:5f:49:6a:83:41:21:e6:
c3:4e:4a:7e:bf:2e:4d:c9:62:ed:38:a7:29:cf:94:
d7:1b:d7:d8:fc:c6:05:50:38:fd:9a:3e:5d:df:4a:
d0:bb:53:17:ab:ee:d0:82:d3:f2:2e:d4:10:81:02:
f8:ea:7a:52:92:5a:05:06:fc:2d:d1:5c:03:24:73:
2a:e5:de:8a:6b:e9:c9:b3:1b:1e:67:93:fe:08:df:
c9:ac:5d:e2:0c:5c:aa:5a:e1:dd:11:e9:bf:68:d3:
bf:b6:d9:6a:67:63:24:ef:d0:a4:c0:6e:f2:c4:8d:
a4:4f:b2:0d:db:c4:4b:b5:ac:a9:61:ac:9e:bf:6e:
c2:c5:6e:6f:60:41:5f:c5:e8:2c:57:77:88:d9:fa:
bd:64:15:c6:87:07:f0:7d:7f:ed:47:0c:43:71:23:
29:91:39:fa:5f:76:7a:e4:ab:63:33:b5:ee:d4:52:
46:92:98:a2:d1:80:b6:79:c5:35:ac:29:16:2d:20:
65:a4:7f:06:0e:86:51:3b:f8:8c:c3:41:0a:0e:7b:
16:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A5:85:01:A6:FB:A0:FF:72:F4:0E:89:9B:4D:C5:09:A2:82:36:51
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1-KWFAab7oP9y9A6Jm03FCaKCNlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:5c:5b:6c:19:2b:38:66:1f:ed:ab:07:da:96:7d:93:5d:34:
d3:a9:04:3d:06:0f:4b:e7:41:48:c2:7a:0b:46:eb:73:6e:b5:
75:37:14:b4:62:9b:f0:d7:04:d2:d9:27:e3:04:0f:d0:07:27:
74:10:c0:a8:f7:cf:0b:4c:c8:c7:e3:b4:30:7f:c2:85:ff:b2:
97:80:27:a6:37:a6:b9:79:09:d9:b7:bf:2a:29:6d:93:95:81:
89:4c:1b:59:40:6a:c3:1f:a9:f3:68:57:0e:e0:43:a5:da:4e:
bd:c0:95:a9:50:85:2b:07:d3:05:ab:4e:d9:0a:4f:e8:8d:d0:
2b:67:63:93:92:4e:91:7e:de:f6:01:ed:2d:2b:52:d2:f7:75:
93:79:b1:0c:17:18:3a:ba:ef:e6:77:be:a2:10:b7:0d:29:e7:
4d:22:04:45:89:0e:24:5c:92:7f:68:27:b6:25:0b:8a:d9:c1:
d4:19:0a:1d:9e:6d:b2:1c:91:fb:ad:0b:16:a4:94:05:a1:25:
d6:0d:10:d8:ae:c5:f6:c7:85:2d:4b:b5:21:ff:3b:6f:21:67:
4f:88:86:4f:76:51:c5:01:fe:b7:05:de:b0:05:85:f6:3b:e6:
0e:67:b0:2f:9a:c2:90:6f:2d:ea:5c:da:bb:3f:68:85:0b:c8:
94:7a:c7:6b
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAY49zUFSfo5J8XYTfyLbnS6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzE0MTYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGE1ODUwMWE2ZmJhMGZmNzJmNDBlODk5YjRkYzUwOWEyODIzNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNjxH4jVgvWHZVot7wlFOIun0DmL
t6ooS7TjkzLzHb5K48FKjU2jIvTxM20XwzU5Jkw0j19JaoNBIebDTkp+vy5NyWLt
OKcpz5TXG9fY/MYFUDj9mj5d30rQu1MXq+7QgtPyLtQQgQL46npSkloFBvwt0VwD
JHMq5d6Ka+nJsxseZ5P+CN/JrF3iDFyqWuHdEem/aNO/ttlqZ2Mk79CkwG7yxI2k
T7IN28RLtaypYayev27CxW5vYEFfxegsV3eI2fq9ZBXGhwfwfX/tRwxDcSMpkTn6
X3Z65KtjM7Xu1FJGkpii0YC2ecU1rCkWLSBlpH8GDoZRO/iMw0EKDnsWKwIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFPilhQGm+6D/cvQOiZtNxQmigjZRMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvMS1LV0ZBYWI3b1A5eTlBNkptMDNGQ2FLQ05sRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjEvZTg0MzQwLTEyOGEtNDQ5Ny05NDZmLTA5Nzg3ZjE1MmFk
ZS8xL1p0OTNRb2tCYzVKNU5TQnFLTy1fU0JJLWVIdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBywYIKwYBBQUHAQcBAf8EgbswgbgwgZ8EAgABMIGYAwQD
BZ/QAwQDH8BgAwQCLQhkAwQCLYRsAwQEUErwAwQFVV9gAwQDXCp4AwQDX4FAAwQD
sDoAAwQCuU+4AwQCuV7MAwQCuWNMAwQCuZFYAwQCubLYAwQCuczUAwQDvF4QAwQA
wRgDAwQAwRgGAwQAwRgNAwQAwRgfAwQFwxogAwQBw1gIMAwDBALUC0QDBALUC0gD
BATZkYAwFAQCAAIwDgMFACoA8cADBQMqBOnAMA0GCSqGSIb3DQEBCwUAA4IBAQCb
XFtsGSs4Zh/tqwfaln2TXTTTqQQ9Bg9L50FIwnoLRutzbrV1NxS0Ypvw1wTS2Sfj
BA/QByd0EMCo988LTMjH47Qwf8KF/7KXgCemN6a5eQnZt78qKW2TlYGJTBtZQGrD
H6nzaFcO4EOl2k69wJWpUIUrB9MFq07ZCk/ojdArZ2OTkk6Rft72Ae0tK1LS93WT
ebEMFxg6uu/md76iELcNKedNIgRFiQ4kXJJ/aCe2JQuK2cHUGQodnm2yHJH7rQsW
pJQFoSXWDRDYrsX2x4UtS7Uh/ztvIWdPiIZPdlHFAf63Bd6wBYX2O+YOZ7AvmsKQ
by3qXNq7P2iFC8iUesdr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org