Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/KKRdZ-0_xERDK7u-dz12NqU2c6M.roa
File: KKRdZ-0_xERDK7u-dz12NqU2c6M.roa (raw, json)
Hash identifier: GwxCdfXBc/T0lMrooEqMstsB6ekR5Z6DPv2WraaOI7o=
Subject key identifier: 28:A4:5D:67:ED:3F:C4:44:43:2B:BB:BE:77:3D:76:36:A5:36:73:A3
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 018CC6B8BD9E8026873ED3D2BAA0556BA2F1
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/KKRdZ-0_xERDK7u-dz12NqU2c6M.roa
Signing time: Mon 01 Jan 2024 20:30:45 +0000
ROA not before: Mon 01 Jan 2024 20:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49915
IP address blocks: 62.69.150.0/24 maxlen: 24
62.69.148.0/23 maxlen: 24
91.216.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:bd:9e:80:26:87:3e:d3:d2:ba:a0:55:6b:a2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Jan 1 20:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28a45d67ed3fc444432bbbbe773d7636a53673a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8d:15:7b:c9:86:e7:2a:a9:6c:4f:42:f8:d6:
20:f2:11:99:15:bc:a5:4f:38:16:de:88:a3:fe:7c:
f0:e7:8b:0d:8a:9c:a4:86:db:5c:ef:e6:b0:ff:85:
f1:a9:9c:dd:db:95:ac:07:6c:2e:79:8b:12:ab:a9:
dd:87:d3:6e:7b:89:4a:d3:ea:db:54:8b:15:b9:7b:
e3:62:30:6a:a5:ec:51:00:9c:d4:d4:e0:f9:f4:24:
10:af:a4:dc:92:e6:93:1c:09:93:2b:96:17:30:a3:
46:0c:fd:47:f7:4a:2d:87:57:ff:7d:d7:46:f2:29:
eb:18:16:a7:63:2a:ba:ce:d7:e7:b3:80:38:cb:df:
2c:14:69:eb:c1:bc:43:ca:27:02:5a:93:e8:2b:fd:
e0:45:a7:b1:87:56:80:d5:ee:8c:ab:69:8c:60:52:
5c:97:c2:80:5b:85:b7:19:37:1e:c5:10:a1:37:e2:
5c:76:0d:c1:9e:cf:79:8a:10:e2:3a:4b:57:a6:d7:
af:9b:69:e6:e2:23:25:74:be:c3:8e:f5:64:3f:96:
74:4c:72:ff:82:e8:5d:aa:2e:5b:70:2f:b5:93:5d:
6a:c6:6a:03:08:5a:cd:75:d1:4d:a9:b8:c8:a5:34:
3c:e1:11:aa:a1:a2:98:7b:a4:c0:23:de:a1:15:13:
1d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A4:5D:67:ED:3F:C4:44:43:2B:BB:BE:77:3D:76:36:A5:36:73:A3
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/KKRdZ-0_xERDK7u-dz12NqU2c6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.148.0-62.69.150.255
91.216.158.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:27:8e:94:cb:5b:4a:65:2f:f5:94:bd:b1:e9:2c:02:e8:4c:
91:7a:89:ab:b2:b7:a4:79:fa:2e:ce:bf:46:bd:b8:f7:7a:59:
0a:54:08:f3:bd:6e:f3:a7:f6:64:df:02:f1:6d:77:d4:da:92:
13:35:bb:82:c4:0b:eb:77:71:05:b9:3e:2d:8b:22:f1:cb:e8:
a6:79:32:bc:29:78:bb:80:a5:0d:a2:30:94:a0:e9:6f:98:8b:
8f:1c:ad:b0:29:24:7e:89:56:d1:84:ca:e2:0b:af:06:44:45:
86:a1:11:36:94:e5:7d:0d:ea:d9:8f:e0:7e:a4:a6:2f:85:b8:
34:c2:aa:fb:41:cc:00:99:85:46:20:90:95:9d:7e:bd:b6:12:
2c:20:95:cd:9d:62:42:39:4d:7f:dd:c7:3e:8e:2d:e6:57:df:
72:40:9f:1d:85:39:22:ce:0f:29:7d:e3:4e:77:ba:82:c2:5f:
22:ee:db:ab:d2:01:d9:47:57:ea:b6:35:df:fe:7e:af:43:99:
1d:80:f6:d5:f4:92:23:04:c1:9a:3b:3a:a6:61:17:c2:3d:6e:
c9:41:bf:0a:41:e2:1c:f1:50:84:a9:d4:84:ee:3a:af:0c:e5:
a8:bc:b9:e0:8f:63:c6:9f:5c:0e:6b:91:04:3c:88:8e:e6:16:
f8:1c:b1:5c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGuL2egCaHPtPSuqBVa6LxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjE1MjFhNzEyNzE1N2Y3ZGFmMGFkMDkxMzk0YWQ1YTFj
Y2U3NzkwHhcNMjQwMTAxMjAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE0NWQ2N2VkM2ZjNDQ0NDMyYmJiYmU3NzNkNzYzNmE1MzY3M2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo0Ve8mG5yqpbE9C+NYg8hGZFbyl
TzgW3oij/nzw54sNipykhttc7+aw/4XxqZzd25WsB2wueYsSq6ndh9Nue4lK0+rb
VIsVuXvjYjBqpexRAJzU1OD59CQQr6TckuaTHAmTK5YXMKNGDP1H90oth1f/fddG
8inrGBanYyq6ztfns4A4y98sFGnrwbxDyicCWpPoK/3gRaexh1aA1e6Mq2mMYFJc
l8KAW4W3GTcexRChN+Jcdg3Bns95ihDiOktXptevm2nm4iMldL7DjvVkP5Z0THL/
guhdqi5bcC+1k11qxmoDCFrNddFNqbjIpTQ84RGqoaKYe6TAI96hFRMdlwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCikXWftP8REQyu7vnc9djalNnOjMB8GA1UdIwQY
MBaAFA8hUhpxJxV/fa8K0JE5StWhzOd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQt
ZmFkNWZkNzk3MGJhLzEvS0tSZFotMF94RVJESzd1LWR6MTJOcVUyYzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQtZmFkNWZkNzk3MGJh
LzEvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAI+RZQD
BAA+RZYDBABb2J4wDQYJKoZIhvcNAQELBQADggEBAA8njpTLW0plL/WUvbHpLALo
TJF6iauyt6R5+i7Ov0a9uPd6WQpUCPO9bvOn9mTfAvFtd9TakhM1u4LEC+t3cQW5
Pi2LIvHL6KZ5MrwpeLuApQ2iMJSg6W+Yi48crbApJH6JVtGEyuILrwZERYahETaU
5X0N6tmP4H6kpi+FuDTCqvtBzACZhUYgkJWdfr22Eiwglc2dYkI5TX/dxz6OLeZX
33JAnx2FOSLODyl94053uoLCXyLu26vSAdlHV+q2Nd/+fq9DmR2A9tX0kiMEwZo7
OqZhF8I9bslBvwpB4hzxUISp1ITuOq8M5ai8ueCPY8afXA5rkQQ8iI7mFvgcsVw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:33 2025 by rpki-client