Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/KfCTkMTTGAsMjqSKIHA_t0uNXDs.roa
File: KfCTkMTTGAsMjqSKIHA_t0uNXDs.roa (raw, json)
Hash identifier: aUdte5IsP8tmCCr4ICFBrT1pcpzmgg/4ugDQR8Ep5z8=
Subject key identifier: 29:F0:93:90:C4:D3:18:0B:0C:8E:A4:8A:20:70:3F:B7:4B:8D:5C:3B
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 018CC8018BF13E3EDBD2DB1CEC8FE1B66CFC
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/KfCTkMTTGAsMjqSKIHA_t0uNXDs.roa
Signing time: Tue 02 Jan 2024 02:29:53 +0000
ROA not before: Tue 02 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30962
IP address blocks: 91.230.27.0/24 maxlen: 24
195.225.240.0/22 maxlen: 22
45.129.240.0/22 maxlen: 22
91.190.144.0/21 maxlen: 21
45.129.241.0/24 maxlen: 24
195.191.114.0/23 maxlen: 23
91.230.47.0/24 maxlen: 24
89.107.64.0/21 maxlen: 21
62.108.32.0/24 maxlen: 24
62.108.32.0/20 maxlen: 20
62.108.48.0/20 maxlen: 20
93.190.88.0/21 maxlen: 21
93.190.95.0/24 maxlen: 24
185.148.68.0/22 maxlen: 22
194.113.216.0/23 maxlen: 23
185.147.216.0/22 maxlen: 22
84.19.0.0/19 maxlen: 19
195.62.20.0/23 maxlen: 23
2a00:f70::/32 maxlen: 32
2a03:f200::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 22 Apr 2024 05:51:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8b:f1:3e:3e:db:d2:db:1c:ec:8f:e1:b6:6c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Jan 2 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29f09390c4d3180b0c8ea48a20703fb74b8d5c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:74:3b:29:f5:dc:7e:de:2d:37:2d:65:51:dd:
69:db:4d:4b:2d:36:20:8a:4c:67:bd:56:28:77:23:
7f:e7:7b:49:3d:1e:7c:33:75:01:87:5e:9c:17:8b:
ec:35:d9:98:dc:be:bf:f9:f1:5f:6e:0f:6e:7a:b1:
ca:15:b2:6e:3a:c5:d3:4f:73:a2:99:32:0d:59:7b:
3e:98:86:43:14:a3:9f:b3:a1:f1:96:b9:be:15:52:
7e:9a:40:cd:ae:72:70:8a:c1:c4:2e:50:7d:77:e2:
6f:14:de:ed:ac:d5:44:b8:ef:b7:12:f8:b3:b5:c3:
cd:d5:3c:9e:8b:a6:7e:bd:ff:d6:1d:6d:02:2c:f6:
c9:52:f7:12:69:b1:0f:11:e8:10:42:ab:79:ac:25:
f3:d1:27:c6:ab:25:4f:fa:38:2f:44:68:d1:25:d5:
39:a2:e5:c4:24:d7:21:67:ee:1d:bc:75:43:5c:c4:
51:f1:a8:39:0c:bb:49:04:e6:dd:3f:82:42:70:9a:
1c:71:ee:f9:94:7a:14:cb:24:07:18:3e:af:78:ca:
51:4d:b3:ae:27:30:6a:81:64:e1:65:8d:25:35:cc:
1d:d5:89:d0:89:3f:19:62:51:03:b6:be:c5:51:11:
d1:d3:2f:9b:ee:6f:9f:d0:17:02:68:aa:8c:ab:86:
ea:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F0:93:90:C4:D3:18:0B:0C:8E:A4:8A:20:70:3F:B7:4B:8D:5C:3B
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/KfCTkMTTGAsMjqSKIHA_t0uNXDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.240.0/22
62.108.32.0/19
84.19.0.0/19
89.107.64.0/21
91.190.144.0/21
91.230.27.0/24
91.230.47.0/24
93.190.88.0/21
185.147.216.0/22
185.148.68.0/22
194.113.216.0/23
195.62.20.0/23
195.191.114.0/23
195.225.240.0/22
IPv6:
2a00:f70::/32
2a03:f200::/32
Signature Algorithm: sha256WithRSAEncryption
40:10:11:99:f3:d1:99:dc:46:d6:84:d7:da:46:62:3d:89:b8:
be:b6:31:ab:50:e4:59:ce:1c:62:b0:b5:80:a1:8b:ac:f1:9e:
2a:25:10:05:80:d9:9b:19:32:a0:ca:5e:87:0f:dc:86:45:1e:
ef:96:f3:2a:9c:dd:ae:76:f6:91:67:2d:62:38:71:55:b1:b8:
38:fb:42:b8:1e:f8:76:42:06:21:82:d0:7f:0f:da:eb:fb:d9:
c0:65:1f:0d:7d:4c:e7:af:38:0f:cf:59:1e:b5:44:09:89:2a:
e3:2b:4d:dc:4d:30:b9:81:8e:5b:61:aa:f6:be:6c:97:ec:0d:
d6:bc:f7:6d:08:45:c6:02:3e:c8:87:6b:43:c9:d7:db:b5:fe:
d0:24:f9:6d:7a:1b:7d:d8:54:5b:e1:eb:38:f2:a9:a2:d4:65:
ad:c7:8f:57:59:e1:2f:8d:28:34:60:47:90:f0:bf:d4:f1:05:
8d:99:d5:c0:ae:2b:0d:c5:53:41:43:50:b3:95:30:73:de:46:
1b:43:e8:f5:df:2d:43:50:cc:ce:e0:30:38:23:2a:68:3b:40:
81:b3:36:52:3b:ac:b4:c0:4c:cd:04:39:d5:4c:a4:89:d1:ed:
60:2f:07:8a:5c:78:a0:cd:35:4e:7f:dd:38:13:9d:70:6b:a8:
49:ea:14:e3
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYzIAYvxPj7b0tsc7I/htmz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYwOTM5MGM0ZDMxODBiMGM4ZWE0OGEyMDcwM2ZiNzRiOGQ1YzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnQ7KfXcft4tNy1lUd1p201LLTYg
ikxnvVYodyN/53tJPR58M3UBh16cF4vsNdmY3L6/+fFfbg9uerHKFbJuOsXTT3Oi
mTINWXs+mIZDFKOfs6Hxlrm+FVJ+mkDNrnJwisHELlB9d+JvFN7trNVEuO+3Eviz
tcPN1Tyei6Z+vf/WHW0CLPbJUvcSabEPEegQQqt5rCXz0SfGqyVP+jgvRGjRJdU5
ouXEJNchZ+4dvHVDXMRR8ag5DLtJBObdP4JCcJocce75lHoUyyQHGD6veMpRTbOu
JzBqgWThZY0lNcwd1YnQiT8ZYlEDtr7FURHR0y+b7m+f0BcCaKqMq4bqyQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFCnwk5DE0xgLDI6kiiBwP7dLjVw7MB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvS2ZDVGtNVFRHQXNNanFTS0lIQV90MHVOWERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAi2B8AME
BT5sIAMEBVQTAAMEA1lrQAMEA1u+kAMEAFvmGwMEAFvmLwMEA12+WAMEArmT2AME
ArmURAMEAcJx2AMEAcM+FAMEAcO/cgMEAsPh8DAUBAIAAjAOAwUAKgAPcAMFACoD
8gAwDQYJKoZIhvcNAQELBQADggEBAEAQEZnz0ZncRtaE19pGYj2JuL62MatQ5FnO
HGKwtYChi6zxniolEAWA2ZsZMqDKXocP3IZFHu+W8yqc3a529pFnLWI4cVWxuDj7
Qrge+HZCBiGC0H8P2uv72cBlHw19TOevOA/PWR61RAmJKuMrTdxNMLmBjlthqva+
bJfsDda8920IRcYCPsiHa0PJ19u1/tAk+W16G33YVFvh6zjyqaLUZa3Hj1dZ4S+N
KDRgR5Dwv9TxBY2Z1cCuKw3FU0FDULOVMHPeRhtD6PXfLUNQzM7gMDgjKmg7QIGz
NlI7rLTATM0EOdVMpInR7WAvB4pceKDNNU5/3TgTnXBrqEnqFOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:29 2024 by rpki-client on console-ams.rpki-client.org