Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/k7s_kVQKvIDwWcaX25JVrYcJI6M.roa
File: k7s_kVQKvIDwWcaX25JVrYcJI6M.roa (raw, json)
Hash identifier: ukh6f72gAiAttM9pQxfc4ySjCuQ9Pa3tcSpxisUb5E4=
Subject key identifier: 93:BB:3F:91:54:0A:BC:80:F0:59:C6:97:DB:92:55:AD:87:09:23:A3
Certificate issuer: /CN=f448ee63f19d0c1f22c6f61ce4a81eceabb8e790
Certificate serial: 018CC4247E75D1B6271CDBAD059534009295
Authority key identifier: F4:48:EE:63:F1:9D:0C:1F:22:C6:F6:1C:E4:A8:1E:CE:AB:B8:E7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EjuY_GdDB8ixvYc5Kgezqu455A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/k7s_kVQKvIDwWcaX25JVrYcJI6M.roa
Signing time: Mon 01 Jan 2024 08:29:35 +0000
ROA not before: Mon 01 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29329
IP address blocks: 193.84.8.0/24 maxlen: 32
195.135.232.0/22 maxlen: 32
83.243.72.0/21 maxlen: 32
185.16.100.0/22 maxlen: 32
91.151.192.0/20 maxlen: 32
2a0f:6a40::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:7e:75:d1:b6:27:1c:db:ad:05:95:34:00:92:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f448ee63f19d0c1f22c6f61ce4a81eceabb8e790
Validity
Not Before: Jan 1 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93bb3f91540abc80f059c697db9255ad870923a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:d7:df:7b:bc:eb:83:27:f8:8f:c9:98:f3:
4c:4f:85:5b:5d:05:1e:93:c4:f2:d1:1a:bf:54:f0:
a2:61:51:64:e3:9f:f6:42:3d:15:91:68:1a:18:9c:
b7:1e:4f:b4:38:c0:d2:67:25:e7:0a:88:b4:11:e7:
5c:05:5f:61:a3:fb:2c:20:98:e1:8e:af:d8:52:31:
82:cf:5c:c4:f1:db:e0:e9:a0:5e:a1:39:ca:67:97:
a8:63:40:5d:b0:78:2e:61:ac:fd:88:dc:23:67:d2:
12:fb:a7:e6:65:84:0a:ca:90:1e:3e:2a:79:19:40:
a7:c8:5c:d3:91:27:b0:ef:11:5c:e3:66:48:06:c6:
01:a8:40:e0:47:20:dd:ce:01:1f:f1:60:e0:fa:31:
c4:10:d1:08:fa:15:e0:45:b2:95:76:1c:4c:77:d4:
84:40:c8:ec:57:dd:52:ff:62:f3:86:c2:f5:d0:3a:
81:74:35:56:7b:23:16:6e:7c:ba:09:79:1b:fb:bd:
d6:bb:df:b8:4c:48:07:46:c3:4f:1a:3e:2a:55:0e:
68:0c:dd:d4:9f:6c:6e:4e:51:9a:33:da:54:28:a0:
3a:75:7c:4c:fd:50:e4:c3:73:91:f4:82:c3:1a:45:
20:88:51:62:53:bf:d3:b1:19:eb:c0:6f:fa:69:98:
ff:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:BB:3F:91:54:0A:BC:80:F0:59:C6:97:DB:92:55:AD:87:09:23:A3
X509v3 Authority Key Identifier:
keyid:F4:48:EE:63:F1:9D:0C:1F:22:C6:F6:1C:E4:A8:1E:CE:AB:B8:E7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EjuY_GdDB8ixvYc5Kgezqu455A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/k7s_kVQKvIDwWcaX25JVrYcJI6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/9EjuY_GdDB8ixvYc5Kgezqu455A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.72.0/21
91.151.192.0/20
185.16.100.0/22
193.84.8.0/24
195.135.232.0/22
IPv6:
2a0f:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
02:70:a4:7c:32:c9:e1:64:a3:03:9c:56:e0:16:19:3c:25:a3:
1e:a9:a7:47:bb:ac:5b:ae:e1:f4:40:73:b9:be:b7:35:6a:ef:
a8:04:0b:8a:e8:48:9b:e8:12:d0:28:52:1e:e3:d1:69:4b:14:
b9:9c:d6:ff:4d:db:b5:29:92:9d:5f:11:01:dd:61:26:bb:26:
d3:1c:8d:e0:63:c6:84:d3:e1:2d:37:d4:a1:7e:9f:84:75:81:
02:8f:89:23:eb:7e:44:ee:d6:e2:ff:fa:86:74:39:b3:f5:dd:
f3:06:7b:d0:7f:d8:59:36:a1:2e:4a:81:a3:7a:1a:c8:76:6a:
38:b3:a7:59:fa:b9:78:a5:47:ad:59:d3:3b:82:ef:bf:b3:f8:
69:fd:2d:3f:b3:94:1d:9b:a4:55:43:a8:f5:82:70:b9:8f:e2:
05:92:d2:8c:b0:31:a8:a9:10:c9:8f:a7:7b:51:8a:8c:ae:fd:
27:48:be:16:27:91:ae:c6:bd:70:14:7b:cd:82:fa:30:63:af:
35:e9:ae:d9:7b:6c:8f:46:ab:df:8a:ac:4c:f3:31:c7:e3:0c:
40:19:e2:1a:22:3a:11:b2:d4:dc:d7:c7:19:fc:e0:76:15:fc:
45:5c:c3:bb:7b:2a:91:ea:b3:92:ea:5c:6a:bc:1e:c0:7a:7a:
69:2c:6e:5f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJH510bYnHNutBZU0AJKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDhlZTYzZjE5ZDBjMWYyMmM2ZjYxY2U0YTgxZWNlYWJi
OGU3OTAwHhcNMjQwMTAxMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2JiM2Y5MTU0MGFiYzgwZjA1OWM2OTdkYjkyNTVhZDg3MDkyM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1nX33u864Mn+I/JmPNMT4VbXQUe
k8Ty0Rq/VPCiYVFk45/2Qj0VkWgaGJy3Hk+0OMDSZyXnCoi0EedcBV9ho/ssIJjh
jq/YUjGCz1zE8dvg6aBeoTnKZ5eoY0BdsHguYaz9iNwjZ9IS+6fmZYQKypAePip5
GUCnyFzTkSew7xFc42ZIBsYBqEDgRyDdzgEf8WDg+jHEENEI+hXgRbKVdhxMd9SE
QMjsV91S/2LzhsL10DqBdDVWeyMWbny6CXkb+73Wu9+4TEgHRsNPGj4qVQ5oDN3U
n2xuTlGaM9pUKKA6dXxM/VDkw3OR9ILDGkUgiFFiU7/TsRnrwG/6aZj/yQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJO7P5FUCryA8FnGl9uSVa2HCSOjMB8GA1UdIwQY
MBaAFPRI7mPxnQwfIsb2HOSoHs6ruOeQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVqdVlfR2REQjhpeHZZYzVLZ2V6cXU0NTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NDAxZTgtODJkZC00ODExLTgwMTEt
NzE5NDAxYmJjYTJlLzEvazdzX2tWUUt2SUR3V2NhWDI1SlZyWWNKSTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NDAxZTgtODJkZC00ODExLTgwMTEtNzE5NDAxYmJjYTJl
LzEvOUVqdVlfR2REQjhpeHZZYzVLZ2V6cXU0NTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDU/NIAwQE
W5fAAwQCuRBkAwQAwVQIAwQCw4foMA0EAgACMAcDBQMqD2pAMA0GCSqGSIb3DQEB
CwUAA4IBAQACcKR8MsnhZKMDnFbgFhk8JaMeqadHu6xbruH0QHO5vrc1au+oBAuK
6Eib6BLQKFIe49FpSxS5nNb/Tdu1KZKdXxEB3WEmuybTHI3gY8aE0+EtN9Shfp+E
dYECj4kj635E7tbi//qGdDmz9d3zBnvQf9hZNqEuSoGjehrIdmo4s6dZ+rl4pUet
WdM7gu+/s/hp/S0/s5Qdm6RVQ6j1gnC5j+IFktKMsDGoqRDJj6d7UYqMrv0nSL4W
J5Guxr1wFHvNgvowY6816a7Ze2yPRqvfiqxM8zHH4wxAGeIaIjoRstTc18cZ/OB2
FfxFXMO7eyqR6rOS6lxqvB7AenppLG5f
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:18:17 2025 by rpki-client