Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KViao_NbOv3JHot7pmwMvpATwco.roa
File: KViao_NbOv3JHot7pmwMvpATwco.roa (raw, json)
Hash identifier: 1vMr3lw5VeN+vL7q23uLtHY1XVITrNdnSCKDZHFTgNw=
Subject key identifier: 29:58:9A:A3:F3:5B:3A:FD:C9:1E:8B:7B:A6:6C:0C:BE:90:13:C1:CA
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01880B14AE1B09765B0C8595A3F8A4835C71
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KViao_NbOv3JHot7pmwMvpATwco.roa
Signing time: Thu 11 May 2023 13:51:24 +0000
ROA not before: Thu 11 May 2023 13:51:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399130
IP address blocks: 195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.117.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.125.0/24 maxlen: 24
195.138.123.0/24 maxlen: 24
195.138.124.0/24 maxlen: 24
195.138.119.0/24 maxlen: 24
195.138.121.0/24 maxlen: 24
195.138.126.0/24 maxlen: 24
195.138.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Sep 2023 17:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0b:14:ae:1b:09:76:5b:0c:85:95:a3:f8:a4:83:5c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 11 13:51:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29589aa3f35b3afdc91e8b7ba66c0cbe9013c1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6c:57:a2:93:1e:a8:61:b3:f0:82:4f:7a:2a:
ae:a3:d3:b1:bc:c3:22:56:59:7a:53:0d:8e:91:c1:
6a:3d:3c:c9:cd:62:bf:84:4e:40:c9:fa:90:b7:64:
db:10:ef:ed:b6:14:3d:b9:a5:97:0b:87:d8:ff:ad:
b2:ef:ab:72:54:0f:a2:ab:cc:4f:30:c8:da:7f:ad:
73:47:38:20:04:8e:32:d2:7f:89:a8:06:7d:0e:62:
9d:14:bd:58:e5:44:25:86:e8:95:72:e1:e5:29:b7:
58:fd:ae:46:6a:e9:31:5e:e6:25:93:a9:22:8d:8c:
f0:0f:57:0d:a0:5e:38:a8:46:ec:07:0a:23:7d:3d:
ec:8e:54:41:54:5e:80:c9:b2:e9:8e:be:24:5e:76:
f9:62:18:e6:aa:0a:18:2f:69:23:5c:38:37:45:24:
f9:62:d5:4f:7e:cb:17:6d:74:fa:7e:38:6d:16:30:
ba:c5:dc:77:92:09:d6:89:14:20:83:04:a9:81:3f:
b5:6d:8c:0d:fe:cc:f3:06:71:cb:a6:a9:2c:57:6d:
e4:12:09:aa:3a:b1:9b:e7:e5:79:b6:70:47:ca:f2:
f0:0b:89:bf:4c:3e:dc:39:d4:1b:b4:cd:71:c4:a2:
c6:32:37:4d:18:76:d1:5a:18:e5:e9:5a:57:09:e2:
7f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:58:9A:A3:F3:5B:3A:FD:C9:1E:8B:7B:A6:6C:0C:BE:90:13:C1:CA
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KViao_NbOv3JHot7pmwMvpATwco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.109.0-195.138.110.255
195.138.113.0/24
195.138.115.0-195.138.117.255
195.138.119.0/24
195.138.121.0/24
195.138.123.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
5b:67:b9:df:bc:cb:69:cf:db:b0:2a:0c:23:20:a6:4f:42:fc:
9e:81:5c:d4:eb:a5:4a:eb:21:cb:8a:e4:ab:60:cd:17:d9:a1:
ce:a3:25:9f:3e:0e:7a:ae:02:44:41:09:5d:c6:87:b0:74:e4:
5e:8f:15:d7:4c:5f:14:d3:4d:f4:29:dc:18:df:61:0f:1c:2d:
c6:e0:48:40:0b:2a:58:6a:5e:e2:0b:79:65:df:27:be:f6:65:
f9:9a:3a:a1:62:29:42:dc:c9:fb:97:42:34:50:3b:eb:94:05:
c2:83:1f:b3:b0:6c:7d:46:a5:cf:c0:0e:e2:5b:0d:72:9e:2e:
c9:bf:07:ca:a2:3b:ca:a8:51:db:3d:68:01:12:f4:10:f4:e0:
32:67:a7:a5:f8:a2:6d:fc:0b:ca:e1:6d:3b:50:b6:7f:41:79:
42:9e:3a:5a:ce:2a:6d:ff:f4:56:8b:02:66:d1:c3:ee:c0:95:
1a:ad:ec:04:4b:37:67:cf:9f:a8:b2:db:c4:19:f7:1f:bf:8a:
e9:4d:a7:e0:6f:38:b6:a3:a9:52:1a:39:86:a9:dd:72:2e:27:
dc:ef:22:cd:ab:a9:4e:32:34:d0:6e:7d:b5:42:28:8c:f9:cc:
30:de:cb:b4:85:70:bf:df:70:f8:34:be:30:1f:05:33:ab:48:
0b:2a:85:0d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYgLFK4bCXZbDIWVo/ikg1xxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNTExMTM1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU4OWFhM2YzNWIzYWZkYzkxZThiN2JhNjZjMGNiZTkwMTNjMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGxXopMeqGGz8IJPeiquo9OxvMMi
Vll6Uw2OkcFqPTzJzWK/hE5AyfqQt2TbEO/tthQ9uaWXC4fY/62y76tyVA+iq8xP
MMjaf61zRzggBI4y0n+JqAZ9DmKdFL1Y5UQlhuiVcuHlKbdY/a5GaukxXuYlk6ki
jYzwD1cNoF44qEbsBwojfT3sjlRBVF6AybLpjr4kXnb5YhjmqgoYL2kjXDg3RST5
YtVPfssXbXT6fjhtFjC6xdx3kgnWiRQggwSpgT+1bYwN/szzBnHLpqksV23kEgmq
OrGb5+V5tnBHyvLwC4m/TD7cOdQbtM1xxKLGMjdNGHbRWhjl6VpXCeJ/JwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFClYmqPzWzr9yR6Le6ZsDL6QE8HKMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvS1ZpYW9fTmJPdjNKSG90N3Btd012cEFUd2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBADDim0D
BADDim4DBADDinEwDAMEAMOKcwMEAcOKdAMEAMOKdwMEAMOKeTAMAwQAw4p7AwQH
w4oAMA0GCSqGSIb3DQEBCwUAA4IBAQBbZ7nfvMtpz9uwKgwjIKZPQvyegVzU66VK
6yHLiuSrYM0X2aHOoyWfPg56rgJEQQldxoewdORejxXXTF8U0030KdwY32EPHC3G
4EhACypYal7iC3ll3ye+9mX5mjqhYilC3Mn7l0I0UDvrlAXCgx+zsGx9RqXPwA7i
Ww1yni7JvwfKojvKqFHbPWgBEvQQ9OAyZ6el+KJt/AvK4W07ULZ/QXlCnjpazipt
//RWiwJm0cPuwJUarewESzdnz5+ostvEGfcfv4rpTafgbzi2o6lSGjmGqd1yLifc
7yLNq6lOMjTQbn21QiiM+cww3su0hXC/33D4NL4wHwUzq0gLKoUN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org