Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/KbyYTD4eg-S3QV1IoMdtyLSYSUU.roa
File: KbyYTD4eg-S3QV1IoMdtyLSYSUU.roa (raw, json)
Hash identifier: 112S0yKrBDvryJiTxO43RQpJjcRmU7zG39hoMVsuSWs=
Subject key identifier: 29:BC:98:4C:3E:1E:83:E4:B7:41:5D:48:A0:C7:6D:C8:B4:98:49:45
Certificate issuer: /CN=cf40e25606651a075484c709fa766d80dad52d9c
Certificate serial: 01908204EA0E2AF55E268A413EB7FA3687AD
Authority key identifier: CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/KbyYTD4eg-S3QV1IoMdtyLSYSUU.roa
Signing time: Fri 05 Jul 2024 08:31:18 +0000
ROA not before: Fri 05 Jul 2024 08:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25350
IP address blocks: 81.200.224.0/20 maxlen: 20
81.200.224.0/21 maxlen: 21
81.200.232.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 08 Jul 2024 11:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:04:ea:0e:2a:f5:5e:26:8a:41:3e:b7:fa:36:87:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40e25606651a075484c709fa766d80dad52d9c
Validity
Not Before: Jul 5 08:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29bc984c3e1e83e4b7415d48a0c76dc8b4984945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cd:ca:2b:86:18:32:52:95:52:04:91:bb:c1:
70:76:0f:38:13:96:55:be:f5:3f:36:5e:90:eb:0a:
53:e4:63:dd:e5:a1:4c:ad:bc:cf:84:ed:2e:39:33:
3b:a4:c6:27:f8:cc:00:a9:73:59:b1:37:52:f4:b2:
6e:cd:c3:14:b2:77:99:8e:bb:d5:3f:07:e1:3d:8e:
2c:9d:23:e6:fa:72:d3:22:fe:09:b2:49:a2:d4:a9:
49:e6:e1:35:7f:c7:10:08:16:b2:c5:7a:3b:7b:6a:
f2:22:7a:0c:95:7e:83:2c:b7:7c:56:d3:9e:70:14:
83:55:c2:4e:96:21:df:af:73:d4:e3:6e:49:1f:f8:
1c:dd:df:ca:c1:8a:0e:49:0c:80:87:e0:a9:5e:ce:
1e:48:78:03:91:ec:c9:29:52:aa:a0:a6:51:2b:2a:
4e:b7:63:78:59:84:9d:6b:fc:0e:4d:f6:66:73:0e:
17:78:14:fc:f8:e5:f5:d5:40:7d:5a:84:b7:1e:22:
da:a4:4c:13:07:e9:84:08:fd:4a:b9:8a:a4:33:d8:
13:f4:61:c6:36:f1:1b:b7:f1:5b:82:3e:f3:ba:dc:
90:04:0b:77:5d:40:fe:64:ad:32:7e:c6:cc:61:5a:
17:34:08:04:66:3c:b1:90:a0:52:c5:f7:31:15:9c:
35:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BC:98:4C:3E:1E:83:E4:B7:41:5D:48:A0:C7:6D:C8:B4:98:49:45
X509v3 Authority Key Identifier:
keyid:CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/KbyYTD4eg-S3QV1IoMdtyLSYSUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.224.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:0a:51:e8:d1:30:c5:da:10:41:73:25:a6:a9:33:ff:18:1a:
af:d3:c2:8b:f9:ea:de:ac:09:12:34:5c:8d:0c:b4:24:ad:46:
55:ea:36:f0:bc:39:9d:fc:10:2c:eb:85:9f:b8:f7:5d:54:77:
6d:b6:43:11:db:40:78:1c:b1:d7:30:33:de:28:6c:eb:3a:76:
0f:72:12:12:83:bd:00:05:68:38:2e:72:1e:b5:f0:52:85:b7:
de:96:f2:a8:7e:85:c6:83:a3:53:ab:88:f0:a8:0f:0c:b5:2c:
2d:1f:f7:53:6e:12:98:c2:1a:dd:1c:83:ac:28:2d:10:35:d4:
5a:0a:fc:98:9f:3c:00:77:8b:61:63:e6:8f:1d:a4:73:3f:4f:
f8:0f:13:8d:05:45:9d:d0:cf:33:39:3f:21:54:9f:63:36:1f:
4d:9e:38:c2:55:e1:85:01:eb:ff:c0:9a:81:31:3a:c9:ad:6b:
7b:69:3b:24:a3:c7:bf:bb:8b:29:35:d2:61:c7:c6:e6:6d:34:
fa:60:4d:a6:8f:d2:3d:2e:c7:65:a7:85:ad:4b:8a:43:ea:46:
33:44:40:43:5d:12:20:79:0c:36:57:9c:94:02:e9:ff:44:66:
8c:30:35:ac:62:4a:75:40:69:09:23:aa:00:3f:3e:da:b4:8e:
d3:a7:f9:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCCBOoOKvVeJopBPrf6NoetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBlMjU2MDY2NTFhMDc1NDg0YzcwOWZhNzY2ZDgwZGFk
NTJkOWMwHhcNMjQwNzA1MDgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJjOTg0YzNlMWU4M2U0Yjc0MTVkNDhhMGM3NmRjOGI0OTg0OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus3KK4YYMlKVUgSRu8Fwdg84E5ZV
vvU/Nl6Q6wpT5GPd5aFMrbzPhO0uOTM7pMYn+MwAqXNZsTdS9LJuzcMUsneZjrvV
PwfhPY4snSPm+nLTIv4Jskmi1KlJ5uE1f8cQCBayxXo7e2ryInoMlX6DLLd8VtOe
cBSDVcJOliHfr3PU425JH/gc3d/KwYoOSQyAh+CpXs4eSHgDkezJKVKqoKZRKypO
t2N4WYSda/wOTfZmcw4XeBT8+OX11UB9WoS3HiLapEwTB+mECP1KuYqkM9gT9GHG
NvEbt/Fbgj7zutyQBAt3XUD+ZK0yfsbMYVoXNAgEZjyxkKBSxfcxFZw1hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCm8mEw+HoPkt0FdSKDHbci0mElFMB8GA1UdIwQY
MBaAFM9A4lYGZRoHVITHCfp2bYDa1S2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAt
ZTk5N2U1NThkNzNhLzEvS2J5WVRENGVnLVMzUVYxSW9NZHR5TFNZU1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAtZTk5N2U1NThkNzNh
LzEvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUcjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBfClHo0TDF2hBBcyWmqTP/GBqv08KL+ererAkSNFyN
DLQkrUZV6jbwvDmd/BAs64WfuPddVHdttkMR20B4HLHXMDPeKGzrOnYPchISg70A
BWg4LnIetfBShbfelvKofoXGg6NTq4jwqA8MtSwtH/dTbhKYwhrdHIOsKC0QNdRa
CvyYnzwAd4thY+aPHaRzP0/4DxONBUWd0M8zOT8hVJ9jNh9NnjjCVeGFAev/wJqB
MTrJrWt7aTsko8e/u4spNdJhx8bmbTT6YE2mj9I9Lsdlp4WtS4pD6kYzREBDXRIg
eQw2V5yUAun/RGaMMDWsYkp1QGkJI6oAPz7atI7Tp/lg
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:26:36 2025 by rpki-client