Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/KUhJX2iM9YsWmxaJlptCqS77OQc.roa
File: KUhJX2iM9YsWmxaJlptCqS77OQc.roa (raw, json)
Hash identifier: YYyXjsSyiegeyc82/AHmHqtu6oMJhB0X/gIVIIRUhB4=
Subject key identifier: 29:48:49:5F:68:8C:F5:8B:16:9B:16:89:96:9B:42:A9:2E:FB:39:07
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 01922CBF035D441BC1FD3344E790D8522EFB
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/KUhJX2iM9YsWmxaJlptCqS77OQc.roa
Signing time: Thu 26 Sep 2024 05:12:48 +0000
ROA not before: Thu 26 Sep 2024 05:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 43.226.0.0/23 maxlen: 23
46.17.217.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
64.95.150.0/23 maxlen: 23
64.225.244.0/23 maxlen: 23
91.198.19.0/24 maxlen: 24
91.246.38.0/24 maxlen: 24
104.225.253.0/24 maxlen: 24
117.18.104.0/24 maxlen: 24
123.100.227.0/24 maxlen: 24
148.222.40.0/22 maxlen: 22
167.234.38.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
202.2.60.0/22 maxlen: 22
203.27.201.0/24 maxlen: 24
216.183.120.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
217.11.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 09:29:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2c:bf:03:5d:44:1b:c1:fd:33:44:e7:90:d8:52:2e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Sep 26 05:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2948495f688cf58b169b1689969b42a92efb3907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6f:7f:8b:b7:ba:09:d6:c6:c4:dc:14:3d:08:
ae:95:96:f5:52:0d:64:d2:53:d1:f3:49:c0:6d:a3:
ca:f1:95:76:59:e3:d2:3e:c1:ed:74:01:4d:e1:fe:
d7:5e:e0:0c:80:90:29:f0:2f:e2:9f:9e:16:da:61:
88:a9:02:73:6d:96:29:75:9c:a8:25:21:a0:89:9f:
bd:f4:86:95:18:34:d8:5a:f8:64:39:42:c1:9c:43:
24:d4:7e:52:74:98:cb:a3:6d:76:b0:83:4b:b9:ee:
52:36:27:48:53:86:dc:9d:06:26:be:f2:c3:c5:ae:
a0:7e:71:1e:6b:ff:1f:14:13:1e:3a:0f:88:92:8c:
64:30:ac:82:7f:bb:a1:bf:ca:a8:1a:33:26:1d:c2:
ee:a3:56:27:81:c8:e0:c1:a6:f5:10:0c:cd:7e:03:
2e:14:25:d2:64:49:54:f7:92:4f:18:7e:63:9c:39:
ec:6b:e9:73:19:03:06:7b:e4:9b:3a:01:6c:29:92:
ae:59:cf:99:f0:3b:00:b1:6f:88:a3:0d:6d:c3:d9:
dd:b7:21:36:4e:31:02:54:0d:05:62:d5:7c:19:ab:
99:b9:e7:9b:60:c9:04:3f:8b:5c:88:f0:d9:f1:41:
23:36:a0:f6:2c:6e:5f:ec:d9:03:4e:69:ee:04:9a:
db:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:48:49:5F:68:8C:F5:8B:16:9B:16:89:96:9B:42:A9:2E:FB:39:07
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/KUhJX2iM9YsWmxaJlptCqS77OQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.0.0/23
46.17.217.0/24
63.251.117.0/24
64.95.150.0/23
64.225.244.0/23
91.198.19.0/24
91.246.38.0/24
104.225.253.0/24
117.18.104.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
202.2.60.0/22
203.27.201.0/24
216.183.120.0/24
216.203.15.0/24
217.11.174.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:a5:7d:4e:33:e4:87:d1:b4:b4:7e:ba:11:3d:82:08:90:3c:
e7:f4:a9:68:37:78:5b:ee:79:07:df:12:3f:b5:f4:cf:ed:eb:
f9:35:f1:a6:d3:f8:6c:96:e3:34:df:12:79:cc:2a:f3:fa:77:
70:33:ba:1b:65:bc:a0:46:8c:3c:db:90:7c:6e:9a:15:72:6c:
da:7c:b5:bf:e5:42:59:43:4a:44:d3:0a:3d:ca:10:19:b2:b7:
66:98:60:b3:80:b6:36:25:8d:0e:44:a6:ef:fb:95:18:50:af:
68:77:54:76:3c:3f:ac:f4:57:94:15:f6:10:2a:65:c8:b9:b6:
6f:1b:cc:d7:ee:c4:af:ec:a8:a5:2e:10:ed:2f:20:2d:0b:c1:
3a:af:a7:b1:b4:27:91:b4:0b:5d:47:89:bb:00:b0:88:71:a4:
99:91:34:2d:80:d7:75:4c:8e:04:8c:e2:b1:69:cc:14:99:3f:
47:c4:1f:3b:f4:54:51:86:03:b0:56:67:04:eb:06:fa:f6:92:
2e:ff:ba:9f:49:ef:ef:7a:df:17:37:12:e1:5e:e0:f3:eb:3d:
80:0c:05:de:a0:ab:79:20:33:dd:ee:41:a0:d7:9a:6c:1b:50:
1e:2d:b0:1e:43:51:98:9e:78:12:66:39:1b:4b:c3:5f:fc:48:
df:fb:56:e2
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZIsvwNdRBvB/TNE55DYUi77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjQwOTI2MDUxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQ4NDk1ZjY4OGNmNThiMTY5YjE2ODk5NjliNDJhOTJlZmIzOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW9/i7e6CdbGxNwUPQiulZb1Ug1k
0lPR80nAbaPK8ZV2WePSPsHtdAFN4f7XXuAMgJAp8C/in54W2mGIqQJzbZYpdZyo
JSGgiZ+99IaVGDTYWvhkOULBnEMk1H5SdJjLo212sINLue5SNidIU4bcnQYmvvLD
xa6gfnEea/8fFBMeOg+IkoxkMKyCf7uhv8qoGjMmHcLuo1Yngcjgwab1EAzNfgMu
FCXSZElU95JPGH5jnDnsa+lzGQMGe+SbOgFsKZKuWc+Z8DsAsW+Iow1tw9ndtyE2
TjECVA0FYtV8GauZueebYMkEP4tciPDZ8UEjNqD2LG5f7NkDTmnuBJrb4wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFClISV9ojPWLFpsWiZabQqku+zkHMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvS1VoSlgyaU05WXNXbXhhSmxwdENxUzc3T1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEASviAAME
AC4R2QMEAD/7dQMEAUBflgMEAUDh9AMEAFvGEwMEAFv2JgMEAGjh/QMEAHUSaAME
AHtk4wMEApTeKAMEAKfqJgMEAMYxZwMEAsoCPAMEAMsbyQMEANi3eAMEANjLDwME
ANkLrjANBgkqhkiG9w0BAQsFAAOCAQEAX6V9TjPkh9G0tH66ET2CCJA85/SpaDd4
W+55B98SP7X0z+3r+TXxptP4bJbjNN8Secwq8/p3cDO6G2W8oEaMPNuQfG6aFXJs
2ny1v+VCWUNKRNMKPcoQGbK3Zphgs4C2NiWNDkSm7/uVGFCvaHdUdjw/rPRXlBX2
ECplyLm2bxvM1+7Er+yopS4Q7S8gLQvBOq+nsbQnkbQLXUeJuwCwiHGkmZE0LYDX
dUyOBIzisWnMFJk/R8QfO/RUUYYDsFZnBOsG+vaSLv+6n0nv73rfFzcS4V7g8+s9
gAwF3qCreSAz3e5BoNeabBtQHi2wHkNRmJ54EmY5G0vDX/xI3/tW4g==
-----END CERTIFICATE-----
Generated at Thu Oct 31 11:39:21 2024 by rpki-client on console-fra.rpki-client.org