Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/KLRgxogVAnivCjuvzchm2XeqBaQ.roa
File: KLRgxogVAnivCjuvzchm2XeqBaQ.roa (raw, json)
Hash identifier: E6X7EzCNonsV+U6TRnVyRFS2dujrcVRODSnhYluXFPI=
Subject key identifier: 28:B4:60:C6:88:15:02:78:AF:0A:3B:AF:CD:C8:66:D9:77:AA:05:A4
Certificate issuer: /CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Certificate serial: 01856F94C4B1DC21CFB5916A12D540B5FBC3
Authority key identifier: 34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/KLRgxogVAnivCjuvzchm2XeqBaQ.roa
Signing time: Sun 01 Jan 2023 23:04:58 +0000
ROA not before: Sun 01 Jan 2023 23:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6762
IP address blocks: 213.144.160.0/19 maxlen: 19
185.100.112.0/22 maxlen: 22
149.3.176.0/21 maxlen: 21
176.115.184.0/22 maxlen: 22
93.186.128.0/21 maxlen: 24
93.186.136.0/22 maxlen: 22
195.22.192.0/19 maxlen: 24
5.178.40.0/21 maxlen: 24
185.70.200.0/22 maxlen: 22
89.221.32.0/20 maxlen: 20
79.140.80.0/20 maxlen: 24
2001:41a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Jun 2023 07:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c4:b1:dc:21:cf:b5:91:6a:12:d5:40:b5:fb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Validity
Not Before: Jan 1 23:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28b460c688150278af0a3bafcdc866d977aa05a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:e1:a0:cc:01:a4:d5:ab:96:3f:1d:43:51:
72:b6:bd:a0:34:7e:5c:7b:88:51:a3:bb:e8:17:53:
f4:49:44:86:a6:2e:c4:32:e9:aa:36:9b:b5:09:4a:
f8:b8:b2:f2:12:9e:f2:4e:ac:52:46:d0:cc:80:c5:
52:80:18:78:df:48:2d:f8:46:6d:6b:64:98:bc:ab:
d2:68:4c:d2:f6:e6:79:94:32:ce:f6:63:ba:4c:72:
d6:75:13:17:4e:0b:17:1b:9d:99:ca:03:7f:ad:48:
5a:e0:4f:cf:99:1c:79:20:d4:ca:f9:44:0b:b0:9b:
ef:a2:90:e7:ea:cd:18:4d:51:b7:89:72:66:54:cd:
dc:e3:51:c9:82:97:4c:15:3a:61:2e:8e:af:96:9d:
3f:97:e7:37:c0:fa:ac:a2:dc:2e:d9:f6:82:fc:6b:
5f:7e:00:a6:cd:c3:58:a8:3f:c9:4d:13:44:a0:85:
f0:91:94:73:d0:53:46:3f:40:62:a3:9a:71:3b:d8:
b0:36:5a:59:c4:53:6f:37:32:78:79:bf:3d:d7:f8:
6d:86:bd:48:31:2a:80:4d:7a:7f:59:f5:3d:93:f3:
61:ab:e1:b7:77:69:bb:0f:ae:64:f4:08:08:88:b2:
3a:23:ab:50:27:c4:03:72:9f:92:f1:85:64:1d:94:
7f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B4:60:C6:88:15:02:78:AF:0A:3B:AF:CD:C8:66:D9:77:AA:05:A4
X509v3 Authority Key Identifier:
keyid:34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/KLRgxogVAnivCjuvzchm2XeqBaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.40.0/21
79.140.80.0/20
89.221.32.0/20
93.186.128.0-93.186.139.255
149.3.176.0/21
176.115.184.0/22
185.70.200.0/22
185.100.112.0/22
195.22.192.0/19
213.144.160.0/19
IPv6:
2001:41a8::/32
Signature Algorithm: sha256WithRSAEncryption
72:ad:a0:2d:d6:63:f0:b7:2d:a9:3d:88:0a:f7:f0:22:7c:04:
75:26:91:ab:74:4a:51:10:08:f4:2e:f8:2d:1f:5f:5a:6f:5e:
4e:04:12:ec:1a:73:ab:cb:ac:db:b4:0c:41:76:ea:2f:c0:31:
a9:5e:2a:de:dc:e3:41:b3:33:68:e7:f2:16:0f:7b:b2:50:70:
d9:83:94:64:59:9d:f7:db:3d:43:04:c1:86:9f:8f:cf:7e:bf:
db:b5:d0:e2:d1:7d:63:bd:0c:56:51:cf:bb:aa:54:c6:a2:04:
4d:e7:d5:2e:4e:d3:43:e7:34:34:b1:98:22:88:fc:3d:48:d8:
ce:9a:5f:36:46:32:a7:dc:4b:7c:93:3f:91:f4:8f:21:55:44:
e8:5a:82:77:5e:29:8d:f6:af:21:f0:b1:40:b8:c5:fc:68:a4:
64:b7:7a:19:1d:57:44:a1:e0:a2:cc:fd:df:14:f4:22:bd:39:
3d:31:2c:87:50:05:f2:3a:43:10:b9:4d:1b:af:af:e2:53:19:
e2:fe:38:10:d9:43:ad:f7:40:69:4e:fa:5f:5c:9d:96:5a:27:
0e:2a:25:60:36:0a:7c:79:7e:3b:76:46:a9:32:a9:46:31:1a:
07:c7:aa:ee:fb:a5:40:81:da:c0:84:70:e3:f7:5e:8c:fa:06:
b4:03:07:8a
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYVvlMSx3CHPtZFqEtVAtfvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MGJlYTNmY2MzY2JjZWRjODI5MTljZjU3Yzc0MTA4YmFl
YTM2OWUwHhcNMjMwMTAxMjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI0NjBjNjg4MTUwMjc4YWYwYTNiYWZjZGM4NjZkOTc3YWEwNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIThoMwBpNWrlj8dQ1Fytr2gNH5c
e4hRo7voF1P0SUSGpi7EMumqNpu1CUr4uLLyEp7yTqxSRtDMgMVSgBh430gt+EZt
a2SYvKvSaEzS9uZ5lDLO9mO6THLWdRMXTgsXG52ZygN/rUha4E/PmRx5INTK+UQL
sJvvopDn6s0YTVG3iXJmVM3c41HJgpdMFTphLo6vlp0/l+c3wPqsotwu2faC/Gtf
fgCmzcNYqD/JTRNEoIXwkZRz0FNGP0Bio5pxO9iwNlpZxFNvNzJ4eb891/hthr1I
MSqATXp/WfU9k/Nhq+G3d2m7D65k9AgIiLI6I6tQJ8QDcp+S8YVkHZR/SwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFCi0YMaIFQJ4rwo7r83IZtl3qgWkMB8GA1UdIwQY
MBaAFDQL6j/MPLztyCkZz1fHQQi66jaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYt
MTExMDU2MzY5YTIzLzEvS0xSZ3hvZ1ZBbml2Q2p1dnpjaG0yWGVxQmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYtMTExMDU2MzY5YTIz
LzEvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQDBbIoAwQE
T4xQAwQEWd0gMAwDBAdduoADBAJduogDBAOVA7ADBAKwc7gDBAK5RsgDBAK5ZHAD
BAXDFsADBAXVkKAwDQQCAAIwBwMFACABQagwDQYJKoZIhvcNAQELBQADggEBAHKt
oC3WY/C3Lak9iAr38CJ8BHUmkat0SlEQCPQu+C0fX1pvXk4EEuwac6vLrNu0DEF2
6i/AMaleKt7c40GzM2jn8hYPe7JQcNmDlGRZnffbPUMEwYafj89+v9u10OLRfWO9
DFZRz7uqVMaiBE3n1S5O00PnNDSxmCKI/D1I2M6aXzZGMqfcS3yTP5H0jyFVROha
gndeKY32ryHwsUC4xfxopGS3ehkdV0Sh4KLM/d8U9CK9OT0xLIdQBfI6QxC5TRuv
r+JTGeL+OBDZQ633QGlO+l9cnZZaJw4qJWA2Cnx5fjt2RqkyqUYxGgfHqu77pUCB
2sCEcOP3Xoz6BrQDB4o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:12 2024 by rpki-client on console-ams.rpki-client.org