Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/KgzbNd82ZUSYn_ewgwsxNAAyw88.roa
File: KgzbNd82ZUSYn_ewgwsxNAAyw88.roa (raw, json)
Hash identifier: kaje3UwgkQiMBSwkE65RjTKg3Wbq45tSi9PCGZMS+uo=
Subject key identifier: 2A:0C:DB:35:DF:36:65:44:98:9F:F7:B0:83:0B:31:34:00:32:C3:CF
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 018CC500A8B9621E111244EC8102F3A2C16A
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/KgzbNd82ZUSYn_ewgwsxNAAyw88.roa
Signing time: Mon 01 Jan 2024 12:30:03 +0000
ROA not before: Mon 01 Jan 2024 12:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 103.246.248.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
46.229.243.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
2a12:3200:3000::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 12 Jan 2024 16:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:a8:b9:62:1e:11:12:44:ec:81:02:f3:a2:c1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Jan 1 12:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a0cdb35df366544989ff7b0830b31340032c3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:75:38:cf:e9:81:99:72:3e:4a:2c:84:b4:b9:
84:3b:e1:e8:d4:8d:86:4e:a8:c1:87:b8:d9:1e:07:
ad:ea:0c:27:77:a3:96:e9:a1:73:b5:65:1d:ab:ab:
90:f1:c4:a0:48:bc:47:2b:0b:32:43:64:04:92:f0:
78:35:b4:c8:bc:bd:af:80:3d:75:ac:c7:12:79:3f:
1b:8c:7f:06:01:7a:49:f0:5d:34:48:91:88:d9:db:
5e:5e:9a:04:b3:65:f2:2a:a5:59:92:8a:35:bf:88:
e2:72:13:c4:f0:ba:fd:3e:e2:f9:1a:9f:cd:2a:d8:
74:1a:98:79:12:f4:47:44:3e:87:49:ae:55:94:9c:
6d:81:9b:59:be:f3:7b:81:10:08:93:35:30:d2:31:
d0:64:f5:c6:f6:68:62:99:36:a6:af:24:08:55:a7:
52:92:08:45:3b:82:d7:17:de:d3:f5:f4:ae:b4:40:
e3:e3:7f:4a:60:6a:be:06:07:91:b4:83:f5:24:06:
f0:c1:e5:f8:fd:63:6e:15:d1:a2:30:f0:38:02:73:
1f:c9:e6:38:46:64:5c:ab:dd:6d:f0:fd:1e:d0:95:
32:98:b7:5d:40:aa:7e:dd:5b:b5:83:54:26:75:2d:
6c:bb:be:8c:3f:b3:1c:ed:8a:21:51:48:70:63:08:
ee:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0C:DB:35:DF:36:65:44:98:9F:F7:B0:83:0B:31:34:00:32:C3:CF
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/KgzbNd82ZUSYn_ewgwsxNAAyw88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
103.112.171.0/24
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:ea:31:4c:3d:be:1c:9f:6f:40:9a:23:9b:3b:9c:27:c0:a5:
12:a7:66:0c:97:26:00:3b:59:85:dc:c1:6f:e6:aa:0d:f9:04:
37:ba:f7:3d:17:57:0d:1c:20:46:fb:e1:a7:f9:43:a0:4e:d8:
4a:e7:41:f2:ab:a6:5d:2d:2a:e2:55:ce:83:74:93:e2:25:1f:
78:d1:f9:1e:34:d3:a8:c8:22:22:4c:9c:87:db:96:4b:9d:09:
e3:c4:9b:35:e0:88:ef:ca:67:be:d4:68:7f:6f:e7:d6:e9:10:
42:5b:52:33:ab:2b:2b:86:df:42:0e:b3:5d:ef:21:82:ff:41:
3d:37:86:ce:7c:59:0c:db:0c:7d:47:d8:62:98:a3:95:1a:0c:
23:d8:e7:1d:cc:b0:cd:bc:a1:17:9f:9d:34:31:38:73:db:86:
92:b3:12:28:4d:ab:d7:3a:4f:0a:cd:e5:26:54:ba:13:e3:32:
f3:7b:ad:1c:92:58:c9:38:6d:62:f4:41:0e:f5:ac:76:5c:0b:
a2:8b:ec:56:fe:c3:a3:44:f8:90:b3:a3:e6:28:11:55:bb:53:
97:07:6e:00:68:86:c3:5d:da:9c:40:98:25:44:48:85:a9:9a:
4b:6a:fa:d1:62:20:e2:c2:77:0c:5a:fc:8e:c6:10:c6:11:5f:
40:fa:a5:ea
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzFAKi5Yh4REkTsgQLzosFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjQwMTAxMTIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBjZGIzNWRmMzY2NTQ0OTg5ZmY3YjA4MzBiMzEzNDAwMzJjM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XU4z+mBmXI+SiyEtLmEO+Ho1I2G
TqjBh7jZHget6gwnd6OW6aFztWUdq6uQ8cSgSLxHKwsyQ2QEkvB4NbTIvL2vgD11
rMcSeT8bjH8GAXpJ8F00SJGI2dteXpoEs2XyKqVZkoo1v4jichPE8Lr9PuL5Gp/N
Kth0Gph5EvRHRD6HSa5VlJxtgZtZvvN7gRAIkzUw0jHQZPXG9mhimTamryQIVadS
kghFO4LXF97T9fSutEDj439KYGq+BgeRtIP1JAbwweX4/WNuFdGiMPA4AnMfyeY4
RmRcq91t8P0e0JUymLddQKp+3Vu1g1QmdS1su76MP7Mc7YohUUhwYwjuFQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCoM2zXfNmVEmJ/3sIMLMTQAMsPPMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvS2d6Yk5kODJaVVNZbl9ld2d3c3hOQUF5dzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBCBAIAATA8AwQALuXzAwQA
LuX7AwQALuX9AwQATUp7AwQAU+U9AwQAVcxrAwQAZ3CrAwQAZ/b4AwQAuWg/AwQA
w0pdMBYEAgACMBAwDgMEASoSMgMGBCoSMgBAMA0GCSqGSIb3DQEBCwUAA4IBAQAO
6jFMPb4cn29AmiObO5wnwKUSp2YMlyYAO1mF3MFv5qoN+QQ3uvc9F1cNHCBG++Gn
+UOgTthK50Hyq6ZdLSriVc6DdJPiJR940fkeNNOoyCIiTJyH25ZLnQnjxJs14Ijv
yme+1Gh/b+fW6RBCW1Izqysrht9CDrNd7yGC/0E9N4bOfFkM2wx9R9himKOVGgwj
2OcdzLDNvKEXn500MThz24aSsxIoTavXOk8KzeUmVLoT4zLze60ckljJOG1i9EEO
9ax2XAuii+xW/sOjRPiQs6PmKBFVu1OXB24AaIbDXdqcQJglREiFqZpLavrRYiDi
wncMWvyOxhDGEV9A+qXq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:00 2025 by rpki-client