Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/KvgGF-s_8qI9fZYbmJjxyZJN_aA.roa
File: KvgGF-s_8qI9fZYbmJjxyZJN_aA.roa (raw, json)
Hash identifier: N4kU+Rz9Vn6nK+poTcTXxCDCz6TM4Toec4G9MkLXe60=
Subject key identifier: 2A:F8:06:17:EB:3F:F2:A2:3D:7D:96:1B:98:98:F1:C9:92:4D:FD:A0
Certificate issuer: /CN=8831d621d192f92db093d933092c1e236b4d497b
Certificate serial: 0185723A30CA9B3B72A91EBFBAED323CB615
Authority key identifier: 88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/KvgGF-s_8qI9fZYbmJjxyZJN_aA.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39798
IP address blocks: 185.225.16.0/22 maxlen: 24
94.158.244.0/22 maxlen: 24
185.163.44.0/22 maxlen: 24
194.180.158.0/24 maxlen: 24
194.180.157.0/24 maxlen: 24
5.252.176.0/22 maxlen: 24
194.180.174.0/24 maxlen: 24
194.180.191.0/24 maxlen: 24
5.181.156.0/22 maxlen: 24
2a0a:c800::/29 maxlen: 48
2001:67c:2db8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:30:ca:9b:3b:72:a9:1e:bf:ba:ed:32:3c:b6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8831d621d192f92db093d933092c1e236b4d497b
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2af80617eb3ff2a23d7d961b9898f1c9924dfda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:78:d9:be:00:be:48:50:c7:4a:69:08:42:97:
c8:7d:97:24:ea:70:3e:14:ef:d0:02:37:e1:b3:b7:
d6:c0:67:08:ad:59:c7:4a:d5:a1:11:4b:dc:60:00:
ff:a9:a4:fa:68:b5:d3:9a:a9:b3:87:6c:71:e2:46:
8e:b8:5d:aa:d8:97:ea:d2:ed:d0:1b:28:ca:cf:fd:
dd:ad:1a:c4:c8:03:96:18:1f:50:80:f0:1c:92:cf:
79:1b:81:70:55:46:04:18:cb:c3:fd:11:f1:bb:e7:
01:d1:a5:a7:e9:c4:48:3b:0a:50:dd:e3:70:ac:8c:
7b:fa:e8:f3:2f:76:10:00:51:5e:2b:9c:62:09:80:
60:e5:00:cf:20:70:86:5c:45:6f:75:12:c8:9d:a3:
c3:93:7e:14:ca:7f:bb:a5:71:6a:5d:2a:b7:a3:69:
8d:70:ad:5f:30:da:d7:28:6a:7e:33:de:b0:34:40:
55:37:96:c7:f5:ae:64:62:bc:4f:76:99:28:4d:08:
0e:45:af:0a:9d:56:bf:3d:1c:86:ea:a1:f6:0a:12:
14:3e:c2:21:33:6d:4f:2a:bf:f7:79:c0:62:a7:3e:
d0:1c:51:65:ec:f2:b0:53:a3:d3:86:82:f0:fa:12:
83:df:17:8a:84:11:21:5c:84:34:e4:28:9a:74:b4:
85:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F8:06:17:EB:3F:F2:A2:3D:7D:96:1B:98:98:F1:C9:92:4D:FD:A0
X509v3 Authority Key Identifier:
keyid:88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/KvgGF-s_8qI9fZYbmJjxyZJN_aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.156.0/22
5.252.176.0/22
94.158.244.0/22
185.163.44.0/22
185.225.16.0/22
194.180.157.0-194.180.158.255
194.180.174.0/24
194.180.191.0/24
IPv6:
2001:67c:2db8::/48
2a0a:c800::/29
Signature Algorithm: sha256WithRSAEncryption
9d:ac:b9:10:a4:3d:81:3f:e2:be:0e:b3:a5:a5:99:a7:ad:13:
1a:8c:a3:45:f9:ca:e4:40:86:71:92:71:d1:d2:a3:9b:a1:c1:
7c:a0:d6:45:15:5d:86:04:91:17:9e:41:34:98:e9:e2:2a:9e:
52:e1:1b:58:9a:67:2f:56:99:43:ee:29:60:df:b2:73:26:85:
7b:18:e1:85:7d:f8:bc:d7:3e:6c:cf:42:e0:a9:54:f5:ca:7b:
45:ef:ba:6d:a7:9f:29:d1:db:20:ad:91:e6:d3:23:23:f8:c6:
90:b6:91:be:f9:e2:8e:59:1a:9d:d5:90:76:63:9f:33:d0:92:
26:ba:5a:8e:95:45:e2:9e:93:df:8c:f3:55:ae:89:d5:d9:e0:
af:ad:c6:ef:74:f5:2d:6b:c7:13:e7:6e:86:40:26:8a:b7:c1:
e9:6c:99:63:0b:63:ac:f0:ed:9f:f5:1c:41:0a:c6:1c:2f:6b:
21:9a:06:ff:68:45:76:fa:dd:9a:89:d5:47:3b:27:24:c8:4d:
72:7c:54:a8:39:2e:c2:16:b5:56:ca:7b:cb:11:d4:e9:ed:97:
21:41:94:71:45:84:27:69:5c:4e:df:5d:9a:0f:c7:7b:17:d2:
57:f2:37:cb:00:b3:21:a4:21:72:05:40:c1:46:dd:e3:8c:ca:
93:4b:cd:5a
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYVyOjDKmztyqR6/uu0yPLYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MzFkNjIxZDE5MmY5MmRiMDkzZDkzMzA5MmMxZTIzNmI0
ZDQ5N2IwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY4MDYxN2ViM2ZmMmEyM2Q3ZDk2MWI5ODk4ZjFjOTkyNGRmZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3jZvgC+SFDHSmkIQpfIfZck6nA+
FO/QAjfhs7fWwGcIrVnHStWhEUvcYAD/qaT6aLXTmqmzh2xx4kaOuF2q2Jfq0u3Q
GyjKz/3drRrEyAOWGB9QgPAcks95G4FwVUYEGMvD/RHxu+cB0aWn6cRIOwpQ3eNw
rIx7+ujzL3YQAFFeK5xiCYBg5QDPIHCGXEVvdRLInaPDk34Uyn+7pXFqXSq3o2mN
cK1fMNrXKGp+M96wNEBVN5bH9a5kYrxPdpkoTQgORa8KnVa/PRyG6qH2ChIUPsIh
M21PKr/3ecBipz7QHFFl7PKwU6PThoLw+hKD3xeKhBEhXIQ05CiadLSF5wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFCr4BhfrP/KiPX2WG5iY8cmSTf2gMB8GA1UdIwQY
MBaAFIgx1iHRkvktsJPZMwksHiNrTUl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaURIV0lkR1MtUzJ3azlrekNTd2VJMnROU1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS80NDA3ODEtZjYxNC00NTBkLTlkOWYt
MmI4NzYxZDhhMTM3LzEvS3ZnR0Ytc184cUk5ZlpZYm1Kanh5WkpOX2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS80NDA3ODEtZjYxNC00NTBkLTlkOWYtMmI4NzYxZDhhMTM3
LzEvaURIV0lkR1MtUzJ3azlrekNTd2VJMnROU1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA+BAIAATA4AwQCBbWcAwQC
BfywAwQCXp70AwQCuaMsAwQCueEQMAwDBADCtJ0DBADCtJ4DBADCtK4DBADCtL8w
FgQCAAIwEAMHACABBnwtuAMFAyoKyAAwDQYJKoZIhvcNAQELBQADggEBAJ2suRCk
PYE/4r4Os6WlmaetExqMo0X5yuRAhnGScdHSo5uhwXyg1kUVXYYEkReeQTSY6eIq
nlLhG1iaZy9WmUPuKWDfsnMmhXsY4YV9+LzXPmzPQuCpVPXKe0Xvum2nnynR2yCt
kebTIyP4xpC2kb754o5ZGp3VkHZjnzPQkia6Wo6VReKek9+M81WuidXZ4K+txu90
9S1rxxPnboZAJoq3welsmWMLY6zw7Z/1HEEKxhwvayGaBv9oRXb63ZqJ1Uc7JyTI
TXJ8VKg5LsIWtVbKe8sR1OntlyFBlHFFhCdpXE7fXZoPx3sX0lfyN8sAsyGkIXIF
QMFG3eOMypNLzVo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:29 2024 by rpki-client on console-ams.rpki-client.org