Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/kl7G_-jtRTH_TTgF5tu5fY1OJRY.roa
File: kl7G_-jtRTH_TTgF5tu5fY1OJRY.roa (raw, json)
Hash identifier: /5Rd71ybXHn7VS6raN+cqKWsn9kRgQmy7XP63f9q+vM=
Subject key identifier: 92:5E:C6:FF:E8:ED:45:31:FF:4D:38:05:E6:DB:B9:7D:8D:4E:25:16
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 018D1C5E31E84AEE30C55BD7B2CA4B6CAA94
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/kl7G_-jtRTH_TTgF5tu5fY1OJRY.roa
Signing time: Thu 18 Jan 2024 11:39:11 +0000
ROA not before: Thu 18 Jan 2024 11:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
89.208.56.0/21 maxlen: 21
89.208.128.0/21 maxlen: 21
89.208.134.0/23 maxlen: 24
141.226.120.0/22 maxlen: 24
147.234.23.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
147.236.116.0/23 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.125.0/24 maxlen: 24
147.236.144.0/20 maxlen: 24
147.236.176.0/20 maxlen: 20
147.236.183.0/24 maxlen: 24
185.108.80.0/22 maxlen: 24
185.149.252.0/22 maxlen: 24
185.167.108.0/22 maxlen: 24
185.175.32.0/22 maxlen: 23
185.180.100.0/22 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.182.76.0/22 maxlen: 24
185.184.244.0/22 maxlen: 23
188.191.224.0/21 maxlen: 21
188.191.224.0/22 maxlen: 22
188.191.224.0/24 maxlen: 24
188.191.228.0/22 maxlen: 22
217.175.80.0/20 maxlen: 20
217.175.84.0/22 maxlen: 22
217.175.88.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 17:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:5e:31:e8:4a:ee:30:c5:5b:d7:b2:ca:4b:6c:aa:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Jan 18 11:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=925ec6ffe8ed4531ff4d3805e6dbb97d8d4e2516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:30:fe:87:6a:0f:f4:7c:25:79:24:af:39:02:
4c:b3:8d:60:63:91:0f:ec:35:fd:67:fb:52:80:03:
25:ad:d5:76:c7:fd:1e:7b:3c:57:1a:da:1c:21:59:
21:c6:8c:8a:b6:b5:a0:80:3a:8b:a3:7f:0e:97:c4:
f6:7f:5f:60:70:cf:b1:e2:ea:91:02:20:45:27:b2:
9e:e8:36:c5:3f:31:4b:87:d7:73:ce:e2:db:b5:f3:
67:f0:d2:4c:9a:b6:91:af:fd:c8:64:4a:df:b4:6a:
f7:9d:05:6b:c8:5a:a5:35:01:d7:79:2c:f2:4c:ca:
cc:3e:5d:94:da:6c:5e:c1:1b:38:88:1f:fc:07:2f:
e8:49:98:23:69:06:22:7b:b7:90:e8:52:8c:91:c2:
eb:0e:96:36:cb:a8:ac:c1:6c:9c:b4:6b:a0:e3:66:
9e:0a:d1:52:6b:91:dd:5a:01:e1:ba:0f:8f:2d:83:
f3:7e:7b:9f:37:37:39:ec:fc:3b:7b:d6:fd:b9:78:
ea:f0:97:78:85:a0:24:0e:e4:98:c9:83:7a:09:6a:
81:ad:63:ea:9d:a1:b3:32:06:60:ca:0f:f1:3a:c0:
40:15:30:43:f9:7a:30:24:ca:d3:4f:49:da:4c:1d:
86:b1:dc:8f:74:42:e5:a6:97:5c:ab:82:0f:a6:9c:
41:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:5E:C6:FF:E8:ED:45:31:FF:4D:38:05:E6:DB:B9:7D:8D:4E:25:16
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/kl7G_-jtRTH_TTgF5tu5fY1OJRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0/23
147.236.120.0/21
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
6a:81:3e:7f:25:09:89:26:3a:c2:87:64:53:6c:2a:48:ef:fc:
e0:1a:e9:cb:86:15:8f:9d:5c:47:39:1c:c4:47:e9:85:5a:29:
9c:04:f9:42:53:9f:1a:2b:19:3a:3a:66:0f:1b:91:e6:dd:bd:
57:f7:08:d2:90:68:47:4f:27:75:53:24:a2:99:57:13:29:18:
8f:92:49:9d:61:fe:56:0c:fa:e8:8a:aa:68:99:3a:72:cd:2a:
46:d4:9f:d8:22:e7:69:f6:6d:f6:67:b2:e0:6a:d3:20:0d:2d:
08:79:b1:e9:56:33:f1:16:fa:8f:67:cd:08:bf:db:43:de:04:
4f:7b:ee:83:85:94:62:82:5f:0f:71:f4:0f:0c:d3:7a:2e:6f:
6f:ca:3e:88:a0:8f:c4:ec:04:14:9e:0c:6f:6b:cd:e5:53:f4:
fc:e7:5d:c8:fe:11:e0:fe:bd:1d:99:a9:0c:07:54:b0:42:58:
71:52:bd:df:37:77:82:0f:c0:4e:3d:26:f9:ce:f8:f7:81:1c:
42:85:fb:b9:70:5e:24:b5:63:04:08:60:c0:21:01:82:8d:c0:
b5:ad:8d:7b:fb:05:50:54:c2:3b:80:16:70:e4:14:f7:72:3d:
14:09:bb:f2:85:4c:02:b9:27:94:fd:d9:1c:59:15:a0:ec:dd:
e1:e1:28:9b
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAY0cXjHoSu4wxVvXsspLbKqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjQwMTE4MTEzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjVlYzZmZmU4ZWQ0NTMxZmY0ZDM4MDVlNmRiYjk3ZDhkNGUyNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojD+h2oP9HwleSSvOQJMs41gY5EP
7DX9Z/tSgAMlrdV2x/0eezxXGtocIVkhxoyKtrWggDqLo38Ol8T2f19gcM+x4uqR
AiBFJ7Ke6DbFPzFLh9dzzuLbtfNn8NJMmraRr/3IZErftGr3nQVryFqlNQHXeSzy
TMrMPl2U2mxewRs4iB/8By/oSZgjaQYie7eQ6FKMkcLrDpY2y6iswWyctGug42ae
CtFSa5HdWgHhug+PLYPzfnufNzc57Pw7e9b9uXjq8Jd4haAkDuSYyYN6CWqBrWPq
naGzMgZgyg/xOsBAFTBD+XowJMrTT0naTB2GsdyPdELlppdcq4IPppxBCQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFJJexv/o7UUx/004BebbuX2NTiUWMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEva2w3R18tanRSVEhfVFRnRjV0dTVmWTFPSlJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoAwQBk+x0AwQDk+x4AwQEk+yQ
AwQEk+ywAwQCuWxQAwQCuZX8AwQCuadsAwQCua8gAwQCubRkAwQCubZMAwQCubj0
AwQDvL/gAwQE2a9QMA0EAgACMAcDBQAqAHxAMA0GCSqGSIb3DQEBCwUAA4IBAQBq
gT5/JQmJJjrCh2RTbCpI7/zgGunLhhWPnVxHORzER+mFWimcBPlCU58aKxk6OmYP
G5Hm3b1X9wjSkGhHTyd1UySimVcTKRiPkkmdYf5WDProiqpomTpyzSpG1J/YIudp
9m32Z7LgatMgDS0IebHpVjPxFvqPZ80Iv9tD3gRPe+6DhZRigl8PcfQPDNN6Lm9v
yj6IoI/E7AQUngxva83lU/T8513I/hHg/r0dmakMB1SwQlhxUr3fN3eCD8BOPSb5
zvj3gRxChfu5cF4ktWMECGDAIQGCjcC1rY17+wVQVMI7gBZw5BT3cj0UCbvyhUwC
uSeU/dkcWRWg7N3h4Sib
-----END CERTIFICATE-----
Generated at Wed Mar 13 22:33:06 2024 by rpki-client on console-ams.rpki-client.org