Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/ksaNSc5Ish2928HwMj37pB50OHI.roa
File: ksaNSc5Ish2928HwMj37pB50OHI.roa (raw, json)
Hash identifier: xl3lEBVVaCKaXMf0pQ6vuGByl8wi56/VaaiGlKM0eF0=
Subject key identifier: 92:C6:8D:49:CE:48:B2:1D:BD:DB:C1:F0:32:3D:FB:A4:1E:74:38:72
Certificate issuer: /CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Certificate serial: 019470362DAE57A23A4A592B867C2502334B
Authority key identifier: CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/ksaNSc5Ish2928HwMj37pB50OHI.roa
Signing time: Thu 16 Jan 2025 17:43:06 +0000
ROA not before: Thu 16 Jan 2025 17:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8280
IP address blocks: 46.227.56.0/21 maxlen: 24
46.227.56.0/24 maxlen: 32
46.227.57.0/24 maxlen: 24
46.227.58.0/24 maxlen: 32
46.227.59.0/24 maxlen: 24
46.227.60.0/24 maxlen: 24
46.227.61.0/24 maxlen: 32
46.227.62.0/24 maxlen: 24
46.227.63.0/24 maxlen: 24
78.108.32.0/20 maxlen: 24
78.108.32.0/24 maxlen: 24
78.108.33.0/24 maxlen: 24
78.108.34.0/24 maxlen: 24
78.108.35.0/24 maxlen: 24
78.108.36.0/24 maxlen: 24
78.108.37.0/24 maxlen: 24
78.108.38.0/24 maxlen: 24
78.108.39.0/24 maxlen: 24
78.108.40.0/24 maxlen: 24
78.108.41.0/24 maxlen: 24
78.108.42.0/24 maxlen: 24
78.108.43.0/24 maxlen: 24
78.108.44.0/24 maxlen: 24
78.108.45.0/24 maxlen: 24
78.108.46.0/24 maxlen: 24
78.108.47.0/24 maxlen: 24
185.51.132.0/22 maxlen: 24
185.51.132.0/24 maxlen: 32
185.51.133.0/24 maxlen: 24
185.51.135.0/24 maxlen: 24
2001:1548::/29 maxlen: 64
2001:1548:7000::/48 maxlen: 48
2001:1548:7001::/48 maxlen: 48
2001:1548:7002::/48 maxlen: 48
2001:1548:7003::/48 maxlen: 48
2001:1548:7004::/48 maxlen: 48
2001:1548:7005::/48 maxlen: 48
2001:1548:7006::/48 maxlen: 48
2001:1548:7007::/48 maxlen: 48
2001:1548:7008::/48 maxlen: 48
2001:1548:7009::/48 maxlen: 48
2001:1548:7010::/48 maxlen: 48
2001:1548:7011::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Jan 2025 08:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:36:2d:ae:57:a2:3a:4a:59:2b:86:7c:25:02:33:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Validity
Not Before: Jan 16 17:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92c68d49ce48b21dbddbc1f0323dfba41e743872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0b:17:06:14:4b:d7:73:3d:da:cc:07:be:9f:
a9:48:23:dd:ab:18:0d:42:23:01:fe:38:20:58:84:
02:98:0f:f5:bb:39:f4:22:dc:26:e1:e2:bf:02:90:
44:6a:01:18:8e:3a:48:50:02:5b:ce:da:31:87:83:
d4:41:af:7b:e4:75:ae:95:b3:6f:35:34:a4:e9:68:
c4:71:ff:72:cc:48:16:1e:df:b9:d2:2d:c9:b7:80:
3e:be:49:f1:5a:ab:7a:88:06:ea:dd:85:33:c0:a6:
27:46:9d:c8:5a:ff:03:83:cc:70:9f:6c:44:61:d8:
b5:dc:59:f1:96:34:2d:27:fd:bb:e8:0d:68:66:b9:
3b:93:6d:a1:c0:f4:37:ce:7d:74:15:57:62:d3:89:
c6:7b:73:a5:0a:62:fc:63:0a:3d:06:88:f6:65:83:
2e:e3:27:f6:a1:be:e0:81:94:c3:5e:29:87:51:86:
92:a8:ed:83:53:42:90:67:8a:40:38:3d:63:44:90:
ec:5c:3f:24:c6:cb:7e:c0:95:26:80:6b:52:a5:93:
af:eb:79:e1:b1:f9:1e:c5:93:89:e9:34:3b:db:44:
27:e6:7e:61:04:c9:ff:a5:7a:aa:a9:a1:d3:9c:4b:
22:f2:e8:88:f8:81:57:54:fb:2b:c5:ec:8c:15:ef:
0c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C6:8D:49:CE:48:B2:1D:BD:DB:C1:F0:32:3D:FB:A4:1E:74:38:72
X509v3 Authority Key Identifier:
keyid:CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/ksaNSc5Ish2928HwMj37pB50OHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.56.0/21
78.108.32.0/20
185.51.132.0/22
IPv6:
2001:1548::/29
Signature Algorithm: sha256WithRSAEncryption
5b:84:7a:ca:79:b8:d7:db:8a:f2:30:37:0f:67:56:aa:8f:df:
33:4a:ad:1f:31:11:60:4f:45:da:bf:8b:7b:b2:05:d4:f1:54:
e3:55:b9:44:8b:eb:da:a5:13:b6:4c:30:d9:37:00:28:36:02:
09:81:72:d3:e4:6d:91:96:18:1b:09:16:67:9f:00:3f:ad:7d:
07:2d:89:8d:fa:ab:14:d4:77:e5:73:8b:85:cd:47:7a:3c:d7:
01:f5:98:f8:0e:32:51:4c:5b:93:79:95:51:01:55:fe:96:77:
24:aa:41:d4:62:35:4c:e7:f6:a9:85:d2:69:da:2f:26:67:a8:
47:29:69:c9:dd:31:c8:f9:6b:e0:aa:24:b4:90:f8:64:9d:c8:
6c:a5:2d:96:b3:18:9b:9e:c9:31:21:92:a4:c0:12:13:48:aa:
93:0c:ac:95:d9:5d:73:44:c3:f4:64:1b:6c:27:57:0e:df:3c:
80:3a:b6:05:e7:26:79:1b:d9:e2:c7:36:20:07:02:b2:bc:24:
46:db:47:f6:13:84:1b:f3:df:5b:2f:2e:66:01:d3:f6:81:f4:
c0:3f:4f:34:24:33:2d:9b:86:87:60:bd:3d:bb:38:09:35:fe:
4d:94:ed:56:1e:de:67:15:bf:29:04:79:86:11:ee:f0:75:02:
49:9e:c7:d2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZRwNi2uV6I6SlkrhnwlAjNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBmZGQ4MmEwZmRmM2I3MGJlMTgyMjFlZWJhNjBkODAx
ZWQ3YmYwHhcNMjUwMTE2MTc0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM2OGQ0OWNlNDhiMjFkYmRkYmMxZjAzMjNkZmJhNDFlNzQzODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wsXBhRL13M92swHvp+pSCPdqxgN
QiMB/jggWIQCmA/1uzn0Itwm4eK/ApBEagEYjjpIUAJbztoxh4PUQa975HWulbNv
NTSk6WjEcf9yzEgWHt+50i3Jt4A+vknxWqt6iAbq3YUzwKYnRp3IWv8Dg8xwn2xE
Ydi13FnxljQtJ/276A1oZrk7k22hwPQ3zn10FVdi04nGe3OlCmL8Ywo9Boj2ZYMu
4yf2ob7ggZTDXimHUYaSqO2DU0KQZ4pAOD1jRJDsXD8kxst+wJUmgGtSpZOv63nh
sfkexZOJ6TQ720Qn5n5hBMn/pXqqqaHTnEsi8uiI+IFXVPsrxeyMFe8MwQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJLGjUnOSLIdvdvB8DI9+6QedDhyMB8GA1UdIwQY
MBaAFM9A/dgqD987cL4YIh7rpg2AHte/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2It
YTI5Y2U3ZGExMGZkLzEva3NhTlNjNUlzaDI5MjhId01qMzdwQjUwT0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2ItYTI5Y2U3ZGExMGZk
LzEvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLuM4AwQE
TmwgAwQCuTOEMA0EAgACMAcDBQMgARVIMA0GCSqGSIb3DQEBCwUAA4IBAQBbhHrK
ebjX24ryMDcPZ1aqj98zSq0fMRFgT0Xav4t7sgXU8VTjVblEi+vapRO2TDDZNwAo
NgIJgXLT5G2RlhgbCRZnnwA/rX0HLYmN+qsU1Hflc4uFzUd6PNcB9Zj4DjJRTFuT
eZVRAVX+lnckqkHUYjVM5/aphdJp2i8mZ6hHKWnJ3THI+WvgqiS0kPhknchspS2W
sxibnskxIZKkwBITSKqTDKyV2V1zRMP0ZBtsJ1cO3zyAOrYF5yZ5G9nixzYgBwKy
vCRG20f2E4Qb899bLy5mAdP2gfTAP080JDMtm4aHYL09uzgJNf5NlO1WHt5nFb8p
BHmGEe7wdQJJnsfS
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:25:39 2025 by rpki-client