Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/Kgj0OqgbZQrVYFQQCWvkA1RCCCM.roa
File: Kgj0OqgbZQrVYFQQCWvkA1RCCCM.roa (raw, json)
Hash identifier: nWRZtwuUj55HpzYQm2g2R97AGj3mLkL0kJXZprY65fE=
Subject key identifier: 2A:08:F4:3A:A8:1B:65:0A:D5:60:54:10:09:6B:E4:03:54:42:08:23
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 0190052B6D30AE30E2C85A648C5D69043BDE
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/Kgj0OqgbZQrVYFQQCWvkA1RCCCM.roa
Signing time: Tue 11 Jun 2024 02:40:50 +0000
ROA not before: Tue 11 Jun 2024 02:40:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205209
IP address blocks: 80.74.96.0/24 maxlen: 24
80.74.97.0/24 maxlen: 24
80.74.99.0/24 maxlen: 24
80.74.123.0/24 maxlen: 24
92.61.224.0/24 maxlen: 24
92.61.225.0/24 maxlen: 24
92.61.226.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
92.61.234.0/23 maxlen: 23
92.61.234.0/24 maxlen: 24
92.61.235.0/24 maxlen: 24
94.188.136.0/24 maxlen: 24
94.188.138.0/24 maxlen: 24
94.188.140.0/24 maxlen: 24
94.188.142.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.162.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.167.0/24 maxlen: 24
94.188.169.0/24 maxlen: 24
94.188.171.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.178.0/24 maxlen: 24
94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
94.188.188.0/23 maxlen: 23
94.188.191.0/24 maxlen: 24
94.188.196.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
94.188.200.0/24 maxlen: 24
94.188.242.0/24 maxlen: 24
94.188.243.0/24 maxlen: 24
94.188.251.0/24 maxlen: 24
2a02:23b8:2::/52 maxlen: 52
2a02:23b8:1a00::/56 maxlen: 56
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:05:2b:6d:30:ae:30:e2:c8:5a:64:8c:5d:69:04:3b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jun 11 02:40:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a08f43aa81b650ad5605410096be40354420823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b5:48:a1:0b:ed:bf:52:0c:db:92:b5:c7:3b:
7d:e7:68:a4:11:d4:57:b6:d7:6b:dc:03:97:8f:f1:
b5:38:0f:f1:08:00:ec:a6:92:dc:f1:3a:3e:8c:89:
51:61:c6:94:38:95:76:2e:41:91:a9:8d:50:19:e3:
84:13:8e:54:00:75:07:9c:e3:d1:1a:63:ca:0f:52:
8c:3f:a8:97:2e:ae:5d:fb:c2:b4:66:68:23:bb:cc:
35:f5:f6:a0:de:bb:08:26:05:2f:5e:8c:0f:23:24:
87:9d:3f:f5:f2:a6:7c:b2:54:0e:e8:4f:8f:23:70:
50:8e:a9:36:34:76:11:56:b8:ad:b1:06:ba:86:b9:
87:dc:b0:e9:5d:d9:50:2f:d7:e5:e2:3e:da:9d:5d:
ad:95:c7:da:1c:79:6f:d1:a0:47:4a:95:8c:57:67:
c1:6d:83:3e:86:fe:da:c1:63:63:d3:af:54:37:c3:
81:b4:1b:95:ec:f3:d3:cc:68:55:b6:e4:6e:55:f4:
b8:95:7e:5b:39:07:ec:77:f4:f7:bf:29:75:05:55:
db:11:e9:fa:dc:47:1b:c7:8d:bf:64:1c:0d:3f:bd:
47:87:f4:f4:49:ae:9c:42:09:46:96:e2:c9:ed:96:
3f:25:06:cb:ad:54:27:bd:e7:20:a7:a3:4a:5e:d7:
31:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:08:F4:3A:A8:1B:65:0A:D5:60:54:10:09:6B:E4:03:54:42:08:23
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/Kgj0OqgbZQrVYFQQCWvkA1RCCCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/23
80.74.99.0/24
80.74.123.0/24
92.61.224.0-92.61.226.255
92.61.230.0/23
92.61.234.0/23
94.188.136.0/24
94.188.138.0/24
94.188.140.0/24
94.188.142.0/24
94.188.161.0-94.188.162.255
94.188.165.0-94.188.167.255
94.188.169.0/24
94.188.171.0/24
94.188.175.0/24
94.188.178.0/23
94.188.186.0-94.188.189.255
94.188.191.0/24
94.188.196.0/23
94.188.200.0/24
94.188.242.0/23
94.188.251.0/24
IPv6:
2a02:23b8:2::/52
2a02:23b8:1a00::/56
Signature Algorithm: sha256WithRSAEncryption
b1:e8:68:f7:b6:3a:c9:56:55:01:52:02:1b:08:e4:d3:6f:83:
bb:0f:5a:6c:27:e1:5f:2a:7e:16:43:03:7e:e6:b1:20:35:78:
b4:1e:41:22:c6:3d:fb:61:07:ec:aa:97:37:fd:ed:5c:7a:97:
ce:b1:b1:20:1a:eb:66:b8:09:46:13:a0:96:9d:1a:e4:9b:58:
75:82:e3:dc:11:f6:ce:13:94:d0:9f:3e:43:a3:da:a7:22:36:
97:b8:4b:e1:48:4e:30:6b:8d:90:ee:c4:eb:7b:12:e0:b5:64:
fc:d0:23:57:87:2a:44:c1:57:6b:6c:9e:61:8b:3f:5c:f5:67:
81:7d:74:21:5f:f1:70:f9:15:71:6f:8d:54:b7:20:63:cf:e0:
a9:16:b8:60:41:2c:e7:7e:f4:49:3f:71:01:db:41:e3:04:be:
9b:09:a1:2e:0a:36:8d:ee:fa:cc:9a:76:f7:26:f9:e7:5f:8e:
55:0c:a9:73:f8:a5:e6:9c:37:00:0f:d9:c4:84:38:66:48:89:
3a:1a:b1:59:89:20:6b:a9:bb:d7:22:67:62:b3:b3:51:fe:a5:
3f:9c:36:cf:f1:f3:fe:09:d3:ed:70:35:16:23:91:9f:c3:8b:
87:ae:01:58:7d:a7:e2:ca:e3:a5:06:68:ce:a6:65:69:33:7a:
ff:20:f8:8c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZAFK20wrjDiyFpkjF1pBDveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwNjExMDI0MDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA4ZjQzYWE4MWI2NTBhZDU2MDU0MTAwOTZiZTQwMzU0NDIwODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bVIoQvtv1IM25K1xzt952ikEdRX
ttdr3AOXj/G1OA/xCADsppLc8To+jIlRYcaUOJV2LkGRqY1QGeOEE45UAHUHnOPR
GmPKD1KMP6iXLq5d+8K0Zmgju8w19fag3rsIJgUvXowPIySHnT/18qZ8slQO6E+P
I3BQjqk2NHYRVritsQa6hrmH3LDpXdlQL9fl4j7anV2tlcfaHHlv0aBHSpWMV2fB
bYM+hv7awWNj069UN8OBtBuV7PPTzGhVtuRuVfS4lX5bOQfsd/T3vyl1BVXbEen6
3Ecbx42/ZBwNP71Hh/T0Sa6cQglGluLJ7ZY/JQbLrVQnvecgp6NKXtcxzQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFCoI9DqoG2UK1WBUEAlr5ANUQggjMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvS2dqME9xZ2JaUXJWWUZRUUNXdmtBMVJDQ0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBqwQCAAEwgaQDBAFQ
SmADBABQSmMDBABQSnswDAMEBVw94AMEAFw94gMEAVw95gMEAVw96gMEAF68iAME
AF68igMEAF68jAMEAF68jjAMAwQAXryhAwQAXryiMAwDBABevKUDBANevKADBABe
vKkDBABevKsDBABevK8DBAFevLIwDAMEAV68ugMEAV68vAMEAF68vwMEAV68xAME
AF68yAMEAV688gMEAF68+zAaBAIAAjAUAwgEKgIjuAACAAMIACoCI7gaAAAwDQYJ
KoZIhvcNAQELBQADggEBALHoaPe2OslWVQFSAhsI5NNvg7sPWmwn4V8qfhZDA37m
sSA1eLQeQSLGPfthB+yqlzf97Vx6l86xsSAa62a4CUYToJadGuSbWHWC49wR9s4T
lNCfPkOj2qciNpe4S+FITjBrjZDuxOt7EuC1ZPzQI1eHKkTBV2tsnmGLP1z1Z4F9
dCFf8XD5FXFvjVS3IGPP4KkWuGBBLOd+9Ek/cQHbQeMEvpsJoS4KNo3u+syadvcm
+edfjlUMqXP4peacNwAP2cSEOGZIiToasVmJIGupu9ciZ2Kzs1H+pT+cNs/x8/4J
0+1wNRYjkZ/Di4euAVh9p+LK46UGaM6mZWkzev8g+Iw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:37 2025 by rpki-client