Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/Kn3-A2WxuWr8aZZQPx-Yzh712yo.roa
File: Kn3-A2WxuWr8aZZQPx-Yzh712yo.roa (raw, json)
Hash identifier: RPbBNrT7TTDovCBpE3VlwOxfNbatHiso/B/s25U6nWk=
Subject key identifier: 2A:7D:FE:03:65:B1:B9:6A:FC:69:96:50:3F:1F:98:CE:1E:F5:DB:2A
Certificate issuer: /CN=fe414ea21a9116d2cdf8f5c02d08673afa576893
Certificate serial: 0191568459768674BCBE343497A5D99C9422
Authority key identifier: FE:41:4E:A2:1A:91:16:D2:CD:F8:F5:C0:2D:08:67:3A:FA:57:68:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/Kn3-A2WxuWr8aZZQPx-Yzh712yo.roa
Signing time: Thu 15 Aug 2024 14:49:59 +0000
ROA not before: Thu 15 Aug 2024 14:49:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59533
IP address blocks: 91.218.100.0/24 maxlen: 24
91.218.101.0/24 maxlen: 24
91.218.102.0/24 maxlen: 24
91.218.103.0/24 maxlen: 24
91.219.200.0/24 maxlen: 24
91.219.201.0/24 maxlen: 24
91.219.202.0/24 maxlen: 24
91.219.203.0/24 maxlen: 24
91.235.180.0/24 maxlen: 24
91.235.181.0/24 maxlen: 24
91.240.112.0/24 maxlen: 24
91.240.113.0/24 maxlen: 24
193.150.52.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:84:59:76:86:74:bc:be:34:34:97:a5:d9:9c:94:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe414ea21a9116d2cdf8f5c02d08673afa576893
Validity
Not Before: Aug 15 14:49:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a7dfe0365b1b96afc6996503f1f98ce1ef5db2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6e:a2:90:74:15:a5:16:fc:7f:4d:38:59:e1:
5a:e2:ba:8f:cd:4a:05:7a:35:d1:5d:ed:c6:a1:35:
47:cf:12:d1:ee:07:cf:ce:03:8c:b5:3b:65:95:7a:
3d:6b:48:e9:a3:50:d2:ef:49:55:6b:44:24:14:4d:
c9:8c:70:d8:b0:07:10:c5:b9:9c:4c:ae:be:7f:89:
3b:db:fa:c2:08:85:22:09:6b:3b:e5:1a:0e:63:9c:
b3:bf:da:f8:4c:34:72:59:4f:a4:aa:14:6d:55:78:
d6:0e:b9:03:4b:bd:cd:5a:7b:75:3e:d0:44:5d:55:
c8:78:4c:32:6b:56:24:ef:6a:88:f2:d1:0b:39:c1:
98:70:bc:16:f4:54:68:77:00:d5:db:da:a6:6d:5d:
ce:f9:a9:88:ce:bb:8a:65:2c:48:9b:c4:34:b7:33:
e5:2f:38:ba:b1:9e:56:8b:56:03:ff:31:11:f9:09:
91:c7:0a:47:b0:11:e4:cb:4f:4a:5c:98:3a:10:5e:
3e:3e:a4:65:c8:a7:4d:97:6e:e6:13:35:d4:58:4a:
1d:12:bf:2b:57:17:cd:66:ee:ae:49:dc:4d:eb:0f:
be:13:51:27:c7:a0:52:37:65:94:da:2f:ec:4d:71:
b5:42:61:57:56:4b:75:03:d3:ca:64:a1:91:9d:fc:
5f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7D:FE:03:65:B1:B9:6A:FC:69:96:50:3F:1F:98:CE:1E:F5:DB:2A
X509v3 Authority Key Identifier:
keyid:FE:41:4E:A2:1A:91:16:D2:CD:F8:F5:C0:2D:08:67:3A:FA:57:68:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/Kn3-A2WxuWr8aZZQPx-Yzh712yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.100.0/22
91.219.200.0/22
91.235.180.0/23
91.240.112.0/23
193.150.52.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:df:71:04:ba:78:ff:5e:f9:bd:f6:24:89:00:ba:c6:bf:15:
e8:6c:19:53:31:b0:16:ad:b7:4e:e5:a0:b8:8b:40:23:67:79:
ad:87:d4:16:df:1a:50:99:2e:7b:1f:89:4b:2c:aa:8e:02:34:
64:26:fc:6f:a3:44:e1:75:87:ed:34:6c:e0:80:52:5e:d4:d7:
80:77:fa:7b:42:26:a2:14:78:d8:3e:79:08:02:a6:32:45:38:
44:06:8e:69:62:d0:3a:55:8d:cd:1a:ac:e2:fe:f4:dc:bb:50:
98:7e:cf:4f:a4:46:12:b3:d2:09:b7:35:a2:ba:b0:1b:27:48:
e9:59:e5:00:3e:f6:d9:da:1b:aa:a6:5b:f1:15:3b:21:b8:2c:
d4:0b:88:38:2e:58:8e:2d:55:16:c2:17:7d:9b:8d:ac:c9:c8:
58:bd:2c:b4:bc:f8:b6:a0:76:47:42:d1:2c:e2:ad:04:61:79:
ef:d4:49:52:fc:9e:ce:fd:16:61:3e:72:77:a9:48:df:9a:e1:
17:d4:72:86:50:53:22:d3:c3:a9:df:71:58:13:45:1d:05:67:
ae:7f:54:42:aa:a8:6a:93:5b:52:dc:72:d6:4b:97:05:ea:37:
69:b3:02:3a:83:6e:44:2f:77:d3:cb:26:74:29:4d:b9:cc:51:
f6:74:af:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFWhFl2hnS8vjQ0l6XZnJQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNDE0ZWEyMWE5MTE2ZDJjZGY4ZjVjMDJkMDg2NzNhZmE1
NzY4OTMwHhcNMjQwODE1MTQ0OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdkZmUwMzY1YjFiOTZhZmM2OTk2NTAzZjFmOThjZTFlZjVkYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx26ikHQVpRb8f004WeFa4rqPzUoF
ejXRXe3GoTVHzxLR7gfPzgOMtTtllXo9a0jpo1DS70lVa0QkFE3JjHDYsAcQxbmc
TK6+f4k72/rCCIUiCWs75RoOY5yzv9r4TDRyWU+kqhRtVXjWDrkDS73NWnt1PtBE
XVXIeEwya1Yk72qI8tELOcGYcLwW9FRodwDV29qmbV3O+amIzruKZSxIm8Q0tzPl
Lzi6sZ5Wi1YD/zER+QmRxwpHsBHky09KXJg6EF4+PqRlyKdNl27mEzXUWEodEr8r
VxfNZu6uSdxN6w++E1Enx6BSN2WU2i/sTXG1QmFXVkt1A9PKZKGRnfxfoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCp9/gNlsblq/GmWUD8fmM4e9dsqMB8GA1UdIwQY
MBaAFP5BTqIakRbSzfj1wC0IZzr6V2iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNzFkMjEtYTM2MC00NTc5LTgxYTAt
YmNjYTI2ZmM4OTQ1LzEvS24zLUEyV3h1V3I4YVpaUVB4LVl6aDcxMnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNzFkMjEtYTM2MC00NTc5LTgxYTAtYmNjYTI2ZmM4OTQ1
LzEvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW9pkAwQC
W9vIAwQBW+u0AwQBW/BwAwQBwZY0MA0GCSqGSIb3DQEBCwUAA4IBAQA+33EEunj/
Xvm99iSJALrGvxXobBlTMbAWrbdO5aC4i0AjZ3mth9QW3xpQmS57H4lLLKqOAjRk
Jvxvo0ThdYftNGzggFJe1NeAd/p7QiaiFHjYPnkIAqYyRThEBo5pYtA6VY3NGqzi
/vTcu1CYfs9PpEYSs9IJtzWiurAbJ0jpWeUAPvbZ2huqplvxFTshuCzUC4g4LliO
LVUWwhd9m42sychYvSy0vPi2oHZHQtEs4q0EYXnv1ElS/J7O/RZhPnJ3qUjfmuEX
1HKGUFMi08Op33FYE0UdBWeuf1RCqqhqk1tS3HLWS5cF6jdpswI6g25EL3fTyyZ0
KU25zFH2dK/w
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:04:13 2025 by rpki-client