Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/kdy33kk0940_VoG0ZagOBlT2SVw.roa
File: kdy33kk0940_VoG0ZagOBlT2SVw.roa (raw, json)
Hash identifier: 4CqRI7ig19DGzPcugy6GFdSIX3yiAlbb3SK/8hWNDMw=
Subject key identifier: 91:DC:B7:DE:49:34:F7:8D:3F:56:81:B4:65:A8:0E:06:54:F6:49:5C
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0191B33640B2F6C5532AFC412FE864F98B30
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/kdy33kk0940_VoG0ZagOBlT2SVw.roa
Signing time: Mon 02 Sep 2024 14:49:22 +0000
ROA not before: Mon 02 Sep 2024 14:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.219.0/24 maxlen: 24
109.248.61.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 05 Sep 2024 23:26:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:36:40:b2:f6:c5:53:2a:fc:41:2f:e8:64:f9:8b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Sep 2 14:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91dcb7de4934f78d3f5681b465a80e0654f6495c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6f:29:4f:dd:c8:51:79:47:13:a5:6e:39:2b:
27:83:ed:7e:d8:69:21:1a:94:b2:40:d3:1a:9d:fa:
21:b6:8f:f9:74:10:c0:43:fc:ea:87:cc:f1:3c:81:
57:8c:0f:04:11:b3:85:c9:2a:2d:84:c2:7d:91:db:
72:4e:5b:0c:61:c6:4b:27:3e:53:de:38:4e:ac:08:
96:b7:97:0a:d1:82:6e:57:4b:96:63:63:8e:11:13:
63:86:18:98:b6:54:b7:8d:0e:c8:cb:26:92:2c:87:
c2:2f:76:ff:9d:35:61:58:ce:30:69:0c:75:ae:15:
fb:2f:1f:12:db:39:af:d4:bf:2c:c1:35:c4:ae:80:
68:11:13:a7:00:f4:68:7a:e3:cb:03:46:b4:84:72:
da:7d:5a:00:a5:49:e2:cc:6c:f8:0b:ce:2f:00:37:
9a:24:e0:f0:61:d2:d0:ae:92:1c:f4:2a:92:88:ae:
92:28:8c:a1:c3:f3:f9:99:e5:da:a1:e0:04:ac:ef:
aa:60:d8:7b:11:d0:1a:19:8c:b2:e8:35:52:77:6f:
82:81:eb:11:1f:e9:a2:d4:47:e6:44:54:ad:8f:56:
40:79:19:f2:3e:fc:a4:9a:32:7b:02:c8:5a:5e:ea:
5c:da:e0:4d:6f:97:1d:7d:69:1c:68:50:66:48:a0:
ff:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DC:B7:DE:49:34:F7:8D:3F:56:81:B4:65:A8:0E:06:54:F6:49:5C
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/kdy33kk0940_VoG0ZagOBlT2SVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.219.0/24
109.248.61.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
90:16:2d:8d:ff:d4:5f:d5:f9:77:18:ba:92:94:75:b4:a7:7d:
e0:d3:26:2d:70:2c:07:e8:ef:37:45:6d:e3:bb:54:a6:24:d9:
af:04:87:da:46:8f:7f:46:a4:11:04:52:33:dd:80:9d:6f:43:
e7:40:1a:9b:b5:ad:54:56:7b:4b:c6:1e:d2:33:ff:ea:01:83:
d9:9f:cc:f1:19:4f:e1:1e:01:8f:be:c3:0e:16:c0:d3:13:d7:
1c:17:09:34:7a:7e:c0:7e:03:2e:24:9c:18:b2:f0:67:89:df:
33:f0:01:7a:45:38:86:33:69:e4:d0:0b:9f:62:21:2a:7a:9d:
6e:5d:b3:75:11:83:cb:00:77:1d:d7:54:e8:43:06:de:d6:cd:
bb:cd:a0:72:11:13:9d:7a:08:e9:a4:87:a5:ba:7b:52:88:6c:
c9:46:21:78:b9:92:b0:0d:5a:ba:1d:91:c1:50:4c:c5:79:3e:
4c:dd:a6:82:d7:07:36:1d:25:d7:88:37:0d:45:60:23:51:c9:
9f:8a:a7:f6:22:9d:e5:fe:95:84:a6:36:ca:ff:cf:8d:16:7d:
11:01:f5:5d:37:85:2f:59:79:3c:2c:e4:dc:82:68:76:79:96:
c6:09:81:21:71:26:27:da:16:15:d7:c1:97:9e:5c:9c:f9:77:
6a:27:d4:c5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZGzNkCy9sVTKvxBL+hk+YswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwOTAyMTQ0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWRjYjdkZTQ5MzRmNzhkM2Y1NjgxYjQ2NWE4MGUwNjU0ZjY0OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm8pT93IUXlHE6VuOSsng+1+2Gkh
GpSyQNManfohto/5dBDAQ/zqh8zxPIFXjA8EEbOFySothMJ9kdtyTlsMYcZLJz5T
3jhOrAiWt5cK0YJuV0uWY2OOERNjhhiYtlS3jQ7IyyaSLIfCL3b/nTVhWM4waQx1
rhX7Lx8S2zmv1L8swTXEroBoEROnAPRoeuPLA0a0hHLafVoApUnizGz4C84vADea
JODwYdLQrpIc9CqSiK6SKIyhw/P5meXaoeAErO+qYNh7EdAaGYyy6DVSd2+CgesR
H+mi1EfmRFStj1ZAeRnyPvykmjJ7AshaXupc2uBNb5cdfWkcaFBmSKD/dQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJHct95JNPeNP1aBtGWoDgZU9klcMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEva2R5MzNrazA5NDBfVm9HMFphZ09CbFQyU1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALgjbAwQA
bfg9AwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQCQFi2N/9Rf1fl3GLqSlHW0p33g0yYtcCwH6O83RW3ju1SmJNmvBIfaRo9/RqQR
BFIz3YCdb0PnQBqbta1UVntLxh7SM//qAYPZn8zxGU/hHgGPvsMOFsDTE9ccFwk0
en7AfgMuJJwYsvBnid8z8AF6RTiGM2nk0AufYiEqep1uXbN1EYPLAHcd11ToQwbe
1s27zaByEROdegjppIeluntSiGzJRiF4uZKwDVq6HZHBUEzFeT5M3aaC1wc2HSXX
iDcNRWAjUcmfiqf2Ip3l/pWEpjbK/8+NFn0RAfVdN4UvWXk8LOTcgmh2eZbGCYEh
cSYn2hYV18GXnlyc+XdqJ9TF
-----END CERTIFICATE-----
Generated at Fri Sep 6 01:50:17 2024 by rpki-client on console-ams.rpki-client.org