Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KAGw-Q5e1g3wA5dYfuKzm9xwsAM.roa
File: KAGw-Q5e1g3wA5dYfuKzm9xwsAM.roa (raw, json)
Hash identifier: LyD1AnrINioCR/zgQhWsaYIyR3FC6YB8zVQLeeBPOZY=
Subject key identifier: 28:01:B0:F9:0E:5E:D6:0D:F0:03:97:58:7E:E2:B3:9B:DC:70:B0:03
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A59D940388CD2637C9F3F14F4596F7B4F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KAGw-Q5e1g3wA5dYfuKzm9xwsAM.roa
Signing time: Sun 03 Sep 2023 07:02:04 +0000
ROA not before: Sun 03 Sep 2023 07:02:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
89.43.62.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
2.57.240.0/24 maxlen: 24
86.107.168.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
94.177.150.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Sep 2023 11:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:59:d9:40:38:8c:d2:63:7c:9f:3f:14:f4:59:6f:7b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 3 07:02:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2801b0f90e5ed60df00397587ee2b39bdc70b003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ad:68:60:1d:8f:1b:c3:a4:a0:5c:9f:95:0c:
e4:13:df:50:c9:5d:02:3e:6d:ef:08:78:f4:fa:7d:
5f:d5:90:be:d1:50:ba:9d:a9:30:4b:b6:47:9f:61:
28:1f:0a:83:75:47:01:35:b9:32:13:ee:0d:0f:95:
5a:32:d5:54:9f:68:b8:ec:46:6b:97:03:62:f6:4f:
55:d3:e1:9d:3b:3b:03:f2:9e:4b:b9:3e:c4:0d:12:
20:2f:5e:a4:d4:e6:81:83:ee:1b:c6:10:c1:ec:9e:
24:5a:d2:cc:3e:29:2b:d9:f6:b3:b7:6d:37:6c:74:
70:8e:af:25:b8:8b:9e:17:22:4f:9a:a3:15:3f:27:
c9:9b:49:9c:7d:be:88:03:0a:5e:e0:bc:3a:e4:9c:
ff:ef:d7:5a:39:f8:8a:e7:11:c7:f3:5d:2d:07:18:
39:2c:f4:2b:1d:85:23:e5:73:1a:98:30:90:17:d7:
77:36:e2:ec:f9:15:67:1f:7d:66:10:26:83:53:7a:
d4:c0:1c:51:9d:b9:16:4b:e5:10:b8:fc:66:8c:6e:
83:37:d7:0b:17:15:40:b1:5a:32:d5:78:d9:82:0c:
1c:f8:17:ab:c3:2a:d3:7f:a0:23:37:26:ef:4f:22:
67:52:01:93:e9:04:3b:2d:a8:5c:a4:b9:97:3a:1a:
f3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:01:B0:F9:0E:5E:D6:0D:F0:03:97:58:7E:E2:B3:9B:DC:70:B0:03
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KAGw-Q5e1g3wA5dYfuKzm9xwsAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/24
45.88.13.0/24
86.107.51.0/24
86.107.168.0/24
89.34.106.0/24
89.34.219.0/24
89.35.119.0/24
89.35.130.0/23
89.40.215.0/24
89.43.62.0/24
89.47.36.0/24
89.47.55.0/24
94.177.51.0/24
94.177.150.0/24
188.214.107.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
61:e1:a7:3d:19:71:11:f5:b4:ae:1f:55:44:5a:d2:33:cc:d8:
2c:59:56:a3:73:75:5a:2a:87:39:66:be:8e:32:1b:94:f1:1f:
c8:45:b0:11:26:54:ef:1b:a4:c5:eb:6f:c9:40:5f:2a:9e:1d:
66:7f:da:a2:fa:2f:80:37:dd:d7:5c:4e:a6:c2:d0:90:ef:3b:
33:05:1a:17:ff:2d:6c:7a:7d:ca:69:c6:a8:b5:bb:34:b4:a5:
b6:5f:97:e3:c8:e3:94:cd:30:63:a1:87:dd:38:43:74:e2:01:
e1:51:a4:80:11:76:4f:49:b7:89:01:30:d6:53:98:b0:01:2e:
a7:c8:58:83:32:29:52:8e:d7:17:0d:88:12:18:3b:d1:25:d9:
c5:9a:ad:81:e0:da:ac:bf:86:74:31:8d:9c:94:69:f9:43:02:
87:ca:79:44:73:c6:27:6f:74:89:69:e6:4c:d0:a1:2a:60:7f:
40:8b:75:93:2d:a7:01:af:e4:02:8a:4b:7f:9d:90:e2:09:e2:
ef:a5:6b:60:2f:2d:76:b5:53:bc:c8:6e:52:9f:dd:ec:70:0e:
be:bf:27:88:8b:54:62:57:2d:85:ac:c0:a7:eb:8c:db:96:60:
1c:2d:9f:5f:86:76:e6:a1:02:e8:28:ee:24:0f:15:e0:b0:97:
ad:00:a1:ba
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYpZ2UA4jNJjfJ8/FPRZb3tPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTAzMDcwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODAxYjBmOTBlNWVkNjBkZjAwMzk3NTg3ZWUyYjM5YmRjNzBiMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja1oYB2PG8OkoFyflQzkE99QyV0C
Pm3vCHj0+n1f1ZC+0VC6nakwS7ZHn2EoHwqDdUcBNbkyE+4ND5VaMtVUn2i47EZr
lwNi9k9V0+GdOzsD8p5LuT7EDRIgL16k1OaBg+4bxhDB7J4kWtLMPikr2fazt203
bHRwjq8luIueFyJPmqMVPyfJm0mcfb6IAwpe4Lw65Jz/79daOfiK5xHH810tBxg5
LPQrHYUj5XMamDCQF9d3NuLs+RVnH31mECaDU3rUwBxRnbkWS+UQuPxmjG6DN9cL
FxVAsVoy1XjZggwc+BerwyrTf6AjNybvTyJnUgGT6QQ7LahcpLmXOhrzCQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCgBsPkOXtYN8AOXWH7is5vccLADMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvS0FHdy1RNWUxZzN3QTVkWWZ1S3ptOXh3c0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAAjnwAwQA
LVgNAwQAVmszAwQAVmuoAwQAWSJqAwQAWSLbAwQAWSN3AwQBWSOCAwQAWSjXAwQA
WSs+AwQAWS8kAwQAWS83AwQAXrEzAwQAXrGWAwQAvNZrAwQAw1hZMA0GCSqGSIb3
DQEBCwUAA4IBAQBh4ac9GXER9bSuH1VEWtIzzNgsWVajc3VaKoc5Zr6OMhuU8R/I
RbARJlTvG6TF62/JQF8qnh1mf9qi+i+AN93XXE6mwtCQ7zszBRoX/y1sen3Kacao
tbs0tKW2X5fjyOOUzTBjoYfdOEN04gHhUaSAEXZPSbeJATDWU5iwAS6nyFiDMilS
jtcXDYgSGDvRJdnFmq2B4Nqsv4Z0MY2clGn5QwKHynlEc8Ynb3SJaeZM0KEqYH9A
i3WTLacBr+QCikt/nZDiCeLvpWtgLy12tVO8yG5Sn93scA6+vyeIi1RiVy2FrMCn
64zblmAcLZ9fhnbmoQLoKO4kDxXgsJetAKG6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org