Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/KGrFTq6a7pXVTnylAzUZ5eNqeOA.roa
File: KGrFTq6a7pXVTnylAzUZ5eNqeOA.roa (raw, json)
Hash identifier: 5VzKN03FqFGzNOGN2eTo+8s7an4iighAsq/8f0Bg9QY=
Subject key identifier: 28:6A:C5:4E:AE:9A:EE:95:D5:4E:7C:A5:03:35:19:E5:E3:6A:78:E0
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0193D40DED7430278E58A571C514CB1E3A7E
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/KGrFTq6a7pXVTnylAzUZ5eNqeOA.roa
Signing time: Tue 17 Dec 2024 09:58:22 +0000
ROA not before: Tue 17 Dec 2024 09:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199527
IP address blocks: 86.38.163.0/24 maxlen: 24
185.189.152.0/24 maxlen: 24
213.252.208.0/24 maxlen: 24
213.252.209.0/24 maxlen: 24
213.252.242.0/24 maxlen: 24
213.252.250.0/24 maxlen: 24
213.252.251.0/24 maxlen: 24
213.252.253.0/24 maxlen: 24
2a00:f501:a001::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:0d:ed:74:30:27:8e:58:a5:71:c5:14:cb:1e:3a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Dec 17 09:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=286ac54eae9aee95d54e7ca5033519e5e36a78e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:47:18:ce:ab:d7:6a:18:f0:f3:6f:e3:8f:27:
b4:df:31:3f:99:49:ab:3d:58:66:df:99:4d:2f:0b:
5c:2b:2d:0b:cd:c3:08:69:15:86:5d:d9:17:1e:ca:
8a:31:ae:19:d9:d0:33:aa:52:19:eb:69:60:56:9f:
64:ef:8b:d2:74:4e:eb:81:08:b4:66:fb:81:d2:5c:
e0:d5:2b:43:86:ff:57:1d:d5:40:5f:51:0f:9a:59:
61:89:b9:bb:05:e3:24:b3:14:04:f9:a7:c8:38:9b:
08:c5:6c:15:2d:c5:57:d2:0d:12:42:05:9b:a9:29:
fa:85:c0:3a:4d:16:cb:82:62:b3:95:b4:09:f8:8a:
38:df:fe:5e:a8:bd:bc:f3:9d:88:7a:5b:50:f4:1f:
c8:f6:72:74:1c:29:51:c3:ca:54:b7:56:6e:61:1a:
cf:88:d8:98:1d:66:1a:c2:ec:49:16:49:81:0d:e8:
ef:49:c9:28:c4:d2:4b:1e:3a:57:b9:58:1d:87:51:
c9:12:03:9a:57:f5:42:57:ff:b8:0a:d2:8b:ba:bd:
4e:3b:d1:96:f6:19:a1:44:bb:ac:16:b8:2f:e5:cb:
97:52:d4:b3:2d:55:36:73:8f:ad:fa:3c:52:0c:3e:
7e:ef:ff:ef:dc:55:c9:a2:22:bc:5c:2f:1c:95:02:
09:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6A:C5:4E:AE:9A:EE:95:D5:4E:7C:A5:03:35:19:E5:E3:6A:78:E0
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/KGrFTq6a7pXVTnylAzUZ5eNqeOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.163.0/24
185.189.152.0/24
213.252.208.0/23
213.252.242.0/24
213.252.250.0/23
213.252.253.0/24
IPv6:
2a00:f501:a001::/48
Signature Algorithm: sha256WithRSAEncryption
05:10:3c:8f:10:0c:f6:a0:71:06:5e:3c:5a:ea:5f:a5:b5:fa:
73:f4:fd:54:ba:c5:7e:e9:43:46:39:3b:e2:23:a1:75:b6:a0:
42:84:77:9b:63:7b:f8:7b:89:ac:f4:bf:de:38:ae:b1:28:5d:
29:d8:82:56:69:79:b0:b1:a6:ae:6f:82:fd:c8:26:8a:fc:60:
87:b0:51:1a:5a:f5:12:c1:bf:e9:08:23:c7:1d:a6:83:1a:1f:
f6:ba:f3:f1:1c:6b:f8:81:86:b9:65:29:d5:a5:fe:25:a2:3d:
e4:0b:e8:43:62:88:61:b8:ff:dc:a2:54:7a:36:d0:28:e9:03:
26:26:17:ef:fd:df:82:5d:be:c8:29:57:b1:62:29:c5:b5:2c:
e2:2a:de:56:79:c1:35:bb:de:72:05:04:d5:a9:81:5b:33:04:
9b:7a:cd:7b:b4:39:f8:38:d0:bf:d3:61:8c:09:de:d1:4b:ae:
e0:48:64:9d:45:0f:a6:13:eb:23:a0:77:22:d5:ee:ad:d7:a3:
b7:4c:0e:02:15:42:a3:ae:68:e8:2f:dd:f5:cd:fc:58:f1:1c:
2b:4b:7d:a0:ec:5f:c8:de:93:34:fe:50:58:0b:be:0e:93:b8:
32:3b:a5:0a:24:71:2e:e6:b7:de:3d:05:fb:49:54:86:25:c5:
f7:51:76:4f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZPUDe10MCeOWKVxxRTLHjp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQxMjE3MDk1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZhYzU0ZWFlOWFlZTk1ZDU0ZTdjYTUwMzM1MTllNWUzNmE3OGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EcYzqvXahjw82/jjye03zE/mUmr
PVhm35lNLwtcKy0LzcMIaRWGXdkXHsqKMa4Z2dAzqlIZ62lgVp9k74vSdE7rgQi0
ZvuB0lzg1StDhv9XHdVAX1EPmllhibm7BeMksxQE+afIOJsIxWwVLcVX0g0SQgWb
qSn6hcA6TRbLgmKzlbQJ+Io43/5eqL28852IeltQ9B/I9nJ0HClRw8pUt1ZuYRrP
iNiYHWYawuxJFkmBDejvSckoxNJLHjpXuVgdh1HJEgOaV/VCV/+4CtKLur1OO9GW
9hmhRLusFrgv5cuXUtSzLVU2c4+t+jxSDD5+7//v3FXJoiK8XC8clQIJIwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFChqxU6umu6V1U58pQM1GeXjanjgMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvS0dyRlRxNmE3cFhWVG55bEF6VVo1ZU5xZU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAViajAwQA
ub2YAwQB1fzQAwQA1fzyAwQB1fz6AwQA1fz9MA8EAgACMAkDBwAqAPUBoAEwDQYJ
KoZIhvcNAQELBQADggEBAAUQPI8QDPagcQZePFrqX6W1+nP0/VS6xX7pQ0Y5O+Ij
oXW2oEKEd5tje/h7iaz0v944rrEoXSnYglZpebCxpq5vgv3IJor8YIewURpa9RLB
v+kII8cdpoMaH/a68/Eca/iBhrllKdWl/iWiPeQL6ENiiGG4/9yiVHo20CjpAyYm
F+/934JdvsgpV7FiKcW1LOIq3lZ5wTW73nIFBNWpgVszBJt6zXu0Ofg40L/TYYwJ
3tFLruBIZJ1FD6YT6yOgdyLV7q3Xo7dMDgIVQqOuaOgv3fXN/FjxHCtLfaDsX8je
kzT+UFgLvg6TuDI7pQokcS7mt949BftJVIYlxfdRdk8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:44 2025 by rpki-client