Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/kVHznud5bQMID86lyqTTjYSIYWw.roa
File: kVHznud5bQMID86lyqTTjYSIYWw.roa (raw, json)
Hash identifier: tgCOqjjCAD1wCYOkFnwEhKI2RRvfyx9WY4KoB7eHE/g=
Subject key identifier: 91:51:F3:9E:E7:79:6D:03:08:0F:CE:A5:CA:A4:D3:8D:84:88:61:6C
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018CC9BCA95783A263F773D3BCE16BA242AE
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/kVHznud5bQMID86lyqTTjYSIYWw.roa
Signing time: Tue 02 Jan 2024 10:33:53 +0000
ROA not before: Tue 02 Jan 2024 10:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204746
IP address blocks: 86.38.35.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.246.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 11:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a9:57:83:a2:63:f7:73:d3:bc:e1:6b:a2:42:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 10:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9151f39ee7796d03080fcea5caa4d38d8488616c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0e:d7:3d:5b:55:a6:30:a6:6d:91:12:04:12:
2f:07:05:22:b2:42:9c:78:27:a6:61:78:9a:f5:97:
e4:3f:7f:8f:c9:24:95:8c:30:a0:91:d5:5b:01:1f:
f4:a6:8b:fc:61:fe:cf:b5:7e:70:bc:a9:b6:07:c6:
94:4f:ad:3f:07:21:11:9f:f6:18:81:e0:a9:bb:0e:
b6:4d:6d:b3:a0:70:47:d7:5a:3c:9b:b7:6d:be:73:
0a:fc:08:65:24:95:7b:70:04:f4:dc:e4:34:8b:67:
51:a3:dc:db:29:f2:9b:c1:17:80:23:d3:fa:ee:d5:
72:2a:a8:29:81:69:cc:96:ee:2d:f9:fd:92:81:66:
96:99:40:bd:09:86:34:99:b5:98:b1:f7:6f:a1:c5:
0c:7d:a1:df:2a:9e:39:9c:d7:27:de:a9:a9:85:bd:
d1:4d:c4:2b:ae:bb:09:65:ba:d1:c0:2f:0f:da:7d:
23:bc:c3:1c:21:d4:4d:b9:0c:8b:2c:5a:91:00:f4:
aa:b2:8a:40:ac:8c:1a:7c:44:d6:a8:9d:b7:bb:a3:
48:32:6c:a7:2e:a8:63:8a:f4:75:df:c7:6c:e9:e6:
83:4c:79:d2:7b:c0:5e:aa:5f:a1:c8:0f:be:a4:59:
a9:d8:d5:5d:72:8c:e6:7a:af:a5:83:e9:06:6c:3b:
73:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:51:F3:9E:E7:79:6D:03:08:0F:CE:A5:CA:A4:D3:8D:84:88:61:6C
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/kVHznud5bQMID86lyqTTjYSIYWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.35.0/24
89.117.223.0/24
89.117.243.0/24
89.117.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:d0:ec:5a:62:99:4e:42:81:6d:1d:19:e4:43:88:c1:69:84:
31:72:fc:57:29:3c:ea:dc:71:1d:82:f8:5a:01:50:66:02:fb:
dc:c3:b8:0b:dc:f3:4f:09:ac:f7:33:44:7b:5c:11:c2:b1:13:
e0:7f:e5:cf:04:36:c4:1d:c2:60:23:73:06:7b:55:8c:35:f8:
83:60:91:7c:d7:1f:b6:a1:f1:65:9e:bd:c9:9d:79:0c:44:67:
44:7c:76:5e:59:f1:02:70:a0:b3:d8:35:f6:ba:5e:f1:59:66:
7c:18:8e:7f:0b:31:8b:84:e1:ab:aa:c2:a0:1a:17:36:c7:94:
64:3e:9c:2d:fc:e1:12:ad:ec:00:f7:50:29:a6:f9:d4:dc:6b:
bd:b5:a7:c9:92:89:7c:d4:bd:2a:3e:91:af:42:bc:ff:9e:c6:
a6:07:92:c3:db:d0:fc:3d:d9:73:0c:96:c1:07:c1:b7:64:c5:
e4:dc:cc:a0:af:54:84:c6:88:4f:33:51:43:2b:ed:fa:1a:34:
b3:6a:a2:d4:ea:e4:a2:0c:be:e7:65:47:e6:28:00:32:50:61:
c8:21:1e:4d:34:ad:6a:47:f9:be:04:5b:fa:02:15:ce:4a:ce:
7e:2e:c6:98:e6:cb:8c:5b:f1:de:12:28:c0:92:2c:1d:32:8d:
be:b7:df:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvKlXg6Jj93PTvOFrokKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMTAyMTAzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUxZjM5ZWU3Nzk2ZDAzMDgwZmNlYTVjYWE0ZDM4ZDg0ODg2MTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A7XPVtVpjCmbZESBBIvBwUiskKc
eCemYXia9ZfkP3+PySSVjDCgkdVbAR/0pov8Yf7PtX5wvKm2B8aUT60/ByERn/YY
geCpuw62TW2zoHBH11o8m7dtvnMK/AhlJJV7cAT03OQ0i2dRo9zbKfKbwReAI9P6
7tVyKqgpgWnMlu4t+f2SgWaWmUC9CYY0mbWYsfdvocUMfaHfKp45nNcn3qmphb3R
TcQrrrsJZbrRwC8P2n0jvMMcIdRNuQyLLFqRAPSqsopArIwafETWqJ23u6NIMmyn
LqhjivR138ds6eaDTHnSe8Beql+hyA++pFmp2NVdcozmeq+lg+kGbDtznQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJFR857neW0DCA/Opcqk042EiGFsMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEva1ZIem51ZDViUU1JRDg2bHlxVFRqWVNJWVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAViYjAwQA
WXXfAwQAWXXzAwQAWXX2MA0GCSqGSIb3DQEBCwUAA4IBAQAN0OxaYplOQoFtHRnk
Q4jBaYQxcvxXKTzq3HEdgvhaAVBmAvvcw7gL3PNPCaz3M0R7XBHCsRPgf+XPBDbE
HcJgI3MGe1WMNfiDYJF81x+2ofFlnr3JnXkMRGdEfHZeWfECcKCz2DX2ul7xWWZ8
GI5/CzGLhOGrqsKgGhc2x5RkPpwt/OESrewA91AppvnU3Gu9tafJkol81L0qPpGv
Qrz/nsamB5LD29D8PdlzDJbBB8G3ZMXk3Mygr1SExohPM1FDK+36GjSzaqLU6uSi
DL7nZUfmKAAyUGHIIR5NNK1qR/m+BFv6AhXOSs5+LsaY5suMW/HeEijAkiwdMo2+
t99Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:27 2025 by rpki-client