Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/kbs3EOdCsYgFjk7yXXlm2K3V0Dk.roa
File: kbs3EOdCsYgFjk7yXXlm2K3V0Dk.roa (raw, json)
Hash identifier: XR56RRo5EVb0jdNWtNYtWbwboyfqnyjFh1CiXOwZDD4=
Subject key identifier: 91:BB:37:10:E7:42:B1:88:05:8E:4E:F2:5D:79:66:D8:AD:D5:D0:39
Certificate issuer: /CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Certificate serial: 018CC493598E3BE984DFEEA3C07D1FEC3839
Authority key identifier: 09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/kbs3EOdCsYgFjk7yXXlm2K3V0Dk.roa
Signing time: Mon 01 Jan 2024 10:30:40 +0000
ROA not before: Mon 01 Jan 2024 10:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.254.133.0/24 maxlen: 24
185.254.134.0/24 maxlen: 24
185.254.135.0/24 maxlen: 24
185.121.28.0/24 maxlen: 24
185.121.29.0/24 maxlen: 24
185.121.30.0/24 maxlen: 24
185.121.31.0/24 maxlen: 24
185.40.185.0/24 maxlen: 24
185.40.186.0/24 maxlen: 24
185.40.184.0/24 maxlen: 24
185.40.187.0/24 maxlen: 24
185.254.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 14:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:59:8e:3b:e9:84:df:ee:a3:c0:7d:1f:ec:38:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Validity
Not Before: Jan 1 10:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91bb3710e742b188058e4ef25d7966d8add5d039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:79:de:d1:5f:3a:c5:b0:12:18:98:89:70:0f:
bc:fd:57:1b:21:03:74:b5:8f:54:d6:eb:34:d3:e6:
f8:99:59:a2:a6:05:6b:0b:9e:c9:d4:40:9f:0f:94:
c9:65:e6:b4:d5:27:a8:3f:bb:04:24:e5:97:ac:86:
9e:9b:85:84:bf:06:fc:38:70:01:3e:1c:f7:c2:83:
18:79:18:6b:4b:f4:51:4a:4c:fa:9c:c4:7c:35:48:
e6:9d:07:c2:24:27:8b:b8:3e:0b:6c:76:be:5e:50:
f5:56:59:fe:6a:27:e2:7c:ba:53:6b:c0:fd:00:34:
fa:bc:d1:f3:9a:6f:5b:23:6c:e6:03:36:55:32:32:
3f:f4:9f:46:a6:c4:eb:1a:7a:52:f4:06:24:ee:10:
e3:5d:6f:d0:c1:2f:10:ed:f5:dd:dc:72:3a:3e:dd:
74:6c:20:03:a6:24:b8:67:6c:47:af:54:a1:be:22:
63:fd:d2:2c:b4:bb:f3:da:4c:ff:da:4d:c1:36:a5:
c9:11:ce:aa:90:aa:1e:cb:92:c0:2a:3b:cf:ab:bd:
a3:d3:f3:13:db:c2:37:19:c6:0a:a2:57:9d:66:38:
c5:f9:c1:26:e0:7f:f2:12:27:52:ad:6e:f7:2c:b0:
89:99:e1:19:c5:a9:f2:51:35:1e:3d:31:6e:39:71:
f9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BB:37:10:E7:42:B1:88:05:8E:4E:F2:5D:79:66:D8:AD:D5:D0:39
X509v3 Authority Key Identifier:
keyid:09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/kbs3EOdCsYgFjk7yXXlm2K3V0Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.184.0/22
185.121.28.0/22
185.254.132.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:01:2c:bf:8d:d3:a6:8b:f4:0b:4d:d5:7e:26:3e:23:1f:ec:
9c:f6:dc:ad:b4:0b:6d:de:6e:76:b3:88:2c:07:31:0f:12:0e:
cc:97:a1:4f:36:69:ea:53:f5:ef:d6:df:f2:96:45:3f:ad:08:
fa:8f:99:11:2c:ad:5c:28:dc:f4:7f:20:1e:c6:02:8d:a9:b6:
ce:ac:33:de:e3:56:86:cb:ef:7a:27:d3:57:90:57:02:80:1b:
e0:c6:bb:ec:bb:4b:44:96:5d:06:2b:38:f4:a8:b7:d7:78:a4:
3c:e5:ae:09:bf:dd:1d:24:fe:da:e8:42:36:ce:e8:46:74:1b:
68:80:10:6a:2e:a3:74:63:42:fc:04:aa:aa:85:56:c9:d7:40:
b8:47:bf:c2:90:8a:7d:d4:5c:71:8e:42:15:c5:7d:c1:34:6d:
af:db:14:7c:75:f4:d1:24:17:d2:b3:ee:21:62:bb:22:b4:57:
6f:22:9a:7c:54:41:f8:9c:34:b3:ec:eb:a3:a1:50:fc:f2:b6:
71:24:ef:a0:fe:2b:81:68:0e:3b:fd:d8:b9:8e:02:a3:e2:2f:
d2:1a:d7:b4:8f:6b:05:50:5a:d2:7d:66:21:41:15:71:f7:2e:
63:fb:e9:f5:03:83:d2:df:9b:f6:bc:5a:5d:31:a0:ba:b1:0f:
cf:18:c9:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk1mOO+mE3+6jwH0f7Dg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZDFhNjM0YmJiN2FlZmFkODdkMTIxYTVmZTU0NTY0ODcz
OGM4YzUwHhcNMjQwMTAxMTAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJiMzcxMGU3NDJiMTg4MDU4ZTRlZjI1ZDc5NjZkOGFkZDVkMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXne0V86xbASGJiJcA+8/VcbIQN0
tY9U1us00+b4mVmipgVrC57J1ECfD5TJZea01SeoP7sEJOWXrIaem4WEvwb8OHAB
Phz3woMYeRhrS/RRSkz6nMR8NUjmnQfCJCeLuD4LbHa+XlD1Vln+aififLpTa8D9
ADT6vNHzmm9bI2zmAzZVMjI/9J9GpsTrGnpS9AYk7hDjXW/QwS8Q7fXd3HI6Pt10
bCADpiS4Z2xHr1ShviJj/dIstLvz2kz/2k3BNqXJEc6qkKoey5LAKjvPq72j0/MT
28I3GcYKoledZjjF+cEm4H/yEidSrW73LLCJmeEZxanyUTUePTFuOXH5qQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJG7NxDnQrGIBY5O8l15Ztit1dA5MB8GA1UdIwQY
MBaAFAnRpjS7t6762H0SGl/lRWSHOMjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjIt
NWU1YjhiMjgwNTlhLzEva2JzM0VPZENzWWdGams3eVhYbG0ySzNWMERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjItNWU1YjhiMjgwNTlh
LzEvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuSi4AwQC
uXkcAwQCuf6EMA0GCSqGSIb3DQEBCwUAA4IBAQA+ASy/jdOmi/QLTdV+Jj4jH+yc
9tyttAtt3m52s4gsBzEPEg7Ml6FPNmnqU/Xv1t/ylkU/rQj6j5kRLK1cKNz0fyAe
xgKNqbbOrDPe41aGy+96J9NXkFcCgBvgxrvsu0tEll0GKzj0qLfXeKQ85a4Jv90d
JP7a6EI2zuhGdBtogBBqLqN0Y0L8BKqqhVbJ10C4R7/CkIp91FxxjkIVxX3BNG2v
2xR8dfTRJBfSs+4hYrsitFdvIpp8VEH4nDSz7OujoVD88rZxJO+g/iuBaA47/di5
jgKj4i/SGte0j2sFUFrSfWYhQRVx9y5j++n1A4PS35v2vFpdMaC6sQ/PGMnj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:04 2024 by rpki-client on console-fra.rpki-client.org