Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/K89CC-Z6fUwe6qAwk_OakmL8DS8.roa
File: K89CC-Z6fUwe6qAwk_OakmL8DS8.roa (raw, json)
Hash identifier: lY+NARhcceLPDT/hEueVXPM+aFliKjYtI2OhTM2DEso=
Subject key identifier: 2B:CF:42:0B:E6:7A:7D:4C:1E:EA:A0:30:93:F3:9A:92:62:FC:0D:2F
Certificate issuer: /CN=34b419fa4a0a1605188318cdf4a2044992853b95
Certificate serial: 01936749CCA0C8B68627609C8D4458AF03FF
Authority key identifier: 34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/K89CC-Z6fUwe6qAwk_OakmL8DS8.roa
Signing time: Tue 26 Nov 2024 07:05:09 +0000
ROA not before: Tue 26 Nov 2024 07:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41655
IP address blocks: 37.153.80.0/21 maxlen: 21
37.153.80.0/24 maxlen: 24
37.153.81.0/24 maxlen: 24
37.153.82.0/24 maxlen: 24
37.153.83.0/24 maxlen: 24
37.153.84.0/24 maxlen: 24
37.153.85.0/24 maxlen: 24
37.153.86.0/24 maxlen: 24
37.153.87.0/24 maxlen: 24
185.224.180.0/22 maxlen: 22
195.8.198.0/23 maxlen: 23
195.8.198.0/24 maxlen: 24
195.8.199.0/24 maxlen: 24
2a00:adc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Nov 2024 12:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:49:cc:a0:c8:b6:86:27:60:9c:8d:44:58:af:03:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b419fa4a0a1605188318cdf4a2044992853b95
Validity
Not Before: Nov 26 07:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bcf420be67a7d4c1eeaa03093f39a9262fc0d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4f:fc:54:65:8c:08:4d:84:6e:23:08:fd:4f:
79:71:71:9d:2f:37:7b:65:1a:12:ba:96:8b:85:38:
67:8e:30:56:b5:36:dc:3b:16:bb:71:90:f8:90:39:
4e:25:ce:5d:70:08:f7:b8:7b:ee:c2:0c:eb:fb:f8:
56:5f:66:c6:75:19:39:be:5c:c8:78:4e:b4:02:f9:
05:ad:5d:27:9b:21:89:b6:bb:19:66:ff:86:51:41:
cd:65:4e:c2:a2:f1:4f:f3:36:00:cd:f6:b0:e9:58:
8d:12:9b:66:bc:76:5e:3b:97:a2:78:1a:02:7a:ce:
37:1d:5f:1a:7d:ad:c1:5c:0d:71:55:f7:9f:6c:86:
00:92:56:cf:be:b9:03:8b:bb:66:e1:54:b5:5f:96:
70:61:2b:ae:95:63:3b:dd:d7:24:9b:9f:53:1b:59:
a1:c0:14:3c:d1:83:82:2f:36:65:cb:f9:2e:1f:78:
2a:c0:42:b3:10:37:78:66:f1:d2:8b:6a:56:bb:d7:
ab:7c:a1:d4:34:77:a6:5b:be:59:99:de:30:ab:4c:
38:fb:7e:38:71:15:3b:25:c3:10:f2:29:c7:67:1d:
82:9c:9a:6f:4d:37:fd:65:6f:15:14:4f:ab:c3:26:
8a:0b:f4:09:df:fd:74:91:ae:ab:43:f6:65:19:6a:
9b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CF:42:0B:E6:7A:7D:4C:1E:EA:A0:30:93:F3:9A:92:62:FC:0D:2F
X509v3 Authority Key Identifier:
keyid:34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/K89CC-Z6fUwe6qAwk_OakmL8DS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.80.0/21
185.224.180.0/22
195.8.198.0/23
IPv6:
2a00:adc0::/32
Signature Algorithm: sha256WithRSAEncryption
45:dc:09:75:16:15:bd:7c:f9:15:c0:ba:da:26:45:bf:90:53:
8b:9f:9a:8b:22:7d:bb:3e:28:f1:4a:d0:05:49:7a:4e:69:52:
59:9d:d2:22:29:56:4d:93:bc:b5:26:8d:3b:ca:92:2f:77:21:
1e:3b:4e:03:cb:34:7f:97:a8:5d:23:22:91:d7:2a:73:63:94:
02:24:43:92:7f:67:75:49:17:a8:21:93:73:25:f6:35:ab:c2:
4f:ab:86:ad:fb:d5:5c:d4:7f:f2:51:29:cc:b2:a9:9c:66:92:
d1:74:19:2d:8d:4f:cc:e9:c7:3c:ac:6c:66:5f:6f:98:33:44:
74:a9:ae:c2:08:85:55:4c:58:4b:1f:cf:f9:38:ba:b4:1b:6a:
9b:fe:10:be:39:b8:3c:a7:3e:d8:6a:4c:2b:ef:67:f1:4a:39:
9d:b9:a0:57:91:c2:48:f6:98:c3:12:07:c6:c4:68:09:7d:43:
8f:c7:25:57:4c:ad:83:7e:bc:11:f0:37:af:58:d5:7a:1f:c4:
73:29:83:a7:1c:a8:b7:d5:50:2c:ac:6b:df:99:9f:1d:b3:44:
e8:13:70:59:71:60:e8:b3:b2:bb:bf:34:aa:e6:4c:e6:62:5e:
c9:a6:c5:c7:6a:1a:17:68:a1:34:3b:c1:e7:55:4e:f7:2f:05:
12:40:2d:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZNnScygyLaGJ2CcjURYrwP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjQxOWZhNGEwYTE2MDUxODgzMThjZGY0YTIwNDQ5OTI4
NTNiOTUwHhcNMjQxMTI2MDcwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmNmNDIwYmU2N2E3ZDRjMWVlYWEwMzA5M2YzOWE5MjYyZmMwZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7U/8VGWMCE2EbiMI/U95cXGdLzd7
ZRoSupaLhThnjjBWtTbcOxa7cZD4kDlOJc5dcAj3uHvuwgzr+/hWX2bGdRk5vlzI
eE60AvkFrV0nmyGJtrsZZv+GUUHNZU7CovFP8zYAzfaw6ViNEptmvHZeO5eieBoC
es43HV8afa3BXA1xVfefbIYAklbPvrkDi7tm4VS1X5ZwYSuulWM73dckm59TG1mh
wBQ80YOCLzZly/kuH3gqwEKzEDd4ZvHSi2pWu9erfKHUNHemW75Zmd4wq0w4+344
cRU7JcMQ8inHZx2CnJpvTTf9ZW8VFE+rwyaKC/QJ3/10ka6rQ/ZlGWqbFQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCvPQgvmen1MHuqgMJPzmpJi/A0vMB8GA1UdIwQY
MBaAFDS0GfpKChYFGIMYzfSiBEmShTuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMt
ODc3NzU0NGM5Mjc1LzEvSzg5Q0MtWjZmVXdlNnFBd2tfT2FrbUw4RFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMtODc3NzU0NGM5Mjc1
LzEvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJZlQAwQC
ueC0AwQBwwjGMA0EAgACMAcDBQAqAK3AMA0GCSqGSIb3DQEBCwUAA4IBAQBF3Al1
FhW9fPkVwLraJkW/kFOLn5qLIn27PijxStAFSXpOaVJZndIiKVZNk7y1Jo07ypIv
dyEeO04DyzR/l6hdIyKR1ypzY5QCJEOSf2d1SReoIZNzJfY1q8JPq4at+9Vc1H/y
USnMsqmcZpLRdBktjU/M6cc8rGxmX2+YM0R0qa7CCIVVTFhLH8/5OLq0G2qb/hC+
Obg8pz7Yakwr72fxSjmduaBXkcJI9pjDEgfGxGgJfUOPxyVXTK2DfrwR8DevWNV6
H8RzKYOnHKi31VAsrGvfmZ8ds0ToE3BZcWDos7K7vzSq5kzmYl7JpsXHahoXaKE0
O8HnVU73LwUSQC0G
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:16:24 2025 by rpki-client