Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/K417NE-5QDvmCHeTiYnWjU4oZuo.roa
File: K417NE-5QDvmCHeTiYnWjU4oZuo.roa (raw, json)
Hash identifier: nppe/YJuHkprikiFGAw66Kln0v4yEzj+MofGzZHSOa4=
Subject key identifier: 2B:8D:7B:34:4F:B9:40:3B:E6:08:77:93:89:89:D6:8D:4E:28:66:EA
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019391C2021F22B3E8A2E01574712BC4711F
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/K417NE-5QDvmCHeTiYnWjU4oZuo.roa
Signing time: Wed 04 Dec 2024 13:00:30 +0000
ROA not before: Wed 04 Dec 2024 13:00:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 92.50.0.0/19 maxlen: 19
92.50.32.0/19 maxlen: 19
147.136.68.0/22 maxlen: 24
147.136.76.0/22 maxlen: 24
147.136.84.0/22 maxlen: 24
185.101.252.0/23 maxlen: 23
185.101.254.0/23 maxlen: 23
185.171.252.0/23 maxlen: 23
185.171.253.0/24 maxlen: 24
185.171.254.0/23 maxlen: 23
185.226.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:c2:02:1f:22:b3:e8:a2:e0:15:74:71:2b:c4:71:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Dec 4 13:00:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b8d7b344fb9403be60877938989d68d4e2866ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ef:b3:30:9c:ec:d9:7a:fa:63:5a:b9:ee:4a:
89:06:30:fb:6c:5e:41:83:5c:3f:0b:5b:c2:91:ac:
5a:8a:f2:7e:9e:37:bf:14:c5:ef:25:d8:2d:01:27:
cd:de:b1:66:c2:e1:ad:02:c5:9f:a4:a2:2f:2f:15:
55:90:b7:59:dd:78:cf:15:6d:5d:9c:b6:27:51:58:
d1:dc:40:25:77:e6:c7:ef:2a:eb:a1:e4:19:4a:ef:
26:2d:c7:8f:98:5e:b0:49:35:a7:6b:a7:bf:e8:40:
fb:82:10:c4:a8:57:cb:df:a4:16:cd:54:bf:6a:6e:
24:b6:9d:fb:b1:d4:a1:f5:c5:d5:e7:77:c3:c5:85:
fa:6c:c4:4b:40:c8:3e:14:9c:37:80:a9:54:8f:dd:
e1:0f:0f:f9:68:c1:5f:54:e9:27:f7:e4:98:13:58:
5f:a6:74:da:24:b9:92:80:cc:96:e9:fa:f0:4c:0a:
fa:db:e2:bb:d3:57:66:40:af:d4:8f:43:50:97:75:
61:13:06:f6:45:76:4b:6d:b8:ee:06:17:27:66:0d:
ce:45:29:2b:37:08:a7:dd:03:fa:17:76:18:b9:1f:
0d:cc:ea:3b:5b:db:d3:dd:06:ee:7a:a9:a0:e9:f7:
e6:f2:b9:a3:58:1e:46:51:e2:b5:b7:ea:8c:59:b5:
80:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8D:7B:34:4F:B9:40:3B:E6:08:77:93:89:89:D6:8D:4E:28:66:EA
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/K417NE-5QDvmCHeTiYnWjU4oZuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.50.0.0/18
147.136.68.0/22
147.136.76.0/22
147.136.84.0/22
185.101.252.0/22
185.171.252.0/22
185.226.204.0/23
Signature Algorithm: sha256WithRSAEncryption
95:9a:d4:5d:33:17:70:ec:57:3d:07:88:95:b1:2d:8b:0f:dc:
06:9f:6e:af:7d:21:b3:fc:3a:96:db:bf:39:2b:79:e2:dd:75:
e2:88:60:88:45:3c:99:bc:3f:8b:7a:21:cb:d4:31:48:76:e2:
c1:b8:e0:f6:fc:59:be:c4:8a:23:b6:9e:99:99:d5:8a:cf:5a:
e3:18:1c:90:a3:65:6a:42:c3:b4:5d:a4:44:d7:2b:98:92:c6:
e7:e3:bf:a7:57:83:1e:09:05:c4:79:70:72:46:05:30:6a:6e:
ac:36:fc:a8:bf:54:73:86:19:48:0e:62:73:19:b6:f2:7b:ce:
72:8d:42:0d:c8:f5:c5:de:c7:e8:cf:00:59:0a:db:f8:fe:f7:
fc:98:36:d4:b1:e0:b3:6f:d3:1f:11:1a:84:cb:77:05:d9:68:
f1:40:83:a6:c5:11:e9:a6:b4:08:dc:2f:5f:fa:a7:91:f6:15:
cd:ea:d7:7a:69:10:ef:01:50:6b:68:8e:68:4a:ca:41:b1:ff:
55:47:00:91:10:1b:c6:b0:11:ca:18:35:bc:b3:9e:d8:60:a6:
d0:85:72:13:d9:7a:66:46:fa:20:fd:e8:79:91:84:30:98:2b:
eb:98:68:34:46:1b:d1:3e:1e:bf:ed:4f:3a:80:d7:66:4a:1c:
c8:b6:2a:f5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZORwgIfIrPoouAVdHErxHEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQxMjA0MTMwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjhkN2IzNDRmYjk0MDNiZTYwODc3OTM4OTg5ZDY4ZDRlMjg2NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO+zMJzs2Xr6Y1q57kqJBjD7bF5B
g1w/C1vCkaxaivJ+nje/FMXvJdgtASfN3rFmwuGtAsWfpKIvLxVVkLdZ3XjPFW1d
nLYnUVjR3EAld+bH7yrroeQZSu8mLcePmF6wSTWna6e/6ED7ghDEqFfL36QWzVS/
am4ktp37sdSh9cXV53fDxYX6bMRLQMg+FJw3gKlUj93hDw/5aMFfVOkn9+SYE1hf
pnTaJLmSgMyW6frwTAr62+K701dmQK/Uj0NQl3VhEwb2RXZLbbjuBhcnZg3ORSkr
Nwin3QP6F3YYuR8NzOo7W9vT3Qbueqmg6ffm8rmjWB5GUeK1t+qMWbWAkQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCuNezRPuUA75gh3k4mJ1o1OKGbqMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvSzQxN05FLTVRRHZtQ0hlVGlZbldqVTRvWnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQGXDIAAwQC
k4hEAwQCk4hMAwQCk4hUAwQCuWX8AwQCuav8AwQBueLMMA0GCSqGSIb3DQEBCwUA
A4IBAQCVmtRdMxdw7Fc9B4iVsS2LD9wGn26vfSGz/DqW2785K3ni3XXiiGCIRTyZ
vD+LeiHL1DFIduLBuOD2/Fm+xIojtp6ZmdWKz1rjGByQo2VqQsO0XaRE1yuYksbn
47+nV4MeCQXEeXByRgUwam6sNvyov1RzhhlIDmJzGbbye85yjUINyPXF3sfozwBZ
Ctv4/vf8mDbUseCzb9MfERqEy3cF2WjxQIOmxRHpprQI3C9f+qeR9hXN6td6aRDv
AVBraI5oSspBsf9VRwCREBvGsBHKGDW8s57YYKbQhXIT2XpmRvog/eh5kYQwmCvr
mGg0RhvRPh6/7U86gNdmShzItir1
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:32:15 2025 by rpki-client