Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KHNVeypmUTtZTxrwfP-uTcQ_HSc.roa
File: KHNVeypmUTtZTxrwfP-uTcQ_HSc.roa (raw, json)
Hash identifier: q/D0o89a0mFfcYTd332w/06TN4wBf4UxfLVOsVQB/nE=
Subject key identifier: 28:73:55:7B:2A:66:51:3B:59:4F:1A:F0:7C:FF:AE:4D:C4:3F:1D:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019427A56986B349A26A24814A26D3687591
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KHNVeypmUTtZTxrwfP-uTcQ_HSc.roa
Signing time: Thu 02 Jan 2025 15:32:19 +0000
ROA not before: Thu 02 Jan 2025 15:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 77.93.138.0/23 maxlen: 24
82.152.52.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
109.176.25.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.210.40.0/23 maxlen: 24
213.210.48.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:a5:69:86:b3:49:a2:6a:24:81:4a:26:d3:68:75:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 15:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2873557b2a66513b594f1af07cffae4dc43f1d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:0e:4c:9f:da:94:d6:c5:9b:7a:da:d1:ca:
97:f3:01:e8:fa:38:78:78:e4:20:c5:0c:d5:e8:19:
89:12:54:87:0c:3e:68:4b:0a:0f:63:be:c9:57:6b:
c8:60:9b:b8:20:da:9d:5c:27:f5:f3:c0:a7:49:66:
f6:4c:04:3c:aa:1c:27:bc:57:25:31:82:d5:93:96:
a7:d2:df:10:27:1f:be:50:27:d8:b6:c6:a4:08:9c:
a4:59:3b:e9:51:b4:e8:d1:52:25:47:47:04:ea:02:
46:92:b8:3b:f0:a7:f8:6f:18:c3:39:43:42:14:e2:
22:5f:35:5e:da:9e:43:69:f7:3c:00:02:b0:a0:97:
b9:52:e4:50:91:1b:c4:07:3c:a6:1b:15:e2:8c:55:
07:d5:2d:0b:eb:53:cf:e8:ae:dc:aa:7f:59:e1:1f:
4c:cf:f7:10:92:8b:92:fa:45:1b:6e:11:31:1c:ff:
36:c4:f4:76:c2:59:ed:8b:4b:7e:bc:a8:bd:42:10:
33:23:3e:a9:4c:0b:51:c6:49:25:d1:ee:74:2d:32:
92:79:b8:05:6d:f5:49:d3:50:32:be:98:e0:e4:a4:
0e:68:bf:a3:f5:6e:53:eb:be:59:34:4d:1d:ed:9a:
51:74:c9:ef:cf:45:9c:a0:12:4c:f8:f0:95:a2:12:
f7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:73:55:7B:2A:66:51:3B:59:4F:1A:F0:7C:FF:AE:4D:C4:3F:1D:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KHNVeypmUTtZTxrwfP-uTcQ_HSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.138.0/23
82.152.52.0/23
82.152.55.0/24
109.176.25.0/24
213.130.150.0/24
213.210.40.0/23
213.210.48.0/23
Signature Algorithm: sha256WithRSAEncryption
35:0a:f9:d4:d9:b4:9c:d7:1a:93:f6:0e:f0:22:1c:3f:77:51:
f6:fa:77:19:0b:b5:d5:06:77:38:e6:36:4d:33:ab:b1:d4:de:
e7:92:84:3e:16:39:06:aa:f4:01:c4:a5:06:a6:bb:3e:94:12:
b2:90:e0:3a:70:16:f5:d4:63:00:e3:3a:53:38:65:f7:43:be:
1d:69:d3:09:10:3e:12:a7:6b:73:b2:13:b5:a3:87:e8:2f:bf:
d7:5e:e1:82:a8:9f:85:b3:2d:b8:df:af:b6:5a:ab:ab:13:1e:
3f:ba:44:03:56:8c:9f:89:69:92:30:9d:2e:4f:19:bf:7f:92:
88:48:da:16:e3:90:53:38:1a:92:59:bf:56:4d:ad:11:77:31:
84:43:85:73:d2:ff:e9:14:e3:36:59:1b:9e:ab:c2:37:15:3e:
e0:c0:dc:28:fc:24:74:8c:01:0f:62:c8:e2:2a:a8:2a:19:a5:
e3:8a:e2:a6:84:43:f0:32:b8:4a:d9:f9:44:dd:69:3b:4f:77:
bd:69:09:04:65:61:2f:5a:f3:9d:60:59:a9:3b:79:95:ce:35:
59:be:f7:9e:d1:71:2e:d2:37:38:36:62:9b:b5:d3:a7:9e:b0:
8b:55:d6:0b:40:92:fa:6f:da:ec:5e:8f:2f:35:71:8b:76:51:
12:78:ba:b0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQnpWmGs0miaiSBSibTaHWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAyMTUzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODczNTU3YjJhNjY1MTNiNTk0ZjFhZjA3Y2ZmYWU0ZGM0M2YxZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv38OTJ/alNbFm3ra0cqX8wHo+jh4
eOQgxQzV6BmJElSHDD5oSwoPY77JV2vIYJu4INqdXCf188CnSWb2TAQ8qhwnvFcl
MYLVk5an0t8QJx++UCfYtsakCJykWTvpUbTo0VIlR0cE6gJGkrg78Kf4bxjDOUNC
FOIiXzVe2p5Dafc8AAKwoJe5UuRQkRvEBzymGxXijFUH1S0L61PP6K7cqn9Z4R9M
z/cQkouS+kUbbhExHP82xPR2wlnti0t+vKi9QhAzIz6pTAtRxkkl0e50LTKSebgF
bfVJ01Ayvpjg5KQOaL+j9W5T675ZNE0d7ZpRdMnvz0WcoBJM+PCVohL3zQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFChzVXsqZlE7WU8a8Hz/rk3EPx0nMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS0hOVmV5cG1VVHRaVHhyd2ZQLXVUY1FfSFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTV2KAwQB
Upg0AwQAUpg3AwQAbbAZAwQA1YKWAwQB1dIoAwQB1dIwMA0GCSqGSIb3DQEBCwUA
A4IBAQA1CvnU2bSc1xqT9g7wIhw/d1H2+ncZC7XVBnc45jZNM6ux1N7nkoQ+FjkG
qvQBxKUGprs+lBKykOA6cBb11GMA4zpTOGX3Q74dadMJED4Sp2tzshO1o4foL7/X
XuGCqJ+Fsy2436+2WqurEx4/ukQDVoyfiWmSMJ0uTxm/f5KISNoW45BTOBqSWb9W
Ta0RdzGEQ4Vz0v/pFOM2WRueq8I3FT7gwNwo/CR0jAEPYsjiKqgqGaXjiuKmhEPw
MrhK2flE3Wk7T3e9aQkEZWEvWvOdYFmpO3mVzjVZvvee0XEu0jc4NmKbtdOnnrCL
VdYLQJL6b9rsXo8vNXGLdlESeLqw
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:11:17 2025 by rpki-client