Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KMY3FYL2MIgIhCdfwxe7-8NFD0w.roa
File: KMY3FYL2MIgIhCdfwxe7-8NFD0w.roa (raw, json)
Hash identifier: t2TquEq9mfeItgKmJbIbdta5mo+6+ZydPIXTkhj4Swo=
Subject key identifier: 28:C6:37:15:82:F6:30:88:08:84:27:5F:C3:17:BB:FB:C3:45:0F:4C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190EABFEC7F125EE8BBA529DEDBF294DA73
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KMY3FYL2MIgIhCdfwxe7-8NFD0w.roa
Signing time: Thu 25 Jul 2024 16:36:04 +0000
ROA not before: Thu 25 Jul 2024 16:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.176.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.214.0/24 maxlen: 24
89.213.215.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 13:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ea:bf:ec:7f:12:5e:e8:bb:a5:29:de:db:f2:94:da:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 25 16:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28c6371582f630880884275fc317bbfbc3450f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:46:2a:b3:a2:29:5d:cc:9b:24:0c:f3:c9:a0:
5e:77:19:4d:47:2f:fc:9d:db:93:7f:ad:c4:ae:90:
22:be:bc:35:10:f4:47:ea:e5:a1:c0:cd:b8:f7:db:
fb:27:2a:32:72:90:03:e7:18:04:95:7c:89:27:84:
21:a0:a3:4e:67:d2:a2:33:11:c0:5d:55:97:80:5c:
e7:a2:b2:a4:af:d0:7d:5d:aa:ae:d4:7e:08:3a:41:
48:fe:fe:93:98:27:87:f7:f5:c8:1f:3c:72:64:e8:
a9:ee:33:41:3c:30:fd:06:d6:8d:b4:2f:19:31:74:
c2:72:0c:92:92:f5:47:f1:2b:43:df:c0:5b:2b:ac:
37:a4:ad:2e:4e:57:89:fa:56:46:cf:2d:5a:ec:48:
00:4d:79:68:50:64:0f:ca:47:fb:79:3d:41:dc:cb:
e0:a8:21:a5:32:ba:66:6f:e9:a6:b4:e7:61:97:ad:
ae:a4:49:03:89:1f:6a:17:41:51:ca:54:e3:5c:51:
cb:b0:c1:c6:e5:78:20:9c:1a:36:c9:ea:6c:a7:7b:
f1:d5:47:ea:e4:61:68:bc:c5:ad:92:b6:2e:8d:77:
85:95:9b:2f:8f:56:38:db:68:a0:b1:74:80:b8:f7:
8e:b6:01:79:58:d9:0a:50:be:32:d4:75:42:15:bf:
3a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C6:37:15:82:F6:30:88:08:84:27:5F:C3:17:BB:FB:C3:45:0F:4C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KMY3FYL2MIgIhCdfwxe7-8NFD0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.50.0/23
89.213.56.0/22
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.212.0/24
89.213.214.0/23
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.27.0/24
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:29:0b:2b:16:67:1f:67:29:af:50:04:cf:3b:19:5f:ce:6d:
11:0e:c5:f9:72:bd:5d:15:7c:d0:d6:16:9a:5e:36:9f:68:81:
0e:a0:20:64:cc:cd:d8:4a:97:ab:9e:e3:95:17:30:9c:80:6c:
a1:ec:f9:bd:1f:3c:3d:4e:34:18:cc:cd:08:36:2e:e0:b0:0c:
52:93:c5:7b:9b:fc:6a:1c:f4:84:98:a8:89:4f:c3:21:d9:cf:
ec:a2:ee:03:f5:71:6b:ff:ee:94:e1:d0:e1:f5:42:a9:45:7a:
d9:a5:ad:92:46:8b:f0:5a:9f:0e:0c:4c:64:f1:e9:77:d5:bd:
22:18:9e:07:45:76:54:57:e1:a3:24:25:f4:c0:2f:34:c9:62:
8f:cc:d3:ef:3b:ab:d8:9a:d1:76:e5:9a:f2:ba:3c:89:ca:2a:
b4:91:bf:2f:54:02:8d:32:a6:20:00:35:b1:cc:73:da:a5:f6:
7a:5c:a4:ac:11:9f:1d:6f:8a:e2:ad:04:ac:5d:43:19:e2:79:
5c:56:56:d0:a1:a9:2f:a5:38:1f:f8:01:8e:0a:1b:68:0a:43:
f6:d6:7d:3d:35:95:b5:3d:56:e2:95:fe:d0:78:1e:d5:89:c3:
f1:cf:9b:9e:74:1a:a0:c3:a5:f0:cc:1b:c5:8f:de:f4:eb:d0:
a1:7e:ac:55
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZDqv+x/El7ou6Up3tvylNpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzI1MTYzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM2MzcxNTgyZjYzMDg4MDg4NDI3NWZjMzE3YmJmYmMzNDUwZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkYqs6IpXcybJAzzyaBedxlNRy/8
nduTf63ErpAivrw1EPRH6uWhwM2499v7JyoycpAD5xgElXyJJ4QhoKNOZ9KiMxHA
XVWXgFznorKkr9B9Xaqu1H4IOkFI/v6TmCeH9/XIHzxyZOip7jNBPDD9BtaNtC8Z
MXTCcgySkvVH8StD38BbK6w3pK0uTleJ+lZGzy1a7EgATXloUGQPykf7eT1B3Mvg
qCGlMrpmb+mmtOdhl62upEkDiR9qF0FRylTjXFHLsMHG5XggnBo2yepsp3vx1Ufq
5GFovMWtkrYujXeFlZsvj1Y422igsXSAuPeOtgF5WNkKUL4y1HVCFb86dQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFCjGNxWC9jCICIQnX8MXu/vDRQ9MMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS01ZM0ZZTDJNSWdJaENkZnd4ZTctOE5GRDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAFS
mLADBAJSmYgDBABSmfMDBAFZ1TIDBAJZ1TgwDAMEAlnVlAMEBVnVgAMEAFnVpwME
AlnVrDAMAwQCWdXEAwQEWdXAAwQAWdXUAwQBWdXWMAwDBAJZ1eQDBARZ1eADBANt
sBADBABtsBsDBAJtsMwDBAG5MX4DBATCaVADBAHUJlgDBADV2tMDBADZkUIDBAPZ
kUgwDQYJKoZIhvcNAQELBQADggEBAH0pCysWZx9nKa9QBM87GV/ObREOxflyvV0V
fNDWFppeNp9ogQ6gIGTMzdhKl6ue45UXMJyAbKHs+b0fPD1ONBjMzQg2LuCwDFKT
xXub/Goc9ISYqIlPwyHZz+yi7gP1cWv/7pTh0OH1QqlFetmlrZJGi/Banw4MTGTx
6XfVvSIYngdFdlRX4aMkJfTALzTJYo/M0+87q9ia0XblmvK6PInKKrSRvy9UAo0y
piAANbHMc9ql9npcpKwRnx1viuKtBKxdQxnieVxWVtChqS+lOB/4AY4KG2gKQ/bW
fT01lbU9VuKV/tB4HtWJw/HPm550GqDDpfDMG8WP3vTr0KF+rFU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:19 2025 by rpki-client