Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KNYPT0Zib7v3qZyiVaylMexenXs.roa
File: KNYPT0Zib7v3qZyiVaylMexenXs.roa (raw, json)
Hash identifier: 6PWk4/z7pEFKAMwWpCZlc5Vr3rvLPG6uyCoqgqq9W1M=
Subject key identifier: 28:D6:0F:4F:46:62:6F:BB:F7:A9:9C:A2:55:AC:A5:31:EC:5E:9D:7B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01903B663E7FDE367B7003EE5B08263BD585
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KNYPT0Zib7v3qZyiVaylMexenXs.roa
Signing time: Fri 21 Jun 2024 15:24:34 +0000
ROA not before: Fri 21 Jun 2024 15:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.197.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.229.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.224.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 07:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:66:3e:7f:de:36:7b:70:03:ee:5b:08:26:3b:d5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 21 15:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28d60f4f46626fbbf7a99ca255aca531ec5e9d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:27:87:ed:20:33:c0:2c:d9:0f:0f:ab:0f:50:
40:e7:6b:cc:d0:42:1b:de:f8:37:0a:6b:b1:fd:db:
b1:29:2e:28:4c:26:3a:c8:d0:23:b9:4d:8d:84:65:
af:4b:68:39:53:08:b1:25:83:0d:59:89:60:b9:d0:
d0:ae:cb:2b:b5:af:e0:6d:44:c0:3b:d8:55:ea:a7:
95:2a:c2:58:26:49:52:f0:29:b8:ed:b8:ab:c1:d8:
86:53:63:e1:ca:95:22:26:a5:27:2f:cd:0c:54:23:
3d:4c:4e:c1:5d:84:e2:b6:fe:e0:3a:ac:75:66:49:
ed:04:22:54:54:10:69:22:38:1c:65:24:02:14:3c:
c1:16:0f:ee:47:88:1a:c4:61:fa:88:ba:85:b8:5f:
9b:26:f2:0c:84:89:08:68:3f:20:d2:08:07:6e:58:
1a:ad:1b:38:a7:6a:ab:9b:d4:e8:14:65:6f:37:a0:
1f:6a:a8:2b:66:51:ed:cf:05:a6:78:da:c3:05:b1:
06:08:4a:bd:40:97:41:03:22:52:e4:11:61:3c:40:
c9:e8:d2:f7:b0:c4:74:ad:11:2b:74:35:6b:70:dd:
4d:f4:f1:51:7f:54:18:61:a1:0e:57:9b:5e:05:40:
4b:4a:35:6c:82:2b:b5:e5:f6:24:b6:7f:b3:79:ac:
55:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D6:0F:4F:46:62:6F:BB:F7:A9:9C:A2:55:AC:A5:31:EC:5E:9D:7B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KNYPT0Zib7v3qZyiVaylMexenXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.4.0/23
82.152.98.0/24
82.152.131.0/24
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
82.153.207.0/24
82.163.0.0/24
89.213.197.0/24
109.176.193.0/24
109.176.229.0-109.176.230.255
109.176.244.0/24
212.38.79.0/24
213.130.150.0/23
213.210.63.0/24
213.218.211.0/24
213.218.224.0/24
213.218.233.0/24
Signature Algorithm: sha256WithRSAEncryption
36:59:03:bb:ec:fa:ba:79:3f:9f:8a:e6:4c:b4:80:ce:9d:d2:
6f:e2:66:c8:31:bc:75:2d:64:a5:7d:81:05:0a:5d:53:9e:fd:
e8:bc:6f:dd:a5:f5:87:fb:79:22:53:c8:ea:ef:c3:28:68:1a:
c9:23:64:81:ec:9d:ed:e6:f0:b1:5b:3a:af:ba:7e:1f:40:e9:
dd:12:53:a9:24:56:fc:08:6a:19:0f:27:ff:70:30:dd:03:03:
c5:cf:b3:a0:ab:1e:42:da:fd:53:0e:d7:2f:90:bb:32:5c:14:
3f:46:12:8c:be:96:10:66:91:ff:83:1d:2d:21:eb:ad:62:37:
6c:6d:84:3e:57:64:3a:87:04:2a:74:6b:99:5f:17:b0:2f:3c:
b9:92:23:cf:3a:4f:b5:f1:9b:f5:31:7f:c7:1e:06:aa:e2:09:
38:20:fc:35:91:57:6b:83:00:76:7e:38:8a:c8:72:ed:32:60:
af:0a:54:db:88:5b:7c:63:9b:c3:d7:9f:bc:87:3c:eb:52:8c:
e8:01:f5:5f:97:0b:cf:01:ca:0b:d3:dc:a8:5d:e9:0f:a9:5b:
9a:8d:73:12:6c:53:60:22:57:4b:a2:47:31:c9:f3:40:d1:a4:
1f:08:e0:1c:4f:0a:0d:91:74:b8:fa:e8:5d:2d:ff:45:22:cd:
44:ca:ed:8a
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZA7Zj5/3jZ7cAPuWwgmO9WFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIxMTUyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ2MGY0ZjQ2NjI2ZmJiZjdhOTljYTI1NWFjYTUzMWVjNWU5ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SeH7SAzwCzZDw+rD1BA52vM0EIb
3vg3Cmux/duxKS4oTCY6yNAjuU2NhGWvS2g5UwixJYMNWYlgudDQrssrta/gbUTA
O9hV6qeVKsJYJklS8Cm47birwdiGU2PhypUiJqUnL80MVCM9TE7BXYTitv7gOqx1
ZkntBCJUVBBpIjgcZSQCFDzBFg/uR4gaxGH6iLqFuF+bJvIMhIkIaD8g0ggHblga
rRs4p2qrm9ToFGVvN6AfaqgrZlHtzwWmeNrDBbEGCEq9QJdBAyJS5BFhPEDJ6NL3
sMR0rRErdDVrcN1N9PFRf1QYYaEOV5teBUBLSjVsgiu15fYktn+zeaxVwwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFCjWD09GYm+796mcolWspTHsXp17MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS05ZUFQwWmliN3YzcVp5aVZheWxNZXhlblhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAFGo
egMEAVKYBAMEAFKYYgMEAFKYgwMEAFKZmQMEAFKZnAMEAFKZyAMEAFKZzwMEAFKj
AAMEAFnVxQMEAG2wwTAMAwQAbbDlAwQAbbDmAwQAbbD0AwQA1CZPAwQB1YKWAwQA
1dI/AwQA1drTAwQA1drgAwQA1drpMA0GCSqGSIb3DQEBCwUAA4IBAQA2WQO77Pq6
eT+fiuZMtIDOndJv4mbIMbx1LWSlfYEFCl1Tnv3ovG/dpfWH+3kiU8jq78MoaBrJ
I2SB7J3t5vCxWzqvun4fQOndElOpJFb8CGoZDyf/cDDdAwPFz7Ogqx5C2v1TDtcv
kLsyXBQ/RhKMvpYQZpH/gx0tIeutYjdsbYQ+V2Q6hwQqdGuZXxewLzy5kiPPOk+1
8Zv1MX/HHgaq4gk4IPw1kVdrgwB2fjiKyHLtMmCvClTbiFt8Y5vD15+8hzzrUozo
AfVflwvPAcoL09yoXekPqVuajXMSbFNgIldLokcxyfNA0aQfCOAcTwoNkXS4+uhd
Lf9FIs1Eyu2K
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:38 2025 by rpki-client