Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KULo6t4M70hCPt_2NnYBYvgU6Q4.roa
File: KULo6t4M70hCPt_2NnYBYvgU6Q4.roa (raw, json)
Hash identifier: iRLx7J5hzrD4jrbDmhWkxtjfj3S68V5MQgruU0rfY24=
Subject key identifier: 29:42:E8:EA:DE:0C:EF:48:42:3E:DF:F6:36:76:01:62:F8:14:E9:0E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F49EE2CF7BC5951F98D364032B0350279
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KULo6t4M70hCPt_2NnYBYvgU6Q4.roa
Signing time: Sun 05 May 2024 18:04:56 +0000
ROA not before: Sun 05 May 2024 18:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.244.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.74.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.84.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 07:11:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:49:ee:2c:f7:bc:59:51:f9:8d:36:40:32:b0:35:02:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 5 18:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2942e8eade0cef48423edff636760162f814e90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e8:f1:a0:78:2d:4e:a0:b2:68:74:6f:75:54:
67:ed:a1:d7:68:7f:c1:90:0b:82:5d:b8:12:b6:15:
27:d4:ad:4a:e0:e6:03:e6:bd:6c:88:b1:5e:20:d2:
0b:aa:ad:36:55:80:fd:f1:7b:fc:3f:63:96:da:84:
35:ce:6a:37:86:b9:e8:b6:4c:8b:ef:7a:37:84:fe:
30:77:1f:7e:92:9b:c0:cd:d5:35:2d:98:45:f9:35:
23:f7:d0:0a:90:6b:bc:2b:d1:49:5d:2f:ed:98:60:
1f:d0:b3:27:35:b1:52:0f:50:6b:cb:ff:9e:e6:a2:
02:12:56:90:bf:53:c6:ce:16:09:78:fd:1e:e4:7c:
cc:61:2a:65:1f:e4:1c:64:ac:05:52:73:bc:dc:d8:
58:d8:97:e0:5d:83:97:06:6a:7e:ff:79:dd:c8:99:
f6:f5:82:ab:25:d8:10:95:a1:77:37:52:b2:03:c8:
89:da:e9:a1:a2:44:47:e3:4d:e9:ca:90:be:be:5a:
32:3e:e4:7f:8d:34:1f:0f:15:84:49:25:5e:1f:a3:
99:e4:1b:fc:7c:a6:3a:15:e9:39:52:c6:d7:1e:a7:
14:d7:54:ff:c6:fd:11:0a:01:db:bc:24:7a:37:b1:
68:5d:d5:62:64:1d:01:13:6b:f9:34:fd:c0:eb:bb:
8e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:42:E8:EA:DE:0C:EF:48:42:3E:DF:F6:36:76:01:62:F8:14:E9:0E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KULo6t4M70hCPt_2NnYBYvgU6Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.176.0/23
82.153.136.0/22
82.153.245.0/24
82.163.15.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0/21
109.176.244.0/24
185.49.126.0/23
194.105.80.0/20
212.38.74.0/24
212.38.79.0/24
212.38.84.0/24
213.130.149.0/24
213.218.210.0/23
213.218.213.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:43:77:95:c1:e6:ce:be:b2:30:02:25:48:4f:21:f4:c4:0a:
dd:68:67:6a:46:68:90:a7:81:cd:4a:99:18:5e:91:5f:be:6f:
04:e0:e1:41:9f:43:e8:7a:e9:6d:69:ff:ce:c2:22:8f:7d:d8:
06:66:54:cd:f4:4b:a0:e2:70:53:5f:be:ab:c0:ee:c4:96:e0:
d1:0c:9f:44:4e:18:9b:16:55:5f:6f:d0:01:72:e8:32:d2:86:
71:af:cf:c3:2a:85:7c:2d:f0:e4:df:70:4c:5d:2a:de:a9:bf:
fa:64:77:c0:90:77:5d:05:ba:2f:1a:56:e4:1e:3f:84:2f:b8:
97:cf:36:4e:31:5b:01:1b:6b:d7:66:aa:ec:5d:c9:31:b2:dc:
fa:6d:59:c3:cb:bb:32:72:29:01:ad:df:86:d0:15:04:69:1b:
3c:92:e4:22:e4:df:65:e1:60:67:0b:4d:53:11:ef:58:d1:d5:
86:40:91:4b:20:fb:af:26:b2:a9:2e:9a:fc:d0:b6:46:d1:e7:
4e:8c:ee:52:40:da:e9:b8:e5:59:94:35:f9:af:26:d1:8d:2c:
f5:a2:1c:93:c0:24:09:19:3d:3f:66:9e:5b:8d:91:5e:fb:6b:
e4:80:03:6a:24:fc:98:16:55:b2:d0:84:9f:da:f8:17:a4:c1:
4f:17:37:33
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY9J7iz3vFlR+Y02QDKwNQJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA1MTgwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQyZThlYWRlMGNlZjQ4NDIzZWRmZjYzNjc2MDE2MmY4MTRlOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoejxoHgtTqCyaHRvdVRn7aHXaH/B
kAuCXbgSthUn1K1K4OYD5r1siLFeINILqq02VYD98Xv8P2OW2oQ1zmo3hrnotkyL
73o3hP4wdx9+kpvAzdU1LZhF+TUj99AKkGu8K9FJXS/tmGAf0LMnNbFSD1Bry/+e
5qICElaQv1PGzhYJeP0e5HzMYSplH+QcZKwFUnO83NhY2JfgXYOXBmp+/3ndyJn2
9YKrJdgQlaF3N1KyA8iJ2umhokRH403pypC+vloyPuR/jTQfDxWESSVeH6OZ5Bv8
fKY6Fek5UsbXHqcU11T/xv0RCgHbvCR6N7FoXdViZB0BE2v5NP3A67uOKQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFClC6OreDO9IQj7f9jZ2AWL4FOkOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS1VMbzZ0NE03MGhDUHRfMk5uWUJZdmdVNlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFGofgME
AVKYsAMEAlKZiAMEAFKZ9QMEAFKjDzAMAwQCWdWUAwQFWdWAAwQCWdWsAwQAWdW0
AwQDbbAQAwQAbbD0AwQBuTF+AwQEwmlQAwQA1CZKAwQA1CZPAwQA1CZUAwQA1YKV
AwQB1drSAwQA1drVMA0GCSqGSIb3DQEBCwUAA4IBAQBqQ3eVwebOvrIwAiVITyH0
xArdaGdqRmiQp4HNSpkYXpFfvm8E4OFBn0Poeultaf/OwiKPfdgGZlTN9Eug4nBT
X76rwO7EluDRDJ9EThibFlVfb9ABcugy0oZxr8/DKoV8LfDk33BMXSreqb/6ZHfA
kHddBbovGlbkHj+EL7iXzzZOMVsBG2vXZqrsXckxstz6bVnDy7sycikBrd+G0BUE
aRs8kuQi5N9l4WBnC01TEe9Y0dWGQJFLIPuvJrKpLpr80LZG0edOjO5SQNrpuOVZ
lDX5rybRjSz1ohyTwCQJGT0/Zp5bjZFe+2vkgANqJPyYFlWy0ISf2vgXpMFPFzcz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org