Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KjndHVjGuaHHTKRykACKjbcfyt4.roa
File: KjndHVjGuaHHTKRykACKjbcfyt4.roa (raw, json)
Hash identifier: u6Llu5QBFwulXnC5jv5z2mzyUsPm5XT5jpC3hn6x37A=
Subject key identifier: 2A:39:DD:1D:58:C6:B9:A1:C7:4C:A4:72:90:00:8A:8D:B7:1F:CA:DE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190745189AB1A258560904438BF964F179C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KjndHVjGuaHHTKRykACKjbcfyt4.roa
Signing time: Tue 02 Jul 2024 16:40:18 +0000
ROA not before: Tue 02 Jul 2024 16:40:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.134.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 15:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:74:51:89:ab:1a:25:85:60:90:44:38:bf:96:4f:17:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 2 16:40:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a39dd1d58c6b9a1c74ca47290008a8db71fcade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dd:d6:9f:8f:6c:43:54:b3:24:c3:ef:ea:ff:
0d:bb:d8:3d:9b:1a:46:f9:5c:dc:f6:bd:bd:e5:ff:
ec:7f:2e:34:77:27:7f:4a:d1:d8:6e:89:88:36:97:
f4:7e:ad:4d:ac:f5:b9:70:0f:31:ef:9d:11:66:3e:
d1:a7:fb:e4:66:e3:ce:09:10:cf:90:b2:b3:f4:d4:
27:d8:fc:05:f3:f7:49:9d:e7:b0:8d:aa:4d:c4:06:
44:92:9d:db:6a:df:e1:f1:f0:e5:95:eb:e8:08:61:
ab:cb:08:68:9c:b9:32:20:5b:73:8e:3b:c2:ef:49:
ed:be:68:cd:07:af:ea:74:45:1d:d6:3f:1a:09:68:
1c:8a:e8:b9:0a:10:2d:e7:65:7a:0f:33:cb:77:3f:
f6:ed:4e:c1:1b:a7:98:9b:7d:c5:00:8e:da:6a:ee:
f1:78:5a:52:fc:42:fe:0f:2c:ec:90:0b:e4:2c:2b:
5a:b6:dc:16:e6:d7:3a:ce:5f:08:58:ae:ab:c7:50:
cf:53:63:cd:94:e0:dd:fd:ca:ee:a1:eb:96:55:20:
b4:7e:74:3d:0b:33:81:84:5a:72:f2:62:6d:2a:8c:
5b:23:43:26:b2:0d:5b:d9:01:18:b4:49:dc:f4:65:
3a:86:8b:3a:db:79:8b:0d:0e:c0:c1:f3:e3:e6:89:
46:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:39:DD:1D:58:C6:B9:A1:C7:4C:A4:72:90:00:8A:8D:B7:1F:CA:DE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KjndHVjGuaHHTKRykACKjbcfyt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.134.0/24
89.213.146.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.27.0/24
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
60:e5:28:53:0e:be:09:40:f6:c6:3c:03:28:e6:b3:11:20:fd:
a7:2c:6c:58:e0:de:33:95:59:86:e4:a0:70:f7:a0:dd:06:2f:
77:45:6c:fe:4a:c5:7d:9e:d6:5f:c8:3b:36:11:74:ad:43:d1:
34:55:25:db:04:14:b5:e0:32:f2:8a:d9:62:75:73:28:a6:e6:
26:fc:53:1a:05:f0:e2:4b:4d:bd:2f:51:60:2e:64:00:0e:d0:
4d:a4:e1:f2:9e:da:50:14:39:2c:ce:65:84:2d:be:94:79:ed:
28:93:ef:dc:02:ce:1d:c0:81:a1:d7:2b:e2:4e:e1:0a:6e:7b:
0a:cd:26:78:ab:9b:80:41:bd:7c:72:4a:dc:c5:59:86:56:57:
2a:0e:f5:3c:57:c0:f8:02:d4:bc:7f:98:c7:2f:2e:be:ad:1e:
81:aa:4e:86:a7:ea:2b:51:ce:f2:31:4b:f7:fb:32:74:de:06:
da:33:6d:f5:d7:19:53:a3:4d:d6:67:d8:2a:f3:f2:fa:19:9f:
d0:89:f2:dc:5f:c2:2e:5c:1a:f7:15:ad:0a:70:79:61:19:d8:
5d:b5:02:80:9c:8a:66:94:d2:0f:a3:07:30:4d:89:92:64:7d:
1d:0e:a3:01:31:f4:98:37:52:89:c3:14:71:e1:97:71:7e:67:
50:99:e0:6d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZB0UYmrGiWFYJBEOL+WTxecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzAyMTY0MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM5ZGQxZDU4YzZiOWExYzc0Y2E0NzI5MDAwOGE4ZGI3MWZjYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN3Wn49sQ1SzJMPv6v8Nu9g9mxpG
+Vzc9r295f/sfy40dyd/StHYbomINpf0fq1NrPW5cA8x750RZj7Rp/vkZuPOCRDP
kLKz9NQn2PwF8/dJneewjapNxAZEkp3bat/h8fDllevoCGGrywhonLkyIFtzjjvC
70ntvmjNB6/qdEUd1j8aCWgciui5ChAt52V6DzPLdz/27U7BG6eYm33FAI7aau7x
eFpS/EL+DyzskAvkLCtattwW5tc6zl8IWK6rx1DPU2PNlODd/cruoeuWVSC0fnQ9
CzOBhFpy8mJtKoxbI0Mmsg1b2QEYtEnc9GU6hos623mLDQ7AwfPj5olGswIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFCo53R1Yxrmhx0ykcpAAio23H8reMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS2puZEhWakd1YUhIVEtSeWtBQ0tqYmNmeXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAVKY
sAMEAlKZiAMEAVnVMgMEAlnVOAMEAFnVhgMEAFnVkjAMAwQCWdWUAwQFWdWAAwQC
WdWsMAwDBAJZ1cQDBARZ1cADBANZ1egDBANtsBADBABtsBsDBAJtsMwDBAG5MX4D
BATCaVADBAHUJlgDBADV2tMDBAPZkUgwDQYJKoZIhvcNAQELBQADggEBAGDlKFMO
vglA9sY8AyjmsxEg/acsbFjg3jOVWYbkoHD3oN0GL3dFbP5KxX2e1l/IOzYRdK1D
0TRVJdsEFLXgMvKK2WJ1cyim5ib8UxoF8OJLTb0vUWAuZAAO0E2k4fKe2lAUOSzO
ZYQtvpR57SiT79wCzh3AgaHXK+JO4QpuewrNJnirm4BBvXxyStzFWYZWVyoO9TxX
wPgC1Lx/mMcvLr6tHoGqToan6itRzvIxS/f7MnTeBtozbfXXGVOjTdZn2Crz8voZ
n9CJ8txfwi5cGvcVrQpweWEZ2F21AoCcimaU0g+jBzBNiZJkfR0OowEx9Jg3UonD
FHHhl3F+Z1CZ4G0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:52 2025 by rpki-client