Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/KSBcUA_hEs-sNQMn752II5cD4Ws.roa
File: KSBcUA_hEs-sNQMn752II5cD4Ws.roa (raw, json)
Hash identifier: scijqL9KhhrvNUgKzRDO/IgZOH9HZKaeRpNYU1U5/rc=
Subject key identifier: 29:20:5C:50:0F:E1:12:CF:AC:35:03:27:EF:9D:88:23:97:03:E1:6B
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 018E760F68986209A6339A95C330BF0F401F
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/KSBcUA_hEs-sNQMn752II5cD4Ws.roa
Signing time: Mon 25 Mar 2024 14:41:45 +0000
ROA not before: Mon 25 Mar 2024 14:41:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48648
IP address blocks: 91.198.233.0/24 maxlen: 24
91.211.120.0/24 maxlen: 24
91.211.122.0/24 maxlen: 24
193.107.80.0/24 maxlen: 24
195.12.56.0/22 maxlen: 22
2a0a:2c0::/48 maxlen: 48
2a0a:2c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 10 Aug 2024 14:54:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:0f:68:98:62:09:a6:33:9a:95:c3:30:bf:0f:40:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Mar 25 14:41:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29205c500fe112cfac350327ef9d88239703e16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d2:89:0c:53:32:df:c8:42:4d:cf:af:1d:38:
59:b5:93:5b:2e:7d:1e:33:65:fa:42:35:a6:82:5a:
ca:de:f3:3c:3c:d3:20:8d:a5:ee:e1:23:a1:f1:76:
6e:ac:e0:e0:92:9f:c7:bf:4e:58:f1:8f:bb:be:2c:
d0:55:3f:6d:c1:ee:94:c1:18:cc:5d:85:aa:fc:f5:
94:63:56:58:59:ab:62:20:0d:ef:e3:c6:dc:c1:1b:
6e:aa:46:03:6c:cd:ce:3e:29:41:13:ee:90:67:86:
47:c7:23:12:71:12:48:d7:39:4f:e8:2b:57:20:1c:
70:24:e2:35:65:b3:3a:8f:c9:48:0f:1b:21:b2:91:
86:89:68:c9:57:5c:17:c9:7d:19:7e:8c:1d:af:d9:
86:fc:61:85:56:e5:bb:59:e5:22:70:39:2e:a0:83:
ff:71:25:d1:ff:92:98:94:68:4d:08:8e:9a:9e:ef:
17:e3:56:0f:0b:fd:ed:67:7e:86:69:8f:67:43:02:
f0:b5:c2:de:7c:0f:05:46:4b:9f:11:73:dd:56:4a:
9b:d1:39:74:0c:0a:93:83:d0:dd:a1:16:93:f6:b9:
60:93:66:7a:aa:11:18:ea:30:f3:97:6c:90:4f:b4:
70:97:b8:fe:d1:eb:ab:76:e5:04:27:21:9f:fb:6a:
35:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:20:5C:50:0F:E1:12:CF:AC:35:03:27:EF:9D:88:23:97:03:E1:6B
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/KSBcUA_hEs-sNQMn752II5cD4Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.233.0/24
91.211.120.0/24
91.211.122.0/24
193.107.80.0/24
195.12.56.0/22
IPv6:
2a0a:2c0::/48
2a0a:2c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
10:dc:cb:17:1e:fa:84:7d:fa:09:69:53:68:11:d7:2e:d9:42:
51:36:c8:68:7b:2f:0f:ed:fe:09:a9:dd:35:6e:11:76:5f:a5:
60:f2:32:81:88:ca:39:2b:43:39:00:e1:9f:e6:a0:01:cb:3f:
9e:ed:c6:fa:39:23:14:b1:7a:dd:47:68:25:03:47:3e:2a:74:
69:b9:b1:40:74:16:76:66:da:41:7b:2b:71:e0:6c:59:8c:1f:
b1:c5:06:81:cb:0c:4f:10:c7:9b:70:9b:63:ac:75:4c:ba:c9:
e4:cf:ef:7d:27:52:a9:7e:49:b7:91:1c:d6:11:13:b0:69:74:
aa:70:fd:eb:8d:4f:98:53:00:06:82:2b:18:ad:14:fa:64:1b:
e0:3f:b6:20:24:fc:2a:fa:e9:e0:2b:51:25:81:15:81:f9:52:
dd:8f:2a:28:a9:b4:47:34:dd:bb:d0:a3:57:f6:05:85:05:f5:
ea:b9:b1:a9:5f:a5:b8:a1:b5:51:33:f1:a8:01:4b:22:5c:cc:
01:8f:72:df:81:b2:8b:95:a5:5d:3b:eb:bd:c9:3f:24:5f:b8:
48:69:0f:ff:b5:44:64:5f:b7:9c:b2:41:27:7d:19:ad:07:dc:
5b:bb:84:16:92:ef:60:e3:98:96:86:40:c6:8c:d1:2c:c4:71:
74:a7:03:32
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY52D2iYYgmmM5qVwzC/D0AfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjQwMzI1MTQ0MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTIwNWM1MDBmZTExMmNmYWMzNTAzMjdlZjlkODgyMzk3MDNlMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNKJDFMy38hCTc+vHThZtZNbLn0e
M2X6QjWmglrK3vM8PNMgjaXu4SOh8XZurODgkp/Hv05Y8Y+7vizQVT9twe6UwRjM
XYWq/PWUY1ZYWatiIA3v48bcwRtuqkYDbM3OPilBE+6QZ4ZHxyMScRJI1zlP6CtX
IBxwJOI1ZbM6j8lIDxshspGGiWjJV1wXyX0Zfowdr9mG/GGFVuW7WeUicDkuoIP/
cSXR/5KYlGhNCI6anu8X41YPC/3tZ36GaY9nQwLwtcLefA8FRkufEXPdVkqb0Tl0
DAqTg9DdoRaT9rlgk2Z6qhEY6jDzl2yQT7Rwl7j+0eurduUEJyGf+2o1TQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCkgXFAP4RLPrDUDJ++diCOXA+FrMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvS1NCY1VBX2hFcy1zTlFNbjc1MklJNWNENFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQAW8bpAwQA
W9N4AwQAW9N6AwQAwWtQAwQCwww4MBgEAgACMBIDBwAqCgLAAAADBwAqCgLAAAIw
DQYJKoZIhvcNAQELBQADggEBABDcyxce+oR9+glpU2gR1y7ZQlE2yGh7Lw/t/gmp
3TVuEXZfpWDyMoGIyjkrQzkA4Z/moAHLP57txvo5IxSxet1HaCUDRz4qdGm5sUB0
FnZm2kF7K3HgbFmMH7HFBoHLDE8Qx5twm2OsdUy6yeTP730nUql+SbeRHNYRE7Bp
dKpw/euNT5hTAAaCKxitFPpkG+A/tiAk/Cr66eArUSWBFYH5Ut2PKiiptEc03bvQ
o1f2BYUF9eq5salfpbihtVEz8agBSyJczAGPct+BsouVpV07673JPyRfuEhpD/+1
RGRft5yyQSd9Ga0H3Fu7hBaS72DjmJaGQMaM0SzEcXSnAzI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:29:50 2025 by rpki-client