Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/KUAADqnNekTkWzv6EIx8iIorRJk.roa
File: KUAADqnNekTkWzv6EIx8iIorRJk.roa (raw, json)
Hash identifier: upixKTPEgjsCgJGA7L1FfonSLEcHmzsgFkYO1A1BZtA=
Subject key identifier: 29:40:00:0E:A9:CD:7A:44:E4:5B:3B:FA:10:8C:7C:88:8A:2B:44:99
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1DDF2C7F89BD1CE59CB5B7EBBAC82
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/KUAADqnNekTkWzv6EIx8iIorRJk.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203583
IP address blocks: 84.1.158.0/24 maxlen: 24
195.228.29.0/24 maxlen: 24
195.228.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 14:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:dd:f2:c7:f8:9b:d1:ce:59:cb:5b:7e:bb:ac:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2940000ea9cd7a44e45b3bfa108c7c888a2b4499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:0f:3b:ae:33:aa:e6:2c:57:d1:81:95:8e:
2f:bf:63:b7:b0:1d:d1:a9:7b:2e:52:21:d5:e3:59:
44:bf:f5:38:a3:bd:ec:79:fd:b7:1f:0c:d7:78:b5:
93:61:f2:96:a6:c2:31:fc:04:b1:d7:a3:ee:d1:c5:
94:0b:07:ee:cf:47:86:a8:b3:33:04:5c:95:c7:54:
c8:fb:31:b0:d5:17:74:68:42:88:1c:78:bf:29:e7:
ec:1e:1a:00:0b:d5:59:33:8b:7f:9f:93:65:5f:05:
53:37:e7:21:5a:fe:98:49:8f:66:c5:80:cd:ac:21:
88:53:c3:35:86:96:80:4f:96:96:0b:9b:b4:71:52:
37:57:ef:51:a4:69:f9:8d:fb:c9:fe:f8:ea:2a:2a:
2c:be:26:b6:1d:fc:bd:21:1a:25:22:47:d8:b2:d2:
6e:0e:88:08:41:99:c1:eb:4d:1a:c0:a8:a4:f6:ae:
0b:ad:b4:4c:38:24:f1:5c:fb:88:d3:10:cd:aa:6c:
4a:71:5f:9c:7b:e8:89:a4:39:17:ce:76:21:56:86:
76:78:f2:28:59:f5:ce:98:3d:8b:ab:42:02:99:db:
7d:b6:c7:bf:e9:35:af:dc:c8:fc:5c:b7:6c:0a:60:
c1:e0:88:fe:fe:5a:81:be:99:aa:68:27:2a:61:84:
b5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:40:00:0E:A9:CD:7A:44:E4:5B:3B:FA:10:8C:7C:88:8A:2B:44:99
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/KUAADqnNekTkWzv6EIx8iIorRJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.158.0/24
195.228.29.0/24
195.228.180.0/24
Signature Algorithm: sha256WithRSAEncryption
01:db:1b:8f:fc:28:4e:ae:0c:b1:01:8b:e7:b5:4b:14:f6:46:
d1:a5:9d:95:16:d9:e5:9e:5c:d6:06:bb:42:58:dd:61:7d:7a:
b1:e2:ff:c7:cc:63:3f:b9:3b:ad:85:ee:5d:24:a8:75:a8:74:
51:24:15:26:d8:96:9d:8c:b1:45:cf:8c:08:86:a7:68:6e:e5:
e3:44:e0:b0:1a:af:63:c9:24:97:96:da:7b:89:9c:3c:66:8f:
b5:67:be:4a:3f:ec:c6:c6:b5:06:db:b9:9c:d0:9d:fd:ff:21:
a5:3f:e5:98:56:06:9b:72:8d:20:fd:3b:3e:fb:e9:0d:59:10:
33:1c:58:e5:84:e3:dd:5c:32:64:bd:3f:a9:7e:3f:7a:16:9b:
b8:f1:cd:3b:ca:51:72:9a:92:9c:e2:64:bb:79:d9:0c:e3:b1:
90:9a:52:12:74:9f:c6:0f:04:33:4d:a6:72:25:f2:fb:d3:8c:
e4:98:16:27:14:49:fb:04:95:3d:ce:1f:a7:7b:44:07:21:35:
6d:89:b8:7e:9f:97:72:d4:04:fa:6c:00:16:12:9b:0b:8d:a5:
cb:44:98:b3:f6:d5:cd:5b:5a:0c:fd:6a:95:05:ff:8a:f6:6d:
25:98:5c:6e:3b:83:89:9a:f6:a4:3d:48:98:ee:76:ed:74:f4:
da:e1:fe:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsd3yx/ib0c5Zy1t+u6yCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQwMDAwZWE5Y2Q3YTQ0ZTQ1YjNiZmExMDhjN2M4ODhhMmI0NDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4cPO64zquYsV9GBlY4vv2O3sB3R
qXsuUiHV41lEv/U4o73sef23HwzXeLWTYfKWpsIx/ASx16Pu0cWUCwfuz0eGqLMz
BFyVx1TI+zGw1Rd0aEKIHHi/KefsHhoAC9VZM4t/n5NlXwVTN+chWv6YSY9mxYDN
rCGIU8M1hpaAT5aWC5u0cVI3V+9RpGn5jfvJ/vjqKiosvia2Hfy9IRolIkfYstJu
DogIQZnB600awKik9q4LrbRMOCTxXPuI0xDNqmxKcV+ce+iJpDkXznYhVoZ2ePIo
WfXOmD2Lq0ICmdt9tse/6TWv3Mj8XLdsCmDB4Ij+/lqBvpmqaCcqYYS1XQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFClAAA6pzXpE5Fs7+hCMfIiKK0SZMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvS1VBQURxbk5la1RrV3p2NkVJeDhpSW9yUkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVAGeAwQA
w+QdAwQAw+S0MA0GCSqGSIb3DQEBCwUAA4IBAQAB2xuP/ChOrgyxAYvntUsU9kbR
pZ2VFtnlnlzWBrtCWN1hfXqx4v/HzGM/uTuthe5dJKh1qHRRJBUm2JadjLFFz4wI
hqdobuXjROCwGq9jySSXltp7iZw8Zo+1Z75KP+zGxrUG27mc0J39/yGlP+WYVgab
co0g/Ts+++kNWRAzHFjlhOPdXDJkvT+pfj96Fpu48c07ylFympKc4mS7edkM47GQ
mlISdJ/GDwQzTaZyJfL704zkmBYnFEn7BJU9zh+ne0QHITVtibh+n5dy1AT6bAAW
EpsLjaXLRJiz9tXNW1oM/WqVBf+K9m0lmFxuO4OJmvakPUiY7nbtdPTa4f5f
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:48:08 2025 by rpki-client