Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/KPIXOC98wjiotewtFnb4NSbRhI4.roa
File: KPIXOC98wjiotewtFnb4NSbRhI4.roa (raw, json)
Hash identifier: XNjtp5/CGJ8nKZrzn5M9clLMQeiHAjXXWlivySyY5Cs=
Subject key identifier: 28:F2:17:38:2F:7C:C2:38:A8:B5:EC:2D:16:76:F8:35:26:D1:84:8E
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 018570E74467B0E7F58A09CFBBE11F9351FD
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/KPIXOC98wjiotewtFnb4NSbRhI4.roa
Signing time: Mon 02 Jan 2023 05:14:42 +0000
ROA not before: Mon 02 Jan 2023 05:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207375
IP address blocks: 89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
188.240.70.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.211.172.0/22 maxlen: 22
188.213.88.0/21 maxlen: 21
31.14.182.0/24 maxlen: 24
31.14.180.0/23 maxlen: 23
176.223.144.0/20 maxlen: 20
194.145.194.0/23 maxlen: 23
89.32.240.0/21 maxlen: 21
86.105.232.0/24 maxlen: 24
178.239.16.0/22 maxlen: 22
89.35.76.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.35.91.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
89.33.65.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
188.212.112.0/22 maxlen: 22
89.35.163.0/24 maxlen: 24
217.148.134.0/23 maxlen: 23
188.212.157.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
89.32.171.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
91.132.40.0/22 maxlen: 22
93.113.72.0/21 maxlen: 21
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.182.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.35.248.0/24 maxlen: 24
2a00:bba0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 19 Jul 2023 07:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:44:67:b0:e7:f5:8a:09:cf:bb:e1:1f:93:51:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Jan 2 05:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f217382f7cc238a8b5ec2d1676f83526d1848e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2e:95:dc:a7:7c:14:6a:e8:d3:7a:bb:7e:fb:
b1:75:0d:22:c2:b2:e3:4f:8d:87:a5:19:b1:dc:74:
fe:ba:66:ef:87:be:44:68:dd:26:a3:fa:ec:22:59:
6a:f3:c4:6f:c2:4c:6d:a5:68:c3:d1:57:80:9f:ec:
3c:61:14:c7:84:be:af:4b:8d:7b:ac:39:5d:18:83:
eb:36:ae:d0:64:3a:a0:82:7c:58:12:78:d6:b4:c2:
cf:e3:2a:7c:c9:17:1e:26:2a:75:68:9a:92:42:bb:
2a:38:07:93:6f:bb:a9:ae:e1:b0:74:04:53:d2:b1:
79:f2:f0:28:c7:bf:51:37:37:0f:c3:e6:6d:31:6e:
18:df:92:93:b6:8e:31:78:69:3c:ca:5c:5c:6c:a8:
9d:3d:d0:b0:51:4a:89:e9:83:ec:ed:6a:67:f8:3f:
6e:1c:8f:d5:b9:e7:ed:cf:df:00:24:b8:ab:4f:52:
14:5f:99:af:2d:9e:65:a9:d3:45:ef:6a:0b:af:12:
10:e1:33:47:b1:e6:ca:f1:ff:7d:79:d1:ed:75:a2:
e0:b5:7a:c0:4a:b3:9d:be:89:61:c3:01:36:c8:dd:
f0:1e:af:3e:61:ab:3e:17:93:56:cf:a8:44:1d:37:
23:ed:c2:9a:73:18:91:a8:7e:26:9a:3c:89:e6:96:
b8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F2:17:38:2F:7C:C2:38:A8:B5:EC:2D:16:76:F8:35:26:D1:84:8E
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/KPIXOC98wjiotewtFnb4NSbRhI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
91.132.40.0/22
93.113.72.0/21
176.223.144.0/20
178.239.16.0/22
188.211.172.0/22
188.212.112.0/22
188.212.157.0/24
188.213.86.0-188.213.95.255
188.240.70.0/24
194.145.194.0/23
217.148.134.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
07:8b:c4:70:b4:5a:50:e1:cf:93:2b:c9:62:39:b4:32:fc:d8:
fe:48:9e:75:79:6e:05:6f:fd:b7:25:73:2f:f4:a2:a5:1a:3b:
4a:80:b1:17:d5:d9:2c:70:45:87:3e:33:17:b5:e3:f0:aa:f3:
6c:7a:7f:4e:01:d4:63:f0:b4:c1:ba:11:d7:f6:71:ac:dc:b2:
47:19:f7:b5:bd:27:fb:b2:89:8e:a9:f6:17:69:4b:c1:a6:d9:
90:20:16:66:fe:c3:1f:d4:fa:c6:eb:7c:60:e0:0c:fd:ae:92:
f9:0b:06:70:76:96:0c:23:b2:18:90:c9:47:f5:85:a3:ce:de:
d9:a5:76:43:72:52:52:9e:e9:5a:28:c0:cf:16:50:36:47:c0:
f4:ea:dc:4e:d3:5e:4a:a1:bc:ca:95:ce:57:72:e0:b5:20:12:
1d:93:4f:a6:bb:cd:00:9b:9e:f5:7b:82:5c:b1:ba:2a:c7:9f:
f8:1e:a3:4c:80:a5:56:01:c9:78:a2:e8:58:74:27:d9:88:be:
cd:fb:bb:20:76:c3:61:59:c5:dc:d3:50:91:dc:6c:a8:8d:52:
c4:0c:75:98:f3:07:23:3d:d3:48:6d:a8:66:4e:d5:6f:0f:6e:
05:5a:c8:64:b4:e0:82:b4:dd:67:ed:33:56:0b:74:60:c5:db:
d5:46:c3:51
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAYVw50RnsOf1ignPu+Efk1H9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjMwMTAyMDUxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGYyMTczODJmN2NjMjM4YThiNWVjMmQxNjc2ZjgzNTI2ZDE4NDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC6V3Kd8FGro03q7fvuxdQ0iwrLj
T42HpRmx3HT+umbvh75EaN0mo/rsIllq88RvwkxtpWjD0VeAn+w8YRTHhL6vS417
rDldGIPrNq7QZDqggnxYEnjWtMLP4yp8yRceJip1aJqSQrsqOAeTb7upruGwdART
0rF58vAox79RNzcPw+ZtMW4Y35KTto4xeGk8ylxcbKidPdCwUUqJ6YPs7Wpn+D9u
HI/Vueftz98AJLirT1IUX5mvLZ5lqdNF72oLrxIQ4TNHsebK8f99edHtdaLgtXrA
SrOdvolhwwE2yN3wHq8+Yas+F5NWz6hEHTcj7cKacxiRqH4mmjyJ5pa4aQIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFCjyFzgvfMI4qLXsLRZ2+DUm0YSOMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvS1BJWE9DOTh3amlvdGV3dEZuYjROU2JSaEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCB9QQCAAEwge4w
DAMEAh8OtAMEAB8OtjAMAwQAJZxFAwQAJZxGAwQBVPcsAwQAVcxtAwQAVmkYAwQA
VmnoAwQBVmu6AwQAWSCrAwQDWSDwAwQAWSERAwQAWSEeAwQAWSFBAwQAWSMiAwQA
WSNMAwQAWSNYAwQAWSNbAwQAWSOjAwQAWSP4AwQAWSUoAwQBWS4oMAwDBARZL7AD
BABZL7IwDAMEAlkvtAMEAFkvtgMEAluEKAMEA11xSAMEBLDfkAMEArLvEAMEArzT
rAMEArzUcAMEALzUnTAMAwQBvNVWAwQFvNVAAwQAvPBGAwQBwpHCAwQB2ZSGMA0E
AgACMAcDBQAqALugMA0GCSqGSIb3DQEBCwUAA4IBAQAHi8RwtFpQ4c+TK8liObQy
/Nj+SJ51eW4Fb/23JXMv9KKlGjtKgLEX1dkscEWHPjMXtePwqvNsen9OAdRj8LTB
uhHX9nGs3LJHGfe1vSf7somOqfYXaUvBptmQIBZm/sMf1PrG63xg4Az9rpL5CwZw
dpYMI7IYkMlH9YWjzt7ZpXZDclJSnulaKMDPFlA2R8D06txO015KobzKlc5XcuC1
IBIdk0+mu80Am571e4Jcsboqx5/4HqNMgKVWAcl4ouhYdCfZiL7N+7sgdsNhWcXc
01CR3GyojVLEDHWY8wcjPdNIbahmTtVvD24FWshktOCCtN1n7TNWC3RgxdvVRsNR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:30 2024 by rpki-client on console-fra.rpki-client.org