Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/KGRhk-KHNJF018OCI-dnHwyXXik.roa
File: KGRhk-KHNJF018OCI-dnHwyXXik.roa (raw, json)
Hash identifier: cWpNmGmLDlo03lKQWah+Ix8e7yXa8eBOA6WWCtTLc+8=
Subject key identifier: 28:64:61:93:E2:87:34:91:74:D7:C3:82:23:E7:67:1F:0C:97:5E:29
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 018E523E66FE84214013F67009502AFAAD26
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/KGRhk-KHNJF018OCI-dnHwyXXik.roa
Signing time: Mon 18 Mar 2024 15:46:45 +0000
ROA not before: Mon 18 Mar 2024 15:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 45.81.212.0/22 maxlen: 22
77.81.49.0/24 maxlen: 24
83.172.137.0/24 maxlen: 24
83.172.154.0/23 maxlen: 23
83.172.156.0/23 maxlen: 23
83.172.166.0/23 maxlen: 23
83.172.170.0/23 maxlen: 23
83.172.184.0/23 maxlen: 23
83.172.187.0/24 maxlen: 24
83.172.191.0/24 maxlen: 24
89.37.107.0/24 maxlen: 24
93.114.176.0/22 maxlen: 22
94.177.28.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
130.93.0.0/17 maxlen: 17
130.93.128.0/18 maxlen: 22
185.9.248.0/22 maxlen: 22
185.12.0.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
185.122.160.0/22 maxlen: 22
185.133.128.0/22 maxlen: 22
185.137.72.0/22 maxlen: 22
185.153.172.0/22 maxlen: 22
193.84.89.0/24 maxlen: 24
195.68.224.0/22 maxlen: 22
2a02:ec00::/29 maxlen: 29
2a0e:4180::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Apr 2024 14:42:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:3e:66:fe:84:21:40:13:f6:70:09:50:2a:fa:ad:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Mar 18 15:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28646193e287349174d7c38223e7671f0c975e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:86:5b:cd:42:ff:28:c7:06:c6:04:0e:06:08:
cf:76:64:3e:01:43:44:f4:6b:a9:97:8f:96:95:22:
ae:c2:18:1d:d0:7b:8a:f3:6c:e0:6d:f7:42:27:e5:
a8:b9:67:ec:18:66:11:b5:d3:1e:a8:13:8e:2f:24:
01:d7:63:95:f6:18:9a:83:12:38:49:71:63:71:e9:
50:4b:61:f8:10:4a:61:50:26:4a:9a:3b:be:86:0c:
78:f0:6f:f8:45:4e:58:21:da:8f:11:7d:2c:bf:52:
6d:95:df:a1:86:c5:df:c6:4c:77:dc:62:93:ed:19:
b8:65:ef:90:54:09:54:ca:9a:80:fc:9e:32:90:ce:
0e:9d:0c:52:d6:06:0a:9e:ff:0f:4a:a7:c1:73:fa:
0f:eb:b4:bb:5f:be:f1:96:75:01:59:88:a4:b1:ce:
25:51:d4:3e:26:29:eb:1d:aa:01:1a:85:5c:57:2d:
68:a5:79:2d:e3:20:cc:c9:7e:ac:4e:53:a2:f2:ec:
e0:70:7a:2d:7a:18:03:03:15:9e:d8:14:c8:af:32:
0b:25:d2:2b:50:1a:61:5e:59:b6:54:cf:10:8b:73:
59:4a:ef:97:49:48:d3:ab:b8:2f:8d:87:aa:ae:e4:
a3:69:7e:63:2c:a8:5f:1a:80:70:0e:02:03:be:58:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:64:61:93:E2:87:34:91:74:D7:C3:82:23:E7:67:1F:0C:97:5E:29
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/KGRhk-KHNJF018OCI-dnHwyXXik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.212.0/22
77.81.49.0/24
83.172.137.0/24
83.172.154.0-83.172.157.255
83.172.166.0/23
83.172.170.0/23
83.172.184.0/23
83.172.187.0/24
83.172.191.0/24
89.37.107.0/24
93.114.176.0/22
94.177.28.0/24
94.177.144.0/24
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
185.153.172.0/22
193.84.89.0/24
195.68.224.0/22
IPv6:
2a02:ec00::/29
2a0e:4180::/29
Signature Algorithm: sha256WithRSAEncryption
a9:ae:b7:f0:20:cc:ad:9d:d3:bc:9a:e7:7f:4c:ae:40:09:c5:
ba:39:37:09:18:d4:e2:59:3a:22:d4:09:15:9e:f6:40:78:59:
67:00:01:d7:9a:de:c3:c3:be:11:c7:ce:d8:eb:b7:e3:57:a4:
4d:8b:b8:7f:b0:1b:b9:eb:2d:e2:fc:26:64:4c:69:b3:73:18:
7c:b4:8e:c5:96:6a:1c:ab:64:82:cd:40:cb:0e:fa:24:39:5b:
7e:fb:78:58:7f:6d:8e:c5:c2:66:00:34:55:50:76:a4:90:08:
b1:81:b0:51:1f:03:e4:0c:5f:ec:e0:0f:b8:c0:78:3f:b6:db:
b5:ce:50:f7:a6:9d:9c:96:e8:51:67:f9:fd:1c:fc:53:81:26:
4c:45:4e:6e:bf:10:1a:50:cc:c0:7f:98:84:cd:21:e4:3c:e9:
1f:48:30:79:2a:03:92:4b:b9:ca:12:a8:1f:3b:1c:32:d0:21:
5c:c8:5d:dd:84:ac:e7:9b:99:ad:35:5b:61:9f:df:c7:9e:1b:
06:ee:44:ea:a7:4b:c5:8f:e4:52:18:e5:07:e8:d9:96:b7:5a:
a3:e7:43:a7:11:ed:40:2e:c2:18:ff:25:67:5a:d8:30:bc:33:
eb:c5:43:18:60:ae:8c:64:d2:d5:eb:bc:86:60:d0:f9:66:8d:
1a:43:ed:1b
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAY5SPmb+hCFAE/ZwCVAq+q0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw
NjcyMDgwHhcNMjQwMzE4MTU0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY0NjE5M2UyODczNDkxNzRkN2MzODIyM2U3NjcxZjBjOTc1ZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoZbzUL/KMcGxgQOBgjPdmQ+AUNE
9Gupl4+WlSKuwhgd0HuK82zgbfdCJ+WouWfsGGYRtdMeqBOOLyQB12OV9hiagxI4
SXFjcelQS2H4EEphUCZKmju+hgx48G/4RU5YIdqPEX0sv1Jtld+hhsXfxkx33GKT
7Rm4Ze+QVAlUypqA/J4ykM4OnQxS1gYKnv8PSqfBc/oP67S7X77xlnUBWYiksc4l
UdQ+JinrHaoBGoVcVy1opXkt4yDMyX6sTlOi8uzgcHotehgDAxWe2BTIrzILJdIr
UBphXlm2VM8Qi3NZSu+XSUjTq7gvjYeqruSjaX5jLKhfGoBwDgIDvliIeQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFChkYZPihzSRdNfDgiPnZx8Ml14pMB8GA1UdIwQY
MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt
YmM1NGIxMjExYjYwLzEvS0dSaGstS0hOSkYwMThPQ0ktZG5Id3lYWGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw
LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBoAQCAAEwgZkDBAIt
UdQDBABNUTEDBABTrIkwDAMEAVOsmgMEAVOsnAMEAVOspgMEAVOsqgMEAVOsuAME
AFOsuwMEAFOsvwMEAFklawMEAl1ysAMEAF6xHAMEAF6xkDALAwMAgl0DBAaCXYAD
BAK5CfgDBAK5DAADBAK5eLADBAK5eqADBAK5hYADBAK5iUgDBAK5mawDBADBVFkD
BALDROAwFAQCAAIwDgMFAyoC7AADBQMqDkGAMA0GCSqGSIb3DQEBCwUAA4IBAQCp
rrfwIMytndO8mud/TK5ACcW6OTcJGNTiWToi1AkVnvZAeFlnAAHXmt7Dw74Rx87Y
67fjV6RNi7h/sBu56y3i/CZkTGmzcxh8tI7Flmocq2SCzUDLDvokOVt++3hYf22O
xcJmADRVUHakkAixgbBRHwPkDF/s4A+4wHg/ttu1zlD3pp2cluhRZ/n9HPxTgSZM
RU5uvxAaUMzAf5iEzSHkPOkfSDB5KgOSS7nKEqgfOxwy0CFcyF3dhKznm5mtNVth
n9/HnhsG7kTqp0vFj+RSGOUH6NmWt1qj50OnEe1ALsIY/yVnWtgwvDPrxUMYYK6M
ZNLV67yGYND5Zo0aQ+0b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:06 2024 by rpki-client on console-fra.rpki-client.org