Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/KpanDj4GA0VdxwQeaYZ1vGpq6KA.roa
File: KpanDj4GA0VdxwQeaYZ1vGpq6KA.roa (raw, json)
Hash identifier: cRKsvUssV2sylfx06ifEPHk1cqtDxscBXaGqkpYi3G4=
Subject key identifier: 2A:96:A7:0E:3E:06:03:45:5D:C7:04:1E:69:86:75:BC:6A:6A:E8:A0
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 018CC5DD12916303496843E87035E43B106E
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/KpanDj4GA0VdxwQeaYZ1vGpq6KA.roa
Signing time: Mon 01 Jan 2024 16:30:48 +0000
ROA not before: Mon 01 Jan 2024 16:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209275
IP address blocks: 88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 30 Apr 2024 12:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:12:91:63:03:49:68:43:e8:70:35:e4:3b:10:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: Jan 1 16:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a96a70e3e0603455dc7041e698675bc6a6ae8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:64:72:f9:5a:75:79:ec:2e:95:9c:3b:07:c8:
79:1c:27:8b:5b:eb:d3:33:05:60:5f:92:7f:98:2d:
eb:97:78:fe:1c:7d:4c:95:80:80:b5:2c:1c:d5:ec:
84:e9:47:ac:a1:a0:bd:91:c7:c8:93:ed:52:08:14:
a9:9f:d0:fb:9a:48:3f:01:e3:39:18:eb:08:64:c2:
d8:34:29:b1:9f:7f:05:13:24:5e:7d:a2:1c:a3:f0:
19:33:36:e5:73:e0:0f:9e:bf:79:72:ef:82:b6:d1:
dc:21:c3:05:fd:35:39:97:10:c6:f0:2b:03:a0:de:
9a:64:3e:e5:38:2e:44:ee:55:ad:da:50:39:de:dd:
c8:e3:71:cc:48:59:c6:ba:1c:26:8b:84:da:3c:c3:
fa:8a:a0:28:b3:84:35:a0:d6:4f:c3:03:a7:85:24:
07:6e:ac:75:fb:f2:78:28:47:ba:7a:f1:bb:5d:e1:
07:9c:69:ed:d7:5e:fe:e0:30:c0:90:c1:67:fd:20:
f5:a9:8d:e8:a8:c8:04:a5:d1:fd:4b:79:74:14:88:
12:ed:c3:53:b4:65:ad:1f:85:44:9b:d4:9d:e1:3a:
82:bf:26:1a:da:06:8d:ab:d6:5c:27:cc:d6:bd:05:
92:ba:af:3f:7f:bf:98:2f:08:0b:fb:7a:61:03:63:
be:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:96:A7:0E:3E:06:03:45:5D:C7:04:1E:69:86:75:BC:6A:6A:E8:A0
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/KpanDj4GA0VdxwQeaYZ1vGpq6KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
8d:92:e3:8f:bd:60:ea:53:05:91:54:c5:66:d2:63:7e:a7:4c:
68:3f:e5:51:80:55:9d:50:85:ee:c1:f1:12:70:06:1d:08:2c:
61:bb:20:ef:73:4a:d2:71:7c:d6:c2:73:44:04:00:62:23:a8:
ef:a4:4c:eb:64:44:5a:ef:2e:75:7d:ec:5f:06:d8:bf:52:e8:
71:d7:5c:6f:91:b1:81:20:0f:c3:22:5c:46:0b:f4:1e:55:97:
60:cb:d3:b7:ca:70:dc:42:b5:1e:3c:15:a1:88:49:0a:00:f7:
23:27:8f:f1:b6:9d:8f:92:9a:4e:5e:b5:18:bd:2a:ae:2c:d8:
f9:17:2d:bd:99:f1:af:90:a1:85:59:c5:38:f8:40:f0:e0:1d:
a0:04:6f:18:11:fe:7c:68:9f:cc:8c:81:0e:65:82:00:48:7d:
6e:c2:48:91:9c:64:45:7d:22:f4:94:7a:31:a8:52:7d:d4:75:
4c:91:eb:35:9d:98:40:e0:3f:e8:a2:c8:22:5c:5e:3a:c3:23:
2d:e9:5e:64:99:d9:41:f6:08:aa:2e:af:3a:c6:a6:ad:78:67:
bb:fe:20:2c:c5:06:c7:bb:cc:31:17:f1:e1:30:8c:50:59:2a:
25:54:1f:e7:cb:19:81:ec:68:fc:d2:cd:01:ce:e2:4e:bc:c3:
a0:29:2b:fd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3RKRYwNJaEPocDXkOxBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjQwMTAxMTYzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk2YTcwZTNlMDYwMzQ1NWRjNzA0MWU2OTg2NzViYzZhNmFlOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWRy+Vp1eewulZw7B8h5HCeLW+vT
MwVgX5J/mC3rl3j+HH1MlYCAtSwc1eyE6UesoaC9kcfIk+1SCBSpn9D7mkg/AeM5
GOsIZMLYNCmxn38FEyRefaIco/AZMzblc+APnr95cu+CttHcIcMF/TU5lxDG8CsD
oN6aZD7lOC5E7lWt2lA53t3I43HMSFnGuhwmi4TaPMP6iqAos4Q1oNZPwwOnhSQH
bqx1+/J4KEe6evG7XeEHnGnt117+4DDAkMFn/SD1qY3oqMgEpdH9S3l0FIgS7cNT
tGWtH4VEm9Sd4TqCvyYa2gaNq9ZcJ8zWvQWSuq8/f7+YLwgL+3phA2O+iwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCqWpw4+BgNFXccEHmmGdbxqauigMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvS3BhbkRqNEdBMFZkeHdRZWFZWjF2R3BxNktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWNYoAwQA
WNYqAwQAueHGMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQCNkuOP
vWDqUwWRVMVm0mN+p0xoP+VRgFWdUIXuwfEScAYdCCxhuyDvc0rScXzWwnNEBABi
I6jvpEzrZERa7y51fexfBti/Uuhx11xvkbGBIA/DIlxGC/QeVZdgy9O3ynDcQrUe
PBWhiEkKAPcjJ4/xtp2PkppOXrUYvSquLNj5Fy29mfGvkKGFWcU4+EDw4B2gBG8Y
Ef58aJ/MjIEOZYIASH1uwkiRnGRFfSL0lHoxqFJ91HVMkes1nZhA4D/oosgiXF46
wyMt6V5kmdlB9giqLq86xqateGe7/iAsxQbHu8wxF/HhMIxQWSolVB/nyxmB7Gj8
0s0BzuJOvMOgKSv9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org