Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/KfyPEmRJNhDUiBG0n7vsrWx4WMA.roa
File: KfyPEmRJNhDUiBG0n7vsrWx4WMA.roa (raw, json)
Hash identifier: W9qPbm9ogM9wN0wRMfS9HcB9PSZ0AAiTgbIasfX55Qg=
Subject key identifier: 29:FC:8F:12:64:49:36:10:D4:88:11:B4:9F:BB:EC:AD:6C:78:58:C0
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 018E7CF74BBF26907A7F5E941EA46EC197A2
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/KfyPEmRJNhDUiBG0n7vsrWx4WMA.roa
Signing time: Tue 26 Mar 2024 22:52:45 +0000
ROA not before: Tue 26 Mar 2024 22:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216129
IP address blocks: 107.161.154.0/24 maxlen: 24
199.83.103.0/24 maxlen: 24
202.181.148.0/24 maxlen: 24
202.181.188.0/24 maxlen: 24
2a13:d200::/29 maxlen: 29
2a13:d200:6::/48 maxlen: 48
2a13:d200:7::/48 maxlen: 48
2a13:d200:8::/48 maxlen: 48
2a13:d200:9::/48 maxlen: 48
2a13:d200:10::/48 maxlen: 48
2a13:d200:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Mar 2024 11:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:f7:4b:bf:26:90:7a:7f:5e:94:1e:a4:6e:c1:97:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Mar 26 22:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29fc8f1264493610d48811b49fbbecad6c7858c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:9f:a4:53:66:75:cf:2a:8c:7d:ca:7d:45:
75:b5:90:7f:8b:ea:95:9c:85:9d:6f:58:13:22:28:
83:8f:57:91:03:8a:b0:1a:0b:c2:70:78:c6:77:45:
93:51:82:48:cc:6c:cf:9a:ff:81:95:48:db:93:45:
9e:8c:4d:e4:f5:15:5a:3e:e8:59:47:15:93:a6:db:
d8:2a:fa:11:34:05:c3:53:0e:0c:4b:8e:b9:9c:1f:
9d:e1:62:db:35:fb:95:c2:67:b9:f2:61:62:e8:ec:
3e:52:30:84:6b:98:dc:42:06:dc:43:c1:62:10:36:
8b:1a:67:58:1c:84:2d:fa:be:d4:37:84:c0:88:2d:
a4:c6:e0:4a:d3:4e:8c:e9:2f:bc:dc:13:41:c9:cc:
07:20:ed:f6:b0:b3:a4:f0:4d:e8:a9:4b:cc:ed:b4:
4e:4d:dd:e1:08:4b:8c:c7:bd:aa:94:6b:35:b2:b6:
bb:33:98:d5:a7:32:fe:15:aa:3d:64:e7:95:07:37:
1e:19:a6:b7:73:c7:15:d3:c9:a4:18:da:52:6e:2b:
ed:6a:5e:1b:80:78:49:4a:b2:8d:1a:b2:bf:7a:20:
aa:b1:51:ac:2e:fc:fc:8a:bb:a0:84:94:28:84:59:
63:03:87:09:f3:e3:9e:ea:01:1e:27:ed:16:ee:ae:
cd:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FC:8F:12:64:49:36:10:D4:88:11:B4:9F:BB:EC:AD:6C:78:58:C0
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/KfyPEmRJNhDUiBG0n7vsrWx4WMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.154.0/24
199.83.103.0/24
202.181.148.0/24
202.181.188.0/24
IPv6:
2a13:d200::/29
Signature Algorithm: sha256WithRSAEncryption
97:b8:61:50:06:8a:82:09:73:a5:60:d3:ec:a3:a2:37:68:09:
c5:fb:4a:b2:d6:54:57:76:f4:4b:e8:f1:f5:af:23:8d:ae:c5:
03:9f:34:1a:7d:42:60:ce:83:18:fb:22:9f:58:fc:64:26:14:
fe:d7:5d:f5:1e:e1:b2:82:26:3e:b2:a5:da:42:07:74:c4:39:
d3:c9:49:97:52:99:ad:89:bb:94:72:10:b8:d4:4a:2e:7b:27:
02:27:42:99:a1:1a:df:31:2e:06:62:39:19:40:9a:66:f1:da:
d5:83:76:47:2a:1e:2e:22:f8:c7:32:24:dd:8f:69:8a:f2:a1:
76:66:6f:88:1f:06:36:e0:c1:ae:66:7d:a4:5e:55:42:6c:47:
91:c9:62:50:13:14:6f:06:18:a9:7f:0a:2b:97:c6:59:5a:0a:
a8:04:84:c4:b9:12:a4:3d:de:21:8c:9f:3e:0f:ab:58:de:05:
51:16:12:1c:4d:ff:50:97:16:6e:70:8b:70:71:e5:e0:22:6b:
28:fb:71:13:81:ab:72:d5:29:02:f0:18:ae:7f:1a:ed:60:4b:
94:d1:d8:c8:b0:be:ed:60:e1:31:f8:e3:cc:33:49:f5:38:b8:
f6:cd:92:9d:6f:0e:19:6f:2b:75:a8:b4:c2:28:f6:4f:15:a8:
4a:d4:be:b5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY5890u/JpB6f16UHqRuwZeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjQwMzI2MjI1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWZjOGYxMjY0NDkzNjEwZDQ4ODExYjQ5ZmJiZWNhZDZjNzg1OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI+fpFNmdc8qjH3KfUV1tZB/i+qV
nIWdb1gTIiiDj1eRA4qwGgvCcHjGd0WTUYJIzGzPmv+BlUjbk0WejE3k9RVaPuhZ
RxWTptvYKvoRNAXDUw4MS465nB+d4WLbNfuVwme58mFi6Ow+UjCEa5jcQgbcQ8Fi
EDaLGmdYHIQt+r7UN4TAiC2kxuBK006M6S+83BNBycwHIO32sLOk8E3oqUvM7bRO
Td3hCEuMx72qlGs1sra7M5jVpzL+Fao9ZOeVBzceGaa3c8cV08mkGNpSbivtal4b
gHhJSrKNGrK/eiCqsVGsLvz8irughJQohFljA4cJ8+Oe6gEeJ+0W7q7N4wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCn8jxJkSTYQ1IgRtJ+77K1seFjAMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvS2Z5UEVtUkpOaERVaUJHMG43dnNyV3g0V01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAa6GaAwQA
x1NnAwQAyrWUAwQAyrW8MA0EAgACMAcDBQMqE9IAMA0GCSqGSIb3DQEBCwUAA4IB
AQCXuGFQBoqCCXOlYNPso6I3aAnF+0qy1lRXdvRL6PH1ryONrsUDnzQafUJgzoMY
+yKfWPxkJhT+1131HuGygiY+sqXaQgd0xDnTyUmXUpmtibuUchC41EoueycCJ0KZ
oRrfMS4GYjkZQJpm8drVg3ZHKh4uIvjHMiTdj2mK8qF2Zm+IHwY24MGuZn2kXlVC
bEeRyWJQExRvBhipfworl8ZZWgqoBITEuRKkPd4hjJ8+D6tY3gVRFhIcTf9QlxZu
cItwceXgImso+3ETgaty1SkC8BiufxrtYEuU0djIsL7tYOEx+OPMM0n1OLj2zZKd
bw4Zbyt1qLTCKPZPFahK1L61
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:03:41 2024 by rpki-client on console-fra.rpki-client.org