Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/KB35v30VoqTdIYpPgF9u2RGFiSw.roa
File: KB35v30VoqTdIYpPgF9u2RGFiSw.roa (raw, json)
Hash identifier: 8hifMz179f05WFOx20LgXRQfryZs4nI+eivecY9f1Zg=
Subject key identifier: 28:1D:F9:BF:7D:15:A2:A4:DD:21:8A:4F:80:5F:6E:D9:11:85:89:2C
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018E0D4E070220D4E8B471A6C91AF808FCB3
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/KB35v30VoqTdIYpPgF9u2RGFiSw.roa
Signing time: Tue 05 Mar 2024 06:30:01 +0000
ROA not before: Tue 05 Mar 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31257
IP address blocks: 80.65.16.0/20 maxlen: 24
94.73.192.0/18 maxlen: 24
109.226.192.0/18 maxlen: 24
171.33.248.0/21 maxlen: 24
185.84.172.0/23 maxlen: 23
185.84.172.0/24 maxlen: 24
185.84.173.0/24 maxlen: 24
2a05:7400::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 05 Mar 2024 08:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:4e:07:02:20:d4:e8:b4:71:a6:c9:1a:f8:08:fc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Mar 5 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=281df9bf7d15a2a4dd218a4f805f6ed91185892c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:83:c3:6d:d7:94:24:32:d4:5f:a5:50:a0:61:
df:0f:45:1d:cc:c1:db:b6:1a:71:7b:b9:7d:4c:7e:
b5:3a:89:86:f1:23:8c:80:a2:92:65:08:83:1e:fe:
9a:5a:96:ea:24:96:32:56:08:14:cd:2f:18:ac:c9:
92:a6:45:11:e6:00:39:89:78:f6:19:40:76:7a:6b:
80:5a:43:2d:04:0a:f3:60:b6:d4:3b:79:a9:eb:97:
7f:7e:1a:54:76:cb:8c:d2:9e:50:0e:92:e6:6c:31:
e1:23:a1:b5:26:64:f4:8f:6a:08:f9:c7:00:0c:49:
14:2f:45:85:04:3c:a2:e3:65:ac:c3:b4:e7:99:06:
d1:e1:96:f8:8c:07:41:03:15:a7:2f:25:f8:84:70:
9c:3c:b5:03:d5:a7:86:0c:23:88:2a:cb:5f:e5:11:
65:3a:06:f2:6d:8e:52:9b:33:d2:ee:b4:60:a6:13:
32:eb:3a:f6:23:fa:40:65:08:cd:86:68:eb:bf:92:
e0:8a:c6:77:2c:b9:22:58:6a:c5:af:77:c2:2d:89:
66:94:ac:6a:95:1a:65:6a:f2:e6:ef:9b:23:e8:0f:
f6:9a:71:88:05:04:46:05:34:27:35:8c:14:58:7d:
f1:2d:a1:08:14:87:b4:97:22:d5:a8:33:65:d8:bd:
c8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1D:F9:BF:7D:15:A2:A4:DD:21:8A:4F:80:5F:6E:D9:11:85:89:2C
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/KB35v30VoqTdIYpPgF9u2RGFiSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.16.0/20
94.73.192.0/18
109.226.192.0/18
171.33.248.0/21
185.84.172.0/23
IPv6:
2a05:7400::/34
Signature Algorithm: sha256WithRSAEncryption
76:ad:20:3b:9a:ff:cd:b6:ba:b7:b1:a1:68:a9:90:e5:2d:a0:
a7:08:92:24:ed:14:e8:14:62:77:10:d2:b4:76:ad:7c:63:e4:
65:8b:3d:34:89:f4:7f:80:b0:ec:08:02:1d:f9:f9:ff:55:e0:
46:1e:00:63:a3:98:84:85:3e:cc:fc:36:cd:58:aa:5c:d6:e0:
d6:40:dd:55:1f:b9:15:64:d5:44:f3:e6:3e:a9:ff:b6:fa:ae:
7c:45:17:98:6a:33:d4:17:aa:51:cd:db:9b:e5:45:10:34:99:
df:71:ab:4c:a0:38:26:99:08:d6:55:69:cd:97:58:8c:54:33:
18:ed:a4:3e:60:4d:64:5c:62:38:9b:44:6d:79:de:fb:2f:8a:
6f:9c:ba:aa:07:b2:20:2f:94:1e:f6:10:90:d1:75:5e:2c:80:
bf:22:12:46:1b:3a:4b:6d:02:6c:d1:dc:d1:ae:40:3e:5f:b2:
f0:c7:7b:7f:8d:e9:e1:25:a1:1f:71:d8:d5:02:38:bd:4a:b7:
3b:d9:57:48:55:6f:4a:19:89:4c:f9:56:d4:32:bd:dc:ba:59:
df:80:19:a5:1b:b4:98:c2:59:d1:d1:c1:b0:ab:05:9c:a9:0a:
f7:48:a0:58:e3:54:5a:d2:53:4e:e6:a7:2e:48:31:03:ea:75:
27:97:77:11
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY4NTgcCINTotHGmyRr4CPyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMzA1MDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFkZjliZjdkMTVhMmE0ZGQyMThhNGY4MDVmNmVkOTExODU4OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4PDbdeUJDLUX6VQoGHfD0UdzMHb
thpxe7l9TH61OomG8SOMgKKSZQiDHv6aWpbqJJYyVggUzS8YrMmSpkUR5gA5iXj2
GUB2emuAWkMtBArzYLbUO3mp65d/fhpUdsuM0p5QDpLmbDHhI6G1JmT0j2oI+ccA
DEkUL0WFBDyi42Wsw7TnmQbR4Zb4jAdBAxWnLyX4hHCcPLUD1aeGDCOIKstf5RFl
OgbybY5SmzPS7rRgphMy6zr2I/pAZQjNhmjrv5LgisZ3LLkiWGrFr3fCLYlmlKxq
lRplavLm75sj6A/2mnGIBQRGBTQnNYwUWH3xLaEIFIe0lyLVqDNl2L3IHQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCgd+b99FaKk3SGKT4BfbtkRhYksMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvS0IzNXYzMFZvcVRkSVlwUGdGOXUyUkdGaVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQEUEEQAwQG
XknAAwQGbeLAAwQDqyH4AwQBuVSsMA4EAgACMAgDBgYqBXQAADANBgkqhkiG9w0B
AQsFAAOCAQEAdq0gO5r/zba6t7GhaKmQ5S2gpwiSJO0U6BRidxDStHatfGPkZYs9
NIn0f4Cw7AgCHfn5/1XgRh4AY6OYhIU+zPw2zViqXNbg1kDdVR+5FWTVRPPmPqn/
tvqufEUXmGoz1BeqUc3bm+VFEDSZ33GrTKA4JpkI1lVpzZdYjFQzGO2kPmBNZFxi
OJtEbXne+y+Kb5y6qgeyIC+UHvYQkNF1XiyAvyISRhs6S20CbNHc0a5APl+y8Md7
f43p4SWhH3HY1QI4vUq3O9lXSFVvShmJTPlW1DK93LpZ34AZpRu0mMJZ0dHBsKsF
nKkK90igWONUWtJTTuanLkgxA+p1J5d3EQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:04 2025 by rpki-client