Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/KMECX7sscWsNoFrDmLmmjzcVPfQ.roa
File: KMECX7sscWsNoFrDmLmmjzcVPfQ.roa (raw, json)
Hash identifier: KwSDH2yzQmLX+cw0NtWEdrXIqyXriPLCy4QaZRLWYSg=
Subject key identifier: 28:C1:02:5F:BB:2C:71:6B:0D:A0:5A:C3:98:B9:A6:8F:37:15:3D:F4
Certificate issuer: /CN=ab6da834b32cb12c4bdae33f672f348d983f3176
Certificate serial: 018CC2DAD61595684FE4350B0FFB03630317
Authority key identifier: AB:6D:A8:34:B3:2C:B1:2C:4B:DA:E3:3F:67:2F:34:8D:98:3F:31:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q22oNLMssSxL2uM_Zy80jZg_MXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/KMECX7sscWsNoFrDmLmmjzcVPfQ.roa
Signing time: Mon 01 Jan 2024 02:29:30 +0000
ROA not before: Mon 01 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28967
IP address blocks: 195.39.225.0/24 maxlen: 24
195.39.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d6:15:95:68:4f:e4:35:0b:0f:fb:03:63:03:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6da834b32cb12c4bdae33f672f348d983f3176
Validity
Not Before: Jan 1 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28c1025fbb2c716b0da05ac398b9a68f37153df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5b:2c:ed:d0:66:53:a4:dc:fe:60:31:0d:eb:
9f:13:e8:bf:be:70:bd:d5:40:e5:85:11:41:ae:10:
a3:0e:96:6d:63:fd:39:1f:4b:03:54:da:03:35:13:
dc:f4:0e:b2:8d:17:17:0c:a4:b5:69:59:83:4c:2c:
11:2f:59:63:19:f0:e0:9d:90:fe:f5:5d:52:02:47:
a3:e4:8a:c1:c6:3c:90:76:b9:6f:48:38:ff:5a:bc:
5a:07:c8:91:84:85:bc:1d:34:64:f1:15:bd:85:99:
70:6c:82:a6:f8:79:01:15:7f:b8:bc:33:5f:b7:ef:
63:06:15:64:76:98:75:6b:c7:1a:d6:96:4e:bd:ae:
4d:a0:be:3a:4d:5b:37:80:17:09:0d:9a:97:44:77:
f0:9f:1e:0d:9d:39:4c:c2:35:7b:ef:df:64:9c:4c:
d0:14:68:f8:1d:7b:5e:34:13:7f:8f:e9:38:bb:ec:
07:f9:39:27:31:11:c1:1d:d1:90:74:1d:e2:7d:89:
ea:bb:19:31:6b:e2:28:a6:5f:12:7a:d4:15:de:68:
ad:7b:d5:1d:0a:06:2b:fa:d5:8d:fa:12:73:df:57:
50:85:f1:0d:43:59:f3:c3:8c:27:34:5a:0e:9a:f1:
1b:67:c5:ca:3f:82:47:36:5a:70:37:5a:6a:89:d7:
96:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C1:02:5F:BB:2C:71:6B:0D:A0:5A:C3:98:B9:A6:8F:37:15:3D:F4
X509v3 Authority Key Identifier:
keyid:AB:6D:A8:34:B3:2C:B1:2C:4B:DA:E3:3F:67:2F:34:8D:98:3F:31:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q22oNLMssSxL2uM_Zy80jZg_MXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/KMECX7sscWsNoFrDmLmmjzcVPfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/q22oNLMssSxL2uM_Zy80jZg_MXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.39.224.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:3f:cf:87:3d:05:b8:3d:bc:cd:59:35:85:27:bb:85:6f:37:
d1:93:75:fc:85:d7:fd:9b:99:3a:5f:56:60:91:e3:28:d0:19:
2d:1d:9d:04:e3:1b:e3:ea:77:c4:d8:31:0f:c9:02:f8:72:69:
5b:d0:68:48:4d:0f:9f:c2:15:fc:8f:65:5e:e5:ec:31:a5:6f:
41:e2:08:3a:d5:3c:94:f5:3b:0c:bd:5b:d1:f7:6e:47:4a:c5:
de:75:4a:1f:b0:50:20:17:1f:4d:50:93:85:ab:a8:58:40:7f:
80:43:ed:0f:07:c8:78:96:0c:09:32:8f:ea:05:1f:31:54:70:
16:3e:0f:c7:c5:7c:54:ff:07:57:ac:30:ab:84:83:86:83:4c:
03:97:dc:82:54:04:cb:fc:80:fd:33:a8:a5:cd:e9:08:5f:d5:
9e:91:16:a8:2d:e6:31:88:a4:c9:2e:17:0f:f7:a2:99:b8:fd:
cb:01:c8:3a:74:82:f9:50:a4:b1:eb:c0:f6:04:21:6f:e3:9a:
ec:7c:b8:d3:d0:83:cb:77:48:b3:a3:94:d3:ba:0a:ce:0f:c7:
bc:33:a5:3a:a1:76:68:6b:46:e8:ad:12:83:96:d1:d5:d9:02:
2a:dd:db:f7:b6:ed:09:94:a4:da:ce:24:47:1a:a8:8a:36:ea:
c0:d7:c5:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2tYVlWhP5DULD/sDYwMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmRhODM0YjMyY2IxMmM0YmRhZTMzZjY3MmYzNDhkOTgz
ZjMxNzYwHhcNMjQwMTAxMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMxMDI1ZmJiMmM3MTZiMGRhMDVhYzM5OGI5YTY4ZjM3MTUzZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklss7dBmU6Tc/mAxDeufE+i/vnC9
1UDlhRFBrhCjDpZtY/05H0sDVNoDNRPc9A6yjRcXDKS1aVmDTCwRL1ljGfDgnZD+
9V1SAkej5IrBxjyQdrlvSDj/WrxaB8iRhIW8HTRk8RW9hZlwbIKm+HkBFX+4vDNf
t+9jBhVkdph1a8ca1pZOva5NoL46TVs3gBcJDZqXRHfwnx4NnTlMwjV7799knEzQ
FGj4HXteNBN/j+k4u+wH+TknMRHBHdGQdB3ifYnquxkxa+Iopl8SetQV3mite9Ud
CgYr+tWN+hJz31dQhfENQ1nzw4wnNFoOmvEbZ8XKP4JHNlpwN1pqideWjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjBAl+7LHFrDaBaw5i5po83FT30MB8GA1UdIwQY
MBaAFKttqDSzLLEsS9rjP2cvNI2YPzF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTIyb05MTXNzU3hMMnVNX1p5ODBqWmdfTVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wZWM3YTctMGFiYy00ZmY5LTk5NTgt
NTg2N2NhNzc4OTdlLzEvS01FQ1g3c3NjV3NOb0ZyRG1MbW1qemNWUGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wZWM3YTctMGFiYy00ZmY5LTk5NTgtNTg2N2NhNzc4OTdl
LzEvcTIyb05MTXNzU3hMMnVNX1p5ODBqWmdfTVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyfgMA0G
CSqGSIb3DQEBCwUAA4IBAQBvP8+HPQW4PbzNWTWFJ7uFbzfRk3X8hdf9m5k6X1Zg
keMo0BktHZ0E4xvj6nfE2DEPyQL4cmlb0GhITQ+fwhX8j2Ve5ewxpW9B4gg61TyU
9TsMvVvR925HSsXedUofsFAgFx9NUJOFq6hYQH+AQ+0PB8h4lgwJMo/qBR8xVHAW
Pg/HxXxU/wdXrDCrhIOGg0wDl9yCVATL/ID9M6ilzekIX9WekRaoLeYxiKTJLhcP
96KZuP3LAcg6dIL5UKSx68D2BCFv45rsfLjT0IPLd0izo5TTugrOD8e8M6U6oXZo
a0borRKDltHV2QIq3dv3tu0JlKTaziRHGqiKNurA18X+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:49 2025 by rpki-client