Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/KEyB-HVI157VoKBalK4fvu5V3-A.roa
File: KEyB-HVI157VoKBalK4fvu5V3-A.roa (raw, json)
Hash identifier: ii7mA0zoqOIEG70OYoqWMNW13y8ccZzGSvBDWz+s1GA=
Subject key identifier: 28:4C:81:F8:75:48:D7:9E:D5:A0:A0:5A:94:AE:1F:BE:EE:55:DF:E0
Certificate issuer: /CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Certificate serial: 018DC5DAB018947DF5F1E934E540093416C0
Authority key identifier: F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/KEyB-HVI157VoKBalK4fvu5V3-A.roa
Signing time: Tue 20 Feb 2024 09:30:59 +0000
ROA not before: Tue 20 Feb 2024 09:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39923
IP address blocks: 91.238.219.0/24 maxlen: 24
109.68.160.0/21 maxlen: 21
109.68.160.0/24 maxlen: 24
109.68.161.0/24 maxlen: 24
109.68.162.0/24 maxlen: 24
109.68.163.0/24 maxlen: 24
109.68.164.0/24 maxlen: 24
109.68.165.0/24 maxlen: 24
109.68.166.0/24 maxlen: 24
109.68.167.0/24 maxlen: 24
185.35.164.0/22 maxlen: 22
185.58.96.0/22 maxlen: 22
185.58.96.0/24 maxlen: 24
185.58.97.0/24 maxlen: 24
185.58.98.0/24 maxlen: 24
185.58.99.0/24 maxlen: 24
185.111.204.0/22 maxlen: 22
185.111.204.0/24 maxlen: 24
185.111.205.0/24 maxlen: 24
185.111.206.0/24 maxlen: 24
185.111.207.0/24 maxlen: 24
194.145.127.0/24 maxlen: 24
194.145.152.0/24 maxlen: 24
194.145.155.0/24 maxlen: 24
194.146.23.0/24 maxlen: 24
195.189.202.0/23 maxlen: 23
195.189.202.0/24 maxlen: 24
195.189.203.0/24 maxlen: 24
2a02:2a08::/32 maxlen: 32
2a04:6480::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 29 Mar 2024 08:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:da:b0:18:94:7d:f5:f1:e9:34:e5:40:09:34:16:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Validity
Not Before: Feb 20 09:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=284c81f87548d79ed5a0a05a94ae1fbeee55dfe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b7:06:29:31:c6:bc:18:84:e0:7e:e1:fc:68:
73:b0:ce:77:50:fb:bc:0f:ed:be:43:50:9a:a9:02:
6e:fb:21:d9:c3:f5:d7:66:d8:f2:84:2c:f7:b2:03:
1d:9b:6c:ae:cb:0f:1a:35:b8:b2:66:5b:b0:fe:e2:
48:04:bd:b0:70:af:22:2d:ca:f6:7d:b8:18:17:d6:
ba:7a:4f:79:45:9c:c8:58:bc:7e:1c:27:55:c2:87:
86:a9:1e:11:61:ac:dc:37:e3:16:72:aa:fd:61:35:
2c:46:26:13:e3:49:59:2c:7e:b5:56:8d:11:48:0b:
da:9a:2b:c0:72:e7:d2:e0:8c:16:af:03:b3:8b:34:
b6:6d:3d:6c:da:8f:3e:d7:71:d2:64:b3:ca:8b:11:
a1:41:d6:39:27:ec:15:17:bc:28:07:30:03:3a:92:
91:cd:60:e4:91:cf:46:0c:2f:49:51:a3:08:f0:b7:
53:18:f7:e6:4b:d0:23:d2:1e:62:45:eb:d6:83:65:
e8:b7:4d:36:d1:98:90:06:d4:ce:25:c2:ec:74:78:
1d:12:e4:85:36:bc:fa:3b:f0:32:c8:cc:c0:6b:6a:
16:72:a6:61:bb:25:92:23:c9:74:cb:76:67:8c:16:
29:e8:f1:77:56:69:f8:d8:5e:38:c0:2e:81:91:99:
43:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4C:81:F8:75:48:D7:9E:D5:A0:A0:5A:94:AE:1F:BE:EE:55:DF:E0
X509v3 Authority Key Identifier:
keyid:F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/KEyB-HVI157VoKBalK4fvu5V3-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/8Q057dsAjRuJ35dBlg2_IET2V_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.219.0/24
109.68.160.0/21
185.35.164.0/22
185.58.96.0/22
185.111.204.0/22
194.145.127.0/24
194.145.152.0/24
194.145.155.0/24
194.146.23.0/24
195.189.202.0/23
IPv6:
2a02:2a08::/32
2a04:6480::/29
Signature Algorithm: sha256WithRSAEncryption
11:a7:ec:57:3b:eb:45:7e:bf:77:54:d3:e3:e5:a2:03:7f:95:
ad:7b:98:95:3d:2e:8a:b2:cd:bf:e4:bb:ec:a6:63:b5:32:44:
55:a4:79:22:db:d0:9e:a9:98:b3:59:2c:1e:ea:a3:4b:a4:5d:
3b:9a:0a:b5:4c:4f:2a:1a:30:09:bf:e0:6c:d5:bd:f7:b1:ac:
f4:78:aa:76:78:07:1f:5f:94:b4:7c:f3:1e:ac:94:49:e3:e6:
42:ff:2e:8f:bb:bd:0f:72:ec:ea:15:f4:48:36:70:26:4a:fc:
a8:4b:85:36:21:1e:d0:54:a3:8e:54:63:ea:39:84:ab:fe:64:
13:24:4d:cb:86:c1:4b:8c:8f:da:d0:c6:9b:43:d2:6d:77:e0:
8b:d2:52:ba:ae:99:21:a5:ea:9d:3c:3d:15:64:e0:36:49:54:
31:16:a4:70:43:1e:a3:ea:fc:85:ff:35:50:21:1e:3e:21:16:
1e:b2:44:e3:7c:27:d0:c3:dd:ab:7a:67:6c:77:c7:99:44:ee:
83:9d:4f:05:ee:e2:1b:59:e7:aa:4e:3f:bd:9b:0b:65:7f:32:
10:90:de:bb:66:7d:8f:71:c2:b4:10:70:e8:72:c0:71:e2:b1:
e0:77:78:98:bd:c5:91:75:c2:3d:70:dd:74:f7:12:18:dd:55:
5c:df:bb:e9
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY3F2rAYlH318ek05UAJNBbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMGQzOWVkZGIwMDhkMWI4OWRmOTc0MTk2MGRiZjIwNDRm
NjU3ZmIwHhcNMjQwMjIwMDkzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODRjODFmODc1NDhkNzllZDVhMGEwNWE5NGFlMWZiZWVlNTVkZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLcGKTHGvBiE4H7h/GhzsM53UPu8
D+2+Q1CaqQJu+yHZw/XXZtjyhCz3sgMdm2yuyw8aNbiyZluw/uJIBL2wcK8iLcr2
fbgYF9a6ek95RZzIWLx+HCdVwoeGqR4RYazcN+MWcqr9YTUsRiYT40lZLH61Vo0R
SAvamivAcufS4IwWrwOzizS2bT1s2o8+13HSZLPKixGhQdY5J+wVF7woBzADOpKR
zWDkkc9GDC9JUaMI8LdTGPfmS9Aj0h5iRevWg2Xot0020ZiQBtTOJcLsdHgdEuSF
Nrz6O/AyyMzAa2oWcqZhuyWSI8l0y3ZnjBYp6PF3Vmn42F44wC6BkZlDgwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFChMgfh1SNee1aCgWpSuH77uVd/gMB8GA1UdIwQY
MBaAFPENOe3bAI0bid+XQZYNvyBE9lf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUt
ZjU2MmI4OTc0ZDhiLzEvS0V5Qi1IVkkxNTdWb0tCYWxLNGZ2dTVWMy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUtZjU2MmI4OTc0ZDhi
LzEvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQAW+7bAwQD
bUSgAwQCuSOkAwQCuTpgAwQCuW/MAwQAwpF/AwQAwpGYAwQAwpGbAwQAwpIXAwQB
w73KMBQEAgACMA4DBQAqAioIAwUDKgRkgDANBgkqhkiG9w0BAQsFAAOCAQEAEafs
VzvrRX6/d1TT4+WiA3+VrXuYlT0uirLNv+S77KZjtTJEVaR5ItvQnqmYs1ksHuqj
S6RdO5oKtUxPKhowCb/gbNW997Gs9HiqdngHH1+UtHzzHqyUSePmQv8uj7u9D3Ls
6hX0SDZwJkr8qEuFNiEe0FSjjlRj6jmEq/5kEyRNy4bBS4yP2tDGm0PSbXfgi9JS
uq6ZIaXqnTw9FWTgNklUMRakcEMeo+r8hf81UCEePiEWHrJE43wn0MPdq3pnbHfH
mUTug51PBe7iG1nnqk4/vZsLZX8yEJDeu2Z9j3HCtBBw6HLAceKx4Hd4mL3FkXXC
PXDddPcSGN1VXN+76Q==
Generated at Fri Mar 29 10:27:03 2024 by rpki-client on console-ams.rpki-client.org