Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/7785c3-7943-4b7b-9194-c38661fbf22a/1/KG6HxoqO2WZXH1-hRVBWrB03o-4.roa
File: KG6HxoqO2WZXH1-hRVBWrB03o-4.roa (raw, json)
Hash identifier: sZQFW7tg6qP0palNHGOWWlj9Jen/SnEA5OQgKdY8rD8=
Subject key identifier: 28:6E:87:C6:8A:8E:D9:66:57:1F:5F:A1:45:50:56:AC:1D:37:A3:EE
Certificate issuer: /CN=f7ced021f9914d12d418d9aa238c93825ea5f605
Certificate serial: 0193DA7CABFCA9480ECA54D2C9E2CB01D08B
Authority key identifier: F7:CE:D0:21:F9:91:4D:12:D4:18:D9:AA:23:8C:93:82:5E:A5:F6:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/987QIfmRTRLUGNmqI4yTgl6l9gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/7785c3-7943-4b7b-9194-c38661fbf22a/1/KG6HxoqO2WZXH1-hRVBWrB03o-4.roa
Signing time: Wed 18 Dec 2024 15:57:03 +0000
ROA not before: Wed 18 Dec 2024 15:57:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35684
IP address blocks: 93.188.56.0/22 maxlen: 22
185.79.44.0/22 maxlen: 22
185.178.40.0/22 maxlen: 22
194.59.192.0/22 maxlen: 22
195.137.191.0/24 maxlen: 24
2001:678:b68::/48 maxlen: 48
2001:67c:18b0::/48 maxlen: 48
2a05:7180::/29 maxlen: 29
2a06:8500::/29 maxlen: 29
2a06:9300::/29 maxlen: 29
2a0c:d980::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:7c:ab:fc:a9:48:0e:ca:54:d2:c9:e2:cb:01:d0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7ced021f9914d12d418d9aa238c93825ea5f605
Validity
Not Before: Dec 18 15:57:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=286e87c68a8ed966571f5fa1455056ac1d37a3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:26:f9:e7:c1:55:16:5b:f7:7e:42:db:52:b4:
ab:39:02:35:51:5b:12:e7:3b:bc:ae:47:7a:ea:d2:
68:f0:fd:d7:ef:f8:db:d1:b6:48:b1:08:e8:85:53:
dd:31:c7:35:0e:d4:94:91:9d:e4:af:a1:93:2c:94:
06:9e:ac:f6:74:f6:38:6e:34:98:9a:2c:5f:49:28:
ad:b9:42:00:d1:2c:4a:1d:22:91:72:e5:80:e7:ed:
53:43:2f:18:d4:30:3e:1e:67:46:f0:41:12:e0:09:
43:7b:a2:98:4c:20:56:4a:b0:68:d3:e3:51:11:19:
10:f5:cc:54:6d:12:74:ab:d6:fb:f2:72:be:13:e3:
5c:1b:22:90:2b:06:41:50:13:94:05:03:3f:44:e8:
92:0e:3d:c2:13:24:eb:a4:63:c6:8c:2e:35:1a:97:
45:c4:48:c6:2e:7e:c2:2e:c8:d5:53:a1:1f:86:b3:
66:63:53:ba:65:d6:b5:9f:33:89:c0:41:f8:2d:00:
16:83:e3:7b:f9:da:2c:6e:55:b8:59:e0:ce:3e:45:
1f:d1:0a:f2:01:65:c5:3e:5b:63:2d:5a:74:4f:d8:
ea:fb:f0:0e:9c:d0:48:01:12:2f:f5:8b:74:2a:d4:
c5:55:06:1d:cc:47:c2:a5:38:95:dd:e3:65:7b:3e:
cb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6E:87:C6:8A:8E:D9:66:57:1F:5F:A1:45:50:56:AC:1D:37:A3:EE
X509v3 Authority Key Identifier:
keyid:F7:CE:D0:21:F9:91:4D:12:D4:18:D9:AA:23:8C:93:82:5E:A5:F6:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/987QIfmRTRLUGNmqI4yTgl6l9gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7785c3-7943-4b7b-9194-c38661fbf22a/1/KG6HxoqO2WZXH1-hRVBWrB03o-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7785c3-7943-4b7b-9194-c38661fbf22a/1/987QIfmRTRLUGNmqI4yTgl6l9gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.56.0/22
185.79.44.0/22
185.178.40.0/22
194.59.192.0/22
195.137.191.0/24
IPv6:
2001:678:b68::/48
2001:67c:18b0::/48
2a05:7180::/29
2a06:8500::/29
2a06:9300::/29
2a0c:d980::/29
Signature Algorithm: sha256WithRSAEncryption
56:c1:19:f0:fa:b1:e3:d0:12:48:df:ce:3c:c7:3e:6b:48:42:
83:45:1e:9b:45:62:d1:ec:f5:95:c4:c5:98:f0:8c:d7:84:53:
90:6d:56:48:63:41:ee:75:25:5f:8c:58:7f:f2:12:5d:fd:b6:
31:c9:23:b0:af:eb:89:b4:ce:bb:7e:f4:c4:69:39:34:cd:d6:
ad:d5:ea:5f:f7:b7:72:8d:d0:8d:8f:0b:a9:ce:7c:2d:75:b9:
9c:f9:9e:5a:ff:ed:98:e4:d9:19:2c:2d:a0:69:db:53:e2:9d:
0a:46:9f:dc:aa:b6:76:2d:81:c9:20:1f:77:fc:d9:70:84:97:
3d:cd:9d:48:c4:2c:68:dc:b8:ca:94:88:a1:6a:79:ba:97:2a:
01:0d:09:33:4e:e1:cf:0d:ee:05:f2:b8:d3:f8:85:16:3d:3f:
fa:ad:ad:ff:95:c2:2e:7c:87:1f:14:8e:63:50:ed:d1:64:bb:
77:a6:1e:6f:bc:14:59:61:07:70:62:5c:2c:ca:62:8f:8b:fc:
02:e4:aa:b7:a9:b5:7d:69:cc:26:2f:d8:63:65:96:bc:d7:d7:
cd:2b:5b:54:55:df:90:10:4d:10:34:da:a6:62:c3:88:fe:8f:
77:51:a4:0b:67:2d:e7:69:e0:3a:c7:c7:3e:81:18:6b:a0:87:
7b:7d:ec:7b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZPafKv8qUgOylTSyeLLAdCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2VkMDIxZjk5MTRkMTJkNDE4ZDlhYTIzOGM5MzgyNWVh
NWY2MDUwHhcNMjQxMjE4MTU1NzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZlODdjNjhhOGVkOTY2NTcxZjVmYTE0NTUwNTZhYzFkMzdhM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yb558FVFlv3fkLbUrSrOQI1UVsS
5zu8rkd66tJo8P3X7/jb0bZIsQjohVPdMcc1DtSUkZ3kr6GTLJQGnqz2dPY4bjSY
mixfSSituUIA0SxKHSKRcuWA5+1TQy8Y1DA+HmdG8EES4AlDe6KYTCBWSrBo0+NR
ERkQ9cxUbRJ0q9b78nK+E+NcGyKQKwZBUBOUBQM/ROiSDj3CEyTrpGPGjC41GpdF
xEjGLn7CLsjVU6EfhrNmY1O6Zda1nzOJwEH4LQAWg+N7+dosblW4WeDOPkUf0Qry
AWXFPltjLVp0T9jq+/AOnNBIARIv9Yt0KtTFVQYdzEfCpTiV3eNlez7LEQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFChuh8aKjtlmVx9foUVQVqwdN6PuMB8GA1UdIwQY
MBaAFPfO0CH5kU0S1BjZqiOMk4JepfYFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTg3UUlmbVJUUkxVR05tcUk0eVRnbDZsOWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS83Nzg1YzMtNzk0My00YjdiLTkxOTQt
YzM4NjYxZmJmMjJhLzEvS0c2SHhvcU8yV1pYSDEtaFJWQldyQjAzby00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS83Nzg1YzMtNzk0My00YjdiLTkxOTQtYzM4NjYxZmJmMjJh
LzEvOTg3UUlmbVJUUkxVR05tcUk0eVRnbDZsOWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAkBAIAATAeAwQCXbw4AwQC
uU8sAwQCubIoAwQCwjvAAwQAw4m/MDQEAgACMC4DBwAgAQZ4C2gDBwAgAQZ8GLAD
BQMqBXGAAwUDKgaFAAMFAyoGkwADBQMqDNmAMA0GCSqGSIb3DQEBCwUAA4IBAQBW
wRnw+rHj0BJI3848xz5rSEKDRR6bRWLR7PWVxMWY8IzXhFOQbVZIY0HudSVfjFh/
8hJd/bYxySOwr+uJtM67fvTEaTk0zdat1epf97dyjdCNjwupznwtdbmc+Z5a/+2Y
5NkZLC2gadtT4p0KRp/cqrZ2LYHJIB93/NlwhJc9zZ1IxCxo3LjKlIihanm6lyoB
DQkzTuHPDe4F8rjT+IUWPT/6ra3/lcIufIcfFI5jUO3RZLt3ph5vvBRZYQdwYlws
ymKPi/wC5Kq3qbV9acwmL9hjZZa819fNK1tUVd+QEE0QNNqmYsOI/o93UaQLZy3n
aeA6x8c+gRhroId7fex7
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:02:45 2025 by rpki-client