Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Kmw--kNukxXlz3aaIdYXX4UxUr4.roa
File: Kmw--kNukxXlz3aaIdYXX4UxUr4.roa (raw, json)
Hash identifier: lbHdq/Yq8kROUrU9qm2yb4luK7BqTVduEuS70uZU2lk=
Subject key identifier: 2A:6C:3E:FA:43:6E:93:15:E5:CF:76:9A:21:D6:17:5F:85:31:52:BE
Certificate issuer: /CN=572abd85a58991ab71a17fd7541fb8de96f55a7d
Certificate serial: 018CC3B735B331B40D0FB8D6003C09C6674E
Authority key identifier: 57:2A:BD:85:A5:89:91:AB:71:A1:7F:D7:54:1F:B8:DE:96:F5:5A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vyq9haWJkatxoX_XVB-43pb1Wn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Kmw--kNukxXlz3aaIdYXX4UxUr4.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42760
IP address blocks: 77.74.0.0/21 maxlen: 21
185.74.28.0/22 maxlen: 22
46.227.224.0/21 maxlen: 21
193.246.101.0/24 maxlen: 24
193.246.120.0/24 maxlen: 24
2a02:cd8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:35:b3:31:b4:0d:0f:b8:d6:00:3c:09:c6:67:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=572abd85a58991ab71a17fd7541fb8de96f55a7d
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a6c3efa436e9315e5cf769a21d6175f853152be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:6a:0e:c2:d3:90:95:81:7b:1d:b1:a9:5e:
bd:a4:1a:30:78:45:ef:c4:4b:48:aa:e8:f7:db:e4:
f4:7b:fe:ed:49:76:13:ad:73:8e:81:d5:93:31:33:
ff:67:08:46:56:aa:fa:d9:fb:8d:00:cb:d9:84:4c:
c3:ab:64:c0:5a:b1:43:5a:ff:ca:68:f3:c1:fc:ab:
ac:19:cc:bf:39:4e:38:2d:39:e9:d1:72:3f:7d:3e:
09:39:35:7c:20:a7:aa:d8:49:f0:7b:2b:0b:31:f9:
c2:19:1c:0b:c1:1f:e9:8d:60:e6:59:f6:c5:68:db:
aa:39:94:7d:5e:5d:85:6f:08:6a:6b:f3:3e:0e:96:
fd:0a:70:30:22:1e:9e:8b:6d:d4:89:a9:94:04:b4:
48:82:ea:f5:f1:cf:66:ad:a9:d1:53:e4:41:34:02:
85:18:aa:ea:f2:6e:9d:fa:94:ce:4d:ab:5c:39:3e:
ae:11:34:d5:c9:7a:18:d2:be:59:01:b9:41:eb:91:
d5:92:cc:0a:3b:f3:c1:a9:91:3d:0c:9e:90:2f:6a:
ab:7f:92:13:6b:36:3a:5e:c1:08:c5:2d:97:6f:e3:
b7:05:cb:3c:7a:61:e3:01:a6:7d:6f:58:19:bc:d5:
ee:7c:73:11:0d:eb:eb:d6:43:74:a4:ee:84:76:0e:
df:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6C:3E:FA:43:6E:93:15:E5:CF:76:9A:21:D6:17:5F:85:31:52:BE
X509v3 Authority Key Identifier:
keyid:57:2A:BD:85:A5:89:91:AB:71:A1:7F:D7:54:1F:B8:DE:96:F5:5A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vyq9haWJkatxoX_XVB-43pb1Wn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Kmw--kNukxXlz3aaIdYXX4UxUr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Vyq9haWJkatxoX_XVB-43pb1Wn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.224.0/21
77.74.0.0/21
185.74.28.0/22
193.246.101.0/24
193.246.120.0/24
IPv6:
2a02:cd8::/32
Signature Algorithm: sha256WithRSAEncryption
02:ac:92:b7:12:2b:f8:13:b0:00:51:cf:76:ed:c7:56:39:b0:
5d:a9:24:ba:9b:32:78:fe:cc:66:16:af:44:92:a0:68:72:b7:
ea:01:8a:b3:b4:af:8c:63:f7:1f:33:ae:46:b0:77:cc:1d:5f:
03:d7:14:14:34:52:61:93:94:23:ce:80:c2:f9:9a:af:49:23:
93:99:b9:ef:d6:70:e3:e0:23:d3:7f:88:5d:2c:be:dd:2a:a8:
f3:15:00:fc:39:f0:20:db:26:0f:2f:6a:6d:56:ea:40:3c:39:
ef:a1:87:42:32:bb:70:f2:d6:01:d1:fd:af:86:5d:3c:2c:37:
4b:d6:80:c5:46:67:25:68:c9:b7:62:bc:da:72:a5:f0:04:32:
a3:a9:89:e2:f4:41:e6:fa:7d:97:82:a0:d9:c4:34:88:db:0d:
3f:03:af:2d:1f:b2:b7:8a:0a:fc:30:07:be:3f:04:25:4c:88:
3e:e2:27:31:ff:09:28:49:c2:b0:22:44:27:cf:1a:21:9a:d1:
61:8e:83:b7:bf:d0:ff:27:f5:7b:63:b5:48:58:c3:19:60:61:
fe:56:86:29:27:44:3c:19:24:6d:87:2b:99:44:78:a7:c5:55:
49:db:48:ce:a0:f7:3f:a5:5f:fb:77:58:21:32:b1:c9:10:e9:
f1:00:a2:c5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtzWzMbQND7jWADwJxmdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MmFiZDg1YTU4OTkxYWI3MWExN2ZkNzU0MWZiOGRlOTZm
NTVhN2QwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZjM2VmYTQzNmU5MzE1ZTVjZjc2OWEyMWQ2MTc1Zjg1MzE1MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmtqDsLTkJWBex2xqV69pBoweEXv
xEtIquj32+T0e/7tSXYTrXOOgdWTMTP/ZwhGVqr62fuNAMvZhEzDq2TAWrFDWv/K
aPPB/KusGcy/OU44LTnp0XI/fT4JOTV8IKeq2EnweysLMfnCGRwLwR/pjWDmWfbF
aNuqOZR9Xl2Fbwhqa/M+Dpb9CnAwIh6ei23UiamUBLRIgur18c9mranRU+RBNAKF
GKrq8m6d+pTOTatcOT6uETTVyXoY0r5ZAblB65HVkswKO/PBqZE9DJ6QL2qrf5IT
azY6XsEIxS2Xb+O3Bcs8emHjAaZ9b1gZvNXufHMRDevr1kN0pO6Edg7fDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCpsPvpDbpMV5c92miHWF1+FMVK+MB8GA1UdIwQY
MBaAFFcqvYWliZGrcaF/11QfuN6W9Vp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnlxOWhhV0prYXR4b1hfWFZCLTQzcGIxV24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84NjFjNmMtYTQ3YS00NjU0LWE0ZWYt
NjFmYWMyODZkMzg3LzEvS213LS1rTnVreFhsejNhYUlkWVhYNFV4VXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi84NjFjNmMtYTQ3YS00NjU0LWE0ZWYtNjFmYWMyODZkMzg3
LzEvVnlxOWhhV0prYXR4b1hfWFZCLTQzcGIxV24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLuPgAwQD
TUoAAwQCuUocAwQAwfZlAwQAwfZ4MA0EAgACMAcDBQAqAgzYMA0GCSqGSIb3DQEB
CwUAA4IBAQACrJK3Eiv4E7AAUc927cdWObBdqSS6mzJ4/sxmFq9EkqBocrfqAYqz
tK+MY/cfM65GsHfMHV8D1xQUNFJhk5QjzoDC+ZqvSSOTmbnv1nDj4CPTf4hdLL7d
KqjzFQD8OfAg2yYPL2ptVupAPDnvoYdCMrtw8tYB0f2vhl08LDdL1oDFRmclaMm3
YrzacqXwBDKjqYni9EHm+n2XgqDZxDSI2w0/A68tH7K3igr8MAe+PwQlTIg+4icx
/wkoScKwIkQnzxohmtFhjoO3v9D/J/V7Y7VIWMMZYGH+VoYpJ0Q8GSRthyuZRHin
xVVJ20jOoPc/pV/7d1ghMrHJEOnxAKLF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:32 2025 by rpki-client