Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/KAkFKOYVCiBeo-kb8vimNMC4EQ4.roa
File: KAkFKOYVCiBeo-kb8vimNMC4EQ4.roa (raw, json)
Hash identifier: ADPcfzLh/uIptqWdY0EFUk62iFXOazZFg18jH8rfR6g=
Subject key identifier: 28:09:05:28:E6:15:0A:20:5E:A3:E9:1B:F2:F8:A6:34:C0:B8:11:0E
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 01856D5CF9CCB2BAEC4FBD7BD4EB231701BA
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/KAkFKOYVCiBeo-kb8vimNMC4EQ4.roa
Signing time: Sun 01 Jan 2023 12:44:47 +0000
ROA not before: Sun 01 Jan 2023 12:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8784
IP address blocks: 194.117.211.0/24 maxlen: 24
194.117.208.0/24 maxlen: 24
194.117.208.0/20 maxlen: 20
194.117.219.0/24 maxlen: 24
194.117.216.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
195.46.198.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.193.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
194.153.214.0/24 maxlen: 24
83.169.120.0/24 maxlen: 24
83.169.120.0/22 maxlen: 22
83.169.119.0/24 maxlen: 24
83.169.124.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.70.0/23 maxlen: 23
83.169.70.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.64.0/18 maxlen: 18
83.169.73.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.83.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.89.0/24 maxlen: 24
83.169.92.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.100.0/24 maxlen: 24
83.169.100.0/22 maxlen: 22
83.169.118.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.116.0/22 maxlen: 22
83.169.116.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.114.0/23 maxlen: 23
83.169.114.0/24 maxlen: 24
213.139.96.0/19 maxlen: 19
213.139.112.0/24 maxlen: 24
213.139.111.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
212.37.192.0/19 maxlen: 19
83.169.64.0/23 maxlen: 23
2a02:d50::/32 maxlen: 32
2001:4b90::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 29 Mar 2023 15:21:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f9:cc:b2:ba:ec:4f:bd:7b:d4:eb:23:17:01:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Jan 1 12:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28090528e6150a205ea3e91bf2f8a634c0b8110e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:db:8c:93:18:6c:3b:b5:34:ae:4d:6b:bc:f5:
25:9a:5f:c2:f1:90:39:83:7b:6b:0a:61:77:74:c9:
c3:0c:23:18:a1:d3:4f:43:b2:83:63:45:8e:75:19:
8c:5a:21:7c:02:06:c2:28:01:dd:0d:88:f3:14:e7:
66:b2:07:6f:93:52:25:2e:56:11:d7:f3:05:ea:7f:
1d:76:8b:78:38:2b:f7:21:09:19:54:15:9d:77:57:
2d:e5:04:3c:d6:52:3f:39:c8:84:38:84:11:84:16:
08:ed:8a:77:a1:47:0b:f4:ca:ac:b4:d8:8a:1d:87:
44:66:ea:a5:a4:ce:e8:90:b8:0a:76:54:fd:7c:ef:
eb:0c:24:80:59:15:c4:9f:41:6b:49:54:2a:b1:1c:
51:55:00:27:31:c2:5f:ec:56:3d:e0:54:f8:4e:09:
3c:ef:a4:37:7e:69:84:87:a0:36:55:38:5c:5f:cd:
90:80:04:a7:61:1a:e8:8b:17:c3:1a:4c:dc:76:7f:
bf:95:51:3a:24:d2:5d:bb:38:c7:1d:69:18:2b:aa:
47:20:90:4a:5b:bf:27:12:7e:71:fc:70:14:d4:8c:
f8:63:84:c0:81:e4:92:f9:cc:02:c8:32:e7:88:b9:
bd:b0:4d:5b:7f:46:cd:d4:52:cc:71:79:a3:df:d4:
41:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:09:05:28:E6:15:0A:20:5E:A3:E9:1B:F2:F8:A6:34:C0:B8:11:0E
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/KAkFKOYVCiBeo-kb8vimNMC4EQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
97:08:b1:2d:4e:b7:28:6d:7f:40:72:25:3e:4c:a0:b7:8a:14:
65:8b:b9:ae:04:c7:c4:87:f0:24:b1:ee:31:67:38:0d:3a:a9:
16:61:fe:20:ec:52:41:2c:94:02:95:e5:8c:9a:3e:70:07:79:
9d:fc:73:a0:6d:a9:71:00:ff:0e:07:10:e2:15:48:48:0e:02:
2b:f3:c1:2a:e1:bc:3a:7c:df:dd:d0:15:d1:1d:60:28:be:59:
fd:4e:e5:28:69:7c:62:12:8d:ac:c2:b9:b7:0a:57:61:58:ec:
45:39:34:e9:65:0b:52:ab:e7:ef:fa:07:cb:46:54:37:e4:ca:
3f:1d:be:6c:59:90:23:bd:7b:70:c6:8e:22:29:d2:44:2d:ed:
04:cd:9a:e2:a1:93:37:79:66:b1:2f:15:0c:b2:9d:bd:12:44:
df:ae:1a:15:a9:a9:50:76:4b:02:64:07:73:6e:ad:48:c1:3b:
d8:af:a3:d9:78:7e:51:f8:c0:da:01:af:ea:f5:d6:29:cf:71:
09:5c:8a:97:7d:28:fd:d7:ff:50:35:2c:d4:25:cc:4c:2e:8f:
ff:50:55:fc:5c:6c:b2:83:09:68:55:27:74:d1:01:84:fb:27:
51:7b:5a:36:f2:f5:ff:84:2c:f3:a6:b7:76:b8:56:cc:e6:da:
c2:b3:15:e4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVtXPnMsrrsT7171OsjFwG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjMwMTAxMTI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA5MDUyOGU2MTUwYTIwNWVhM2U5MWJmMmY4YTYzNGMwYjgxMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9uMkxhsO7U0rk1rvPUlml/C8ZA5
g3trCmF3dMnDDCMYodNPQ7KDY0WOdRmMWiF8AgbCKAHdDYjzFOdmsgdvk1IlLlYR
1/MF6n8ddot4OCv3IQkZVBWdd1ct5QQ81lI/OciEOIQRhBYI7Yp3oUcL9MqstNiK
HYdEZuqlpM7okLgKdlT9fO/rDCSAWRXEn0FrSVQqsRxRVQAnMcJf7FY94FT4Tgk8
76Q3fmmEh6A2VThcX82QgASnYRroixfDGkzcdn+/lVE6JNJduzjHHWkYK6pHIJBK
W78nEn5x/HAU1Iz4Y4TAgeSS+cwCyDLniLm9sE1bf0bN1FLMcXmj39RBPwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCgJBSjmFQogXqPpG/L4pjTAuBEOMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvS0FrRktPWVZDaUJlby1rYjh2aW1OTUM0RVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEAlwixLU63KG1/QHIlPkygt4oUZYu5
rgTHxIfwJLHuMWc4DTqpFmH+IOxSQSyUApXljJo+cAd5nfxzoG2pcQD/DgcQ4hVI
SA4CK/PBKuG8Onzf3dAV0R1gKL5Z/U7lKGl8YhKNrMK5twpXYVjsRTk06WULUqvn
7/oHy0ZUN+TKPx2+bFmQI717cMaOIinSRC3tBM2a4qGTN3lmsS8VDLKdvRJE364a
FampUHZLAmQHc26tSME72K+j2Xh+UfjA2gGv6vXWKc9xCVyKl30o/df/UDUs1CXM
TC6P/1BV/FxssoMJaFUndNEBhPsnUXtaNvL1/4Qs86a3drhWzObawrMV5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:31 2024 by rpki-client on console-ams.rpki-client.org