Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KiGFc-Jl_FzmZKQtzZhbDd7TU_o.roa
File: KiGFc-Jl_FzmZKQtzZhbDd7TU_o.roa (raw, json)
Hash identifier: vSFN6mR2KDjYl/EYeNyCd0EQciMVOubnPi33SwjWpp4=
Subject key identifier: 2A:21:85:73:E2:65:FC:5C:E6:64:A4:2D:CD:98:5B:0D:DE:D3:53:FA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0188E1B025D65E5E045BD098C41E72C94599
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KiGFc-Jl_FzmZKQtzZhbDd7TU_o.roa
Signing time: Thu 22 Jun 2023 05:59:57 +0000
ROA not before: Thu 22 Jun 2023 05:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31195
IP address blocks: 85.26.240.0/22 maxlen: 22
178.178.64.0/24 maxlen: 24
178.178.71.0/24 maxlen: 24
178.178.66.0/24 maxlen: 24
178.178.65.0/24 maxlen: 24
178.178.68.0/24 maxlen: 24
178.178.67.0/24 maxlen: 24
178.178.70.0/24 maxlen: 24
178.178.73.0/24 maxlen: 24
178.178.75.0/24 maxlen: 24
178.178.72.0/24 maxlen: 24
78.25.124.0/22 maxlen: 22
78.25.127.0/24 maxlen: 24
31.173.225.0/24 maxlen: 24
31.173.226.0/24 maxlen: 24
31.173.132.0/23 maxlen: 23
31.173.134.0/23 maxlen: 23
31.173.135.0/24 maxlen: 24
178.176.233.0/24 maxlen: 24
178.176.235.0/24 maxlen: 24
178.176.234.0/24 maxlen: 24
31.173.143.0/24 maxlen: 24
37.28.188.0/22 maxlen: 22
37.28.191.0/24 maxlen: 24
37.28.190.0/24 maxlen: 24
37.29.89.0/24 maxlen: 24
37.29.91.0/24 maxlen: 24
37.29.88.0/22 maxlen: 22
37.29.95.0/24 maxlen: 24
37.29.92.0/22 maxlen: 22
37.29.94.0/24 maxlen: 24
188.170.233.0/24 maxlen: 24
188.170.231.0/24 maxlen: 24
188.170.228.0/23 maxlen: 23
188.170.232.0/24 maxlen: 24
188.170.230.0/24 maxlen: 24
188.170.236.0/24 maxlen: 24
188.170.234.0/24 maxlen: 24
188.170.239.0/24 maxlen: 24
188.170.237.0/24 maxlen: 24
188.170.235.0/24 maxlen: 24
31.173.231.0/24 maxlen: 24
31.173.228.0/23 maxlen: 23
31.173.228.0/24 maxlen: 24
31.173.230.0/24 maxlen: 24
31.173.232.0/23 maxlen: 23
31.173.229.0/24 maxlen: 24
31.173.239.0/24 maxlen: 24
31.173.236.0/23 maxlen: 23
31.173.238.0/24 maxlen: 24
31.173.235.0/24 maxlen: 24
37.29.43.0/24 maxlen: 24
83.149.52.0/22 maxlen: 22
83.169.228.0/23 maxlen: 23
83.169.230.0/24 maxlen: 24
83.169.227.0/24 maxlen: 24
83.169.226.0/24 maxlen: 24
83.169.224.0/23 maxlen: 23
85.26.244.0/22 maxlen: 22
85.26.247.0/24 maxlen: 24
2a03:d006:400::/40 maxlen: 40
2a03:d006:500::/40 maxlen: 40
2a03:d006:200::/40 maxlen: 40
2a03:d006:300::/40 maxlen: 40
2a03:d006::/40 maxlen: 40
2a03:d006:600::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 04 Jul 2023 08:41:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e1:b0:25:d6:5e:5e:04:5b:d0:98:c4:1e:72:c9:45:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jun 22 05:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a218573e265fc5ce664a42dcd985b0dded353fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:17:ad:ea:1c:50:04:47:ee:6e:92:17:29:a6:
42:71:30:64:c8:e8:59:c5:09:f6:d6:ac:34:b8:a6:
b2:c6:23:e8:f3:32:6a:b2:1c:0d:60:47:b4:a7:a3:
39:f4:3d:83:97:84:e5:97:bb:8f:ba:10:5d:06:ce:
ed:55:c5:7d:45:3b:18:b4:17:75:72:09:c2:77:8e:
82:27:b6:f3:b2:60:cd:d5:0c:1e:24:cb:3f:38:22:
23:b5:49:c7:94:78:8e:38:d0:73:83:7f:e2:3f:2d:
6b:ff:2f:64:92:53:cf:cb:73:bf:bb:f4:e6:27:d8:
63:33:1e:b8:c8:12:73:a8:a6:7a:aa:c5:ce:13:7b:
14:95:9e:36:9c:6c:bd:92:ed:4c:48:64:c1:20:ef:
c5:77:ae:86:4d:8f:31:21:17:57:28:86:e3:03:93:
d5:60:5f:47:43:2d:85:0f:b5:72:85:cc:40:ff:8c:
8b:2f:f0:73:12:db:bd:49:ab:c3:99:9b:45:d1:76:
29:94:57:cc:98:e9:7f:01:00:29:06:fa:99:24:ab:
16:05:ac:1c:87:8a:db:c3:d4:27:96:88:56:69:3f:
79:e0:ea:37:9b:06:53:3f:f6:38:33:b6:2c:4e:24:
c9:2b:ad:a6:b2:5d:82:b2:14:58:e4:70:81:40:f7:
d8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:21:85:73:E2:65:FC:5C:E6:64:A4:2D:CD:98:5B:0D:DE:D3:53:FA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KiGFc-Jl_FzmZKQtzZhbDd7TU_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.132.0/22
31.173.143.0/24
31.173.225.0-31.173.226.255
31.173.228.0-31.173.233.255
31.173.235.0-31.173.239.255
37.28.188.0/22
37.29.43.0/24
37.29.88.0/21
78.25.124.0/22
83.149.52.0/22
83.169.224.0-83.169.230.255
85.26.240.0/21
178.176.233.0-178.176.235.255
178.178.64.0-178.178.68.255
178.178.70.0-178.178.73.255
178.178.75.0/24
188.170.228.0-188.170.237.255
188.170.239.0/24
IPv6:
2a03:d006::/40
2a03:d006:200::-2a03:d006:6ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:94:55:22:4f:94:8a:d8:1d:e1:ec:68:63:14:fa:67:63:55:
80:89:09:bf:42:ec:e5:83:aa:e1:de:d5:81:d1:b3:0d:5e:47:
1e:f1:eb:d4:50:71:aa:29:ec:90:54:f4:5a:26:60:6c:1c:18:
61:a4:e4:15:c1:b1:4e:87:23:cc:3a:0f:69:03:f5:17:4a:4d:
ae:74:43:f5:63:c7:79:14:bb:16:d6:5b:51:28:b5:43:35:b1:
a9:02:56:9f:ca:1e:c8:32:c2:df:83:f2:bc:72:fc:f0:df:a6:
df:fc:6d:84:1e:10:15:60:05:f8:f9:b5:06:bd:ec:11:33:97:
10:ab:8c:ce:29:71:c4:1f:b4:58:32:b2:21:0f:f1:51:d4:f1:
19:2d:6c:17:e6:9d:99:08:71:4e:b6:bf:ce:93:a9:03:76:03:
d2:30:99:ac:9d:9e:49:e5:c4:7a:11:f1:b3:3f:92:e5:df:ec:
09:05:55:88:a0:71:18:2a:6c:d2:49:d2:ab:e2:36:2a:fe:a2:
84:c0:a7:5d:a9:da:d0:fe:82:88:a7:93:4a:9d:15:a2:b8:8f:
76:ad:46:e8:e1:c7:0a:7a:87:88:75:8b:f0:67:59:12:59:65:
55:25:2e:62:99:d5:3a:0b:0b:d7:9b:55:ee:b8:bd:f8:bc:62:
0c:5e:f4:25
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYjhsCXWXl4EW9CYxB5yyUWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwNjIyMDU1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIxODU3M2UyNjVmYzVjZTY2NGE0MmRjZDk4NWIwZGRlZDM1M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Bet6hxQBEfubpIXKaZCcTBkyOhZ
xQn21qw0uKayxiPo8zJqshwNYEe0p6M59D2Dl4Tll7uPuhBdBs7tVcV9RTsYtBd1
cgnCd46CJ7bzsmDN1QweJMs/OCIjtUnHlHiOONBzg3/iPy1r/y9kklPPy3O/u/Tm
J9hjMx64yBJzqKZ6qsXOE3sUlZ42nGy9ku1MSGTBIO/Fd66GTY8xIRdXKIbjA5PV
YF9HQy2FD7VyhcxA/4yLL/BzEtu9SavDmZtF0XYplFfMmOl/AQApBvqZJKsWBawc
h4rbw9QnlohWaT954Oo3mwZTP/Y4M7YsTiTJK62msl2CshRY5HCBQPfY2wIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFCohhXPiZfxc5mSkLc2YWw3e01P6MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvS2lHRmMtSmxfRnptWktRdHpaaGJEZDdUVV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCBswQCAAEwgawDBAIf
rYQDBAAfrY8wDAMEAB+t4QMEAB+t4jAMAwQCH63kAwQBH63oMAwDBAAfresDBAQf
reADBAIlHLwDBAAlHSsDBAMlHVgDBAJOGXwDBAJTlTQwDAMEBVOp4AMEAFOp5gME
A1Ua8DAMAwQAsrDpAwQCsrDoMAwDBAayskADBACyskQwDAMEAbKyRgMEAbKySAME
ALKySzAMAwQCvKrkAwQBvKrsAwQAvKrvMCAEAgACMBoDBgAqA9AGADAQAwYBKgPQ
BgIDBgAqA9AGBjANBgkqhkiG9w0BAQsFAAOCAQEALpRVIk+Uitgd4exoYxT6Z2NV
gIkJv0Ls5YOq4d7VgdGzDV5HHvHr1FBxqinskFT0WiZgbBwYYaTkFcGxTocjzDoP
aQP1F0pNrnRD9WPHeRS7FtZbUSi1QzWxqQJWn8oeyDLC34PyvHL88N+m3/xthB4Q
FWAF+Pm1Br3sETOXEKuMzilxxB+0WDKyIQ/xUdTxGS1sF+admQhxTra/zpOpA3YD
0jCZrJ2eSeXEehHxsz+S5d/sCQVViKBxGCps0knSq+I2Kv6ihMCnXana0P6CiKeT
Sp0VoriPdq1G6OHHCnqHiHWL8GdZElllVSUuYpnVOgsL15tV7ri9+LxiDF70JQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org