Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/KNp3W4I5A04Z4PI2hnEHtiB9tUU.roa
File: KNp3W4I5A04Z4PI2hnEHtiB9tUU.roa (raw, json)
Hash identifier: Rxv2YnVZoZ544vxsr5jNsY/U2e/L3RTWu0XU1zfuo6M=
Subject key identifier: 28:DA:77:5B:82:39:03:4E:19:E0:F2:36:86:71:07:B6:20:7D:B5:45
Certificate issuer: /CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Certificate serial: 018CCA29E39D0948520C75E59BE5BC3994A0
Authority key identifier: AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/KNp3W4I5A04Z4PI2hnEHtiB9tUU.roa
Signing time: Tue 02 Jan 2024 12:33:11 +0000
ROA not before: Tue 02 Jan 2024 12:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209500
IP address blocks: 193.31.7.0/24 maxlen: 24
46.226.121.0/24 maxlen: 24
45.182.188.0/24 maxlen: 24
85.193.79.0/24 maxlen: 24
103.14.1.0/24 maxlen: 24
83.229.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 13:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:e3:9d:09:48:52:0c:75:e5:9b:e5:bc:39:94:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Validity
Not Before: Jan 2 12:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28da775b8239034e19e0f236867107b6207db545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:39:f9:e2:e0:24:81:94:40:f4:27:f4:26:59:
da:13:4d:b2:cb:fe:60:6e:28:0e:cc:87:3c:b4:3a:
f2:b4:59:b5:4b:13:1e:9c:a7:a0:f5:10:b3:b1:85:
97:ea:1f:1e:7b:86:b2:b2:a1:e7:b8:38:75:a0:db:
48:e5:cc:bf:16:04:1a:2a:b8:bf:06:31:9d:61:b4:
bd:98:51:c0:93:c5:d3:d8:fc:8c:b2:70:1d:42:05:
6f:6b:62:c0:4c:d8:3b:d0:6b:54:4a:fa:c7:e5:9c:
08:11:a5:be:8c:44:96:36:92:38:96:cd:65:90:85:
40:9b:e2:39:dc:2c:23:64:d3:a2:a1:dc:5b:01:4b:
e2:00:9f:74:f1:38:bc:a2:a0:48:d2:af:e4:3e:0f:
22:ee:62:44:34:34:77:a4:4d:e5:ab:68:fb:4a:7f:
ba:ca:31:b3:71:4a:bc:87:bd:ce:77:58:62:43:b8:
db:4d:12:87:b5:cd:5c:8f:38:b0:b2:7b:86:42:73:
79:04:41:ad:80:3a:42:c4:30:4d:21:b3:89:13:70:
65:d9:56:ec:a1:15:94:32:09:ab:04:5b:fa:62:a3:
c5:e2:11:91:16:9f:91:08:c6:79:00:74:de:75:00:
4f:08:e7:a7:33:db:75:03:91:0b:5b:a5:a4:1c:41:
de:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DA:77:5B:82:39:03:4E:19:E0:F2:36:86:71:07:B6:20:7D:B5:45
X509v3 Authority Key Identifier:
keyid:AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/KNp3W4I5A04Z4PI2hnEHtiB9tUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.182.188.0/24
46.226.121.0/24
83.229.62.0/24
85.193.79.0/24
103.14.1.0/24
193.31.7.0/24
Signature Algorithm: sha256WithRSAEncryption
47:85:d6:4f:65:67:9b:ce:be:c6:75:9a:c2:f2:fe:c4:60:10:
ec:a1:e3:6d:9b:55:cc:d2:4f:2a:ee:90:9e:5b:c0:81:9f:2a:
c3:9c:31:54:a2:da:4f:fb:f7:92:dd:dc:7f:1a:e4:43:6a:7d:
dc:9d:72:a0:6e:48:cc:04:46:21:40:d8:74:d5:da:a1:9e:a7:
8c:8e:fb:84:7b:25:fe:96:86:c1:97:1f:c8:68:ac:4a:02:13:
22:bd:2a:fb:40:42:44:12:33:2a:80:4e:4e:2d:7e:c4:a0:a7:
8b:9d:ea:76:c1:0f:17:ab:68:bd:09:59:d5:a1:3b:ab:d1:c1:
73:7f:54:17:3f:12:27:7d:6c:50:2a:0f:d7:54:f9:c7:69:83:
5c:da:13:8e:8f:83:f7:01:47:26:ff:3f:9d:95:bf:f2:7d:d0:
a7:63:29:b8:6f:d1:98:59:1f:84:6a:8f:c8:40:70:cf:33:40:
fe:84:ce:43:f3:7c:68:68:99:6f:c7:e9:d3:48:21:0c:c5:15:
f3:a9:35:f8:14:d0:a2:9f:79:c3:1b:40:d8:9b:47:34:a6:d7:
e7:0e:e0:9e:bb:98:c7:2f:84:fa:76:ad:86:b8:b5:6f:ea:8c:
a7:08:a2:53:6f:fb:9b:ae:7b:fc:bc:5b:b9:11:7f:92:d5:18:
32:94:12:03
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKKeOdCUhSDHXlm+W8OZSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjZlYTBmZmIyYWVlNGY3NmVlMWExMDQ4OTY5YjhiNTA2
NWRhNDUwHhcNMjQwMTAyMTIzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRhNzc1YjgyMzkwMzRlMTllMGYyMzY4NjcxMDdiNjIwN2RiNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTn54uAkgZRA9Cf0JlnaE02yy/5g
bigOzIc8tDrytFm1SxMenKeg9RCzsYWX6h8ee4aysqHnuDh1oNtI5cy/FgQaKri/
BjGdYbS9mFHAk8XT2PyMsnAdQgVva2LATNg70GtUSvrH5ZwIEaW+jESWNpI4ls1l
kIVAm+I53CwjZNOiodxbAUviAJ908Ti8oqBI0q/kPg8i7mJENDR3pE3lq2j7Sn+6
yjGzcUq8h73Od1hiQ7jbTRKHtc1cjziwsnuGQnN5BEGtgDpCxDBNIbOJE3Bl2Vbs
oRWUMgmrBFv6YqPF4hGRFp+RCMZ5AHTedQBPCOenM9t1A5ELW6WkHEHe9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCjad1uCOQNOGeDyNoZxB7YgfbVFMB8GA1UdIwQY
MBaAFKz26g/7Ku5Pdu4aEEiWm4tQZdpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQt
NTU1ZjNmMThlNTRmLzEvS05wM1c0STVBMDRaNFBJMmhuRUh0aUI5dFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQtNTU1ZjNmMThlNTRm
LzEvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALba8AwQA
LuJ5AwQAU+U+AwQAVcFPAwQAZw4BAwQAwR8HMA0GCSqGSIb3DQEBCwUAA4IBAQBH
hdZPZWebzr7GdZrC8v7EYBDsoeNtm1XM0k8q7pCeW8CBnyrDnDFUotpP+/eS3dx/
GuRDan3cnXKgbkjMBEYhQNh01dqhnqeMjvuEeyX+lobBlx/IaKxKAhMivSr7QEJE
EjMqgE5OLX7EoKeLnep2wQ8Xq2i9CVnVoTur0cFzf1QXPxInfWxQKg/XVPnHaYNc
2hOOj4P3AUcm/z+dlb/yfdCnYym4b9GYWR+Eao/IQHDPM0D+hM5D83xoaJlvx+nT
SCEMxRXzqTX4FNCin3nDG0DYm0c0ptfnDuCeu5jHL4T6dq2GuLVv6oynCKJTb/ub
rnv8vFu5EX+S1RgylBID
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:12 2025 by rpki-client