Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KTMVetrEV1xelLWjfFf15C2wAGw.roa
File: KTMVetrEV1xelLWjfFf15C2wAGw.roa (raw, json)
Hash identifier: AditbpeE1pzW85obsA3MMpU8Np8cUvU2yaOCDy6y62E=
Subject key identifier: 29:33:15:7A:DA:C4:57:5C:5E:94:B5:A3:7C:57:F5:E4:2D:B0:00:6C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01941C6C7DAD8CCA3C7272A1F6AEB3B59AED
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KTMVetrEV1xelLWjfFf15C2wAGw.roa
Signing time: Tue 31 Dec 2024 11:14:19 +0000
ROA not before: Tue 31 Dec 2024 11:14:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:6c:7d:ad:8c:ca:3c:72:72:a1:f6:ae:b3:b5:9a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 31 11:14:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2933157adac4575c5e94b5a37c57f5e42db0006c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2b:2c:0e:48:6a:1e:a4:db:94:a0:e9:f8:4c:
48:c6:0c:2e:b2:ea:45:56:9b:e6:aa:e0:ec:68:6e:
47:95:a9:70:42:97:ed:55:28:08:21:d3:fe:d6:e9:
7b:5f:20:0d:03:ed:8a:52:87:2b:06:5c:da:1b:0c:
b7:e3:5a:c8:75:5f:b2:7f:34:47:57:50:64:39:00:
17:6e:4e:4a:fe:c9:fa:d8:46:73:6b:0f:c2:33:92:
37:66:69:8e:28:2c:d4:77:c8:49:98:88:e3:59:39:
5d:8f:6f:66:4e:69:3c:07:3b:b6:24:f1:0b:f7:d4:
f2:1f:ec:c3:36:5e:17:2d:79:8e:69:19:b6:5b:5e:
a7:f5:e1:69:d5:93:33:b5:e5:25:f0:58:07:1b:09:
3a:15:85:0b:e3:8d:1c:58:5b:41:c0:10:d9:01:44:
46:16:9c:d2:b5:9a:f2:45:23:2a:29:e8:84:1c:68:
1d:a1:37:29:fa:72:11:fd:25:75:e7:59:65:41:55:
67:87:d5:e6:3b:3b:78:1c:64:5c:c6:56:2e:e0:92:
02:1c:9b:41:cf:ec:d7:7b:92:ea:f4:1f:0d:37:06:
80:1e:66:88:b3:38:fe:27:1d:7c:62:0a:02:51:56:
ab:88:0c:2c:c9:92:8a:73:0f:3d:fa:91:ec:a0:b4:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:33:15:7A:DA:C4:57:5C:5E:94:B5:A3:7C:57:F5:E4:2D:B0:00:6C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KTMVetrEV1xelLWjfFf15C2wAGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.13.0-185.121.14.255
185.232.204.0/24
185.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ab:5a:8b:c2:78:8f:8f:ea:3f:19:b2:09:e3:eb:5b:f7:1a:
99:24:ba:32:dd:2d:8a:58:2c:69:29:64:28:31:2c:35:bb:ed:
b8:e7:06:02:09:7b:db:53:b2:37:40:94:96:cc:af:ef:32:4a:
84:62:67:5e:32:09:46:09:c2:26:d2:e3:d5:ba:46:26:69:bf:
c5:97:d2:37:b7:6a:17:6f:fb:59:d8:8c:92:44:7b:01:50:8e:
58:cf:9a:8e:25:59:01:a1:6f:d8:b0:35:13:d2:1d:d1:f6:7c:
f4:d1:fd:6a:90:73:25:0f:ce:2d:ba:46:2e:0c:48:20:bc:4d:
a1:d1:80:ea:3d:a3:16:93:6c:9b:b4:13:3d:99:36:6d:2b:af:
09:e8:9d:26:c6:91:b3:f4:97:e4:76:3c:d6:89:62:84:f8:69:
1d:4f:ac:19:e0:11:c6:22:34:72:e5:f5:c6:3e:2f:c9:c1:16:
24:a5:18:74:9a:2d:87:33:06:d0:68:6d:7b:c8:f4:20:d3:a6:
98:d7:f7:4b:63:bb:ef:ca:7f:a5:eb:4c:a5:c1:3a:12:ba:01:
b3:b4:de:25:68:23:36:04:dc:94:b2:66:36:67:aa:7b:a0:6a:
94:43:21:77:5d:4e:bf:22:c7:a0:1e:4f:81:dd:62:1c:61:1c:
e5:72:c0:c0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQcbH2tjMo8cnKh9q6ztZrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjMxMTExNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTMzMTU3YWRhYzQ1NzVjNWU5NGI1YTM3YzU3ZjVlNDJkYjAwMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSssDkhqHqTblKDp+ExIxgwusupF
VpvmquDsaG5HlalwQpftVSgIIdP+1ul7XyANA+2KUocrBlzaGwy341rIdV+yfzRH
V1BkOQAXbk5K/sn62EZzaw/CM5I3ZmmOKCzUd8hJmIjjWTldj29mTmk8Bzu2JPEL
99TyH+zDNl4XLXmOaRm2W16n9eFp1ZMzteUl8FgHGwk6FYUL440cWFtBwBDZAURG
FpzStZryRSMqKeiEHGgdoTcp+nIR/SV151llQVVnh9XmOzt4HGRcxlYu4JICHJtB
z+zXe5Lq9B8NNwaAHmaIszj+Jx18YgoCUVariAwsyZKKcw89+pHsoLQmUQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCkzFXraxFdcXpS1o3xX9eQtsABsMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS1RNVmV0ckVWMXhlbExXamZGZjE1QzJ3QUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC5eQ0D
BAC5eQ4DBAC56MwDBAC5/p4wDQYJKoZIhvcNAQELBQADggEBABmrWovCeI+P6j8Z
sgnj61v3GpkkujLdLYpYLGkpZCgxLDW77bjnBgIJe9tTsjdAlJbMr+8ySoRiZ14y
CUYJwibS49W6RiZpv8WX0je3ahdv+1nYjJJEewFQjljPmo4lWQGhb9iwNRPSHdH2
fPTR/WqQcyUPzi26Ri4MSCC8TaHRgOo9oxaTbJu0Ez2ZNm0rrwnonSbGkbP0l+R2
PNaJYoT4aR1PrBngEcYiNHLl9cY+L8nBFiSlGHSaLYczBtBobXvI9CDTppjX90tj
u+/Kf6XrTKXBOhK6AbO03iVoIzYE3JSyZjZnqnugapRDIXddTr8ix6AeT4HdYhxh
HOVywMA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:31:26 2025 by rpki-client