Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kt_gvB2St9x3Fwwi0eeoafemuEY.roa
File: kt_gvB2St9x3Fwwi0eeoafemuEY.roa (raw, json)
Hash identifier: texBtN6cor3bJ2TqAN/PtsUtgFFuJHjk+oXqdK9q6sI=
Subject key identifier: 92:DF:E0:BC:1D:92:B7:DC:77:17:0C:22:D1:E7:A8:69:F7:A6:B8:46
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01936CE46F5A2DC99659315805E7A805499F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kt_gvB2St9x3Fwwi0eeoafemuEY.roa
Signing time: Wed 27 Nov 2024 09:12:10 +0000
ROA not before: Wed 27 Nov 2024 09:12:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.146.0/24 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Nov 2024 09:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:e4:6f:5a:2d:c9:96:59:31:58:05:e7:a8:05:49:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 27 09:12:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92dfe0bc1d92b7dc77170c22d1e7a869f7a6b846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d3:30:bc:02:f4:2a:bc:b8:08:6a:8d:63:28:
5c:7e:57:d0:2d:cc:0d:d2:cd:d6:a6:2f:20:bf:55:
5e:2b:26:bc:ae:ca:76:9b:d7:fb:59:0c:57:d6:f4:
de:00:b3:be:55:f7:98:7b:97:e8:6d:a3:87:a9:08:
b9:4b:80:ab:d1:23:d4:00:3d:fb:6f:05:9c:8c:68:
ba:1a:90:c3:bd:8f:6a:c8:81:18:80:ff:10:d6:37:
19:62:ad:01:0a:be:06:59:8f:ff:29:64:f7:ac:26:
3c:af:c8:d5:0d:4e:a5:a7:d9:eb:78:a0:7b:77:86:
7c:54:2a:54:06:b2:d3:5e:c3:ab:bc:54:40:0c:f2:
b8:54:e9:3a:14:7a:b1:3e:f9:e0:be:08:e1:ca:8d:
9e:1d:54:00:c6:8c:a0:70:15:0c:8f:2f:96:ec:85:
a7:e3:75:51:2f:74:8b:fd:d8:b6:c2:28:ce:28:b6:
ab:f6:17:06:01:a0:5f:4e:79:e9:9f:b1:99:92:73:
0f:d5:15:79:f9:72:b9:06:dc:02:4e:d2:8f:a3:27:
68:d1:17:18:ee:dc:05:9d:ad:f7:8d:95:0a:f6:53:
df:ce:27:0f:88:d9:34:45:99:81:f9:a0:93:41:f9:
9c:27:07:3d:e2:66:6c:46:cc:ac:db:22:18:e3:34:
62:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DF:E0:BC:1D:92:B7:DC:77:17:0C:22:D1:E7:A8:69:F7:A6:B8:46
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kt_gvB2St9x3Fwwi0eeoafemuEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.108.204.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
32:e4:35:bc:c2:d8:22:14:0b:55:bc:42:02:86:54:80:64:2a:
26:fb:75:c7:e9:cd:6f:34:ff:47:39:00:17:4b:40:e4:86:48:
dc:2a:ac:b9:62:27:c7:9e:80:af:83:63:09:51:90:41:7b:9c:
65:f8:1d:bd:51:c3:4f:7b:c8:f9:35:a2:40:45:01:29:9d:54:
63:28:5f:04:ec:f2:7e:90:63:1c:b2:ce:37:5b:92:61:6e:31:
0c:3a:ed:82:11:43:73:14:a3:eb:cd:b0:70:76:30:6e:69:e3:
fd:35:00:2a:35:4b:eb:bc:a4:fc:25:97:60:4c:f7:e6:26:e2:
42:cf:d6:9f:7b:01:ff:42:f6:06:f8:21:e0:48:64:da:ee:aa:
45:6b:9d:20:be:17:73:2a:5f:f1:f3:f9:16:a3:90:bd:f1:e2:
49:f1:69:41:1d:ec:1d:b6:c0:23:1e:5e:5c:16:d5:f8:f3:2e:
79:d2:27:22:2f:09:66:72:21:46:89:b0:d3:88:3e:bf:4e:35:
12:b6:e6:34:6f:ea:0e:f8:10:8d:c9:6d:97:94:f8:aa:87:1f:
1f:f1:39:c6:cd:2d:8f:8a:77:68:50:c4:e8:e1:bb:9a:db:de:
43:f7:ee:4b:fe:4c:ce:18:b2:f8:35:32:01:93:3a:7e:b5:76:
b8:a2:68:65
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZNs5G9aLcmWWTFYBeeoBUmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMTI3MDkxMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRmZTBiYzFkOTJiN2RjNzcxNzBjMjJkMWU3YTg2OWY3YTZiODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtMwvAL0Kry4CGqNYyhcflfQLcwN
0s3Wpi8gv1VeKya8rsp2m9f7WQxX1vTeALO+VfeYe5fobaOHqQi5S4Cr0SPUAD37
bwWcjGi6GpDDvY9qyIEYgP8Q1jcZYq0BCr4GWY//KWT3rCY8r8jVDU6lp9nreKB7
d4Z8VCpUBrLTXsOrvFRADPK4VOk6FHqxPvngvgjhyo2eHVQAxoygcBUMjy+W7IWn
43VRL3SL/di2wijOKLar9hcGAaBfTnnpn7GZknMP1RV5+XK5BtwCTtKPoydo0RcY
7twFna33jZUK9lPfzicPiNk0RZmB+aCTQfmcJwc94mZsRsys2yIY4zRiPQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJLf4LwdkrfcdxcMItHnqGn3prhGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEva3RfZ3ZCMlN0OXgzRnd3aTBlZW9hZmVtdUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uWzMAwQAuX5SAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQAy5DW8wtgiFAtVvEIChlSAZCom+3XH6c1vNP9HOQAXS0Dkhkjc
Kqy5YifHnoCvg2MJUZBBe5xl+B29UcNPe8j5NaJARQEpnVRjKF8E7PJ+kGMcss43
W5JhbjEMOu2CEUNzFKPrzbBwdjBuaeP9NQAqNUvrvKT8JZdgTPfmJuJCz9afewH/
QvYG+CHgSGTa7qpFa50gvhdzKl/x8/kWo5C98eJJ8WlBHewdtsAjHl5cFtX48y55
0iciLwlmciFGibDTiD6/TjUStuY0b+oO+BCNyW2XlPiqhx8f8TnGzS2PindoUMTo
4bua295D9+5L/kzOGLL4NTIBkzp+tXa4omhl
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:23 2025 by rpki-client