Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/KEUHUR0HKG7I56F0lEz1r8DJ_t4.roa
File: KEUHUR0HKG7I56F0lEz1r8DJ_t4.roa (raw, json)
Hash identifier: 8MpHcpvrF4p7JzkfoKTOxRaKeduVHpR+LX6jF28qe/4=
Subject key identifier: 28:45:07:51:1D:07:28:6E:C8:E7:A1:74:94:4C:F5:AF:C0:C9:FE:DE
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0190D99E2830F3FBEC98F3522BBA48F0F4E8
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/KEUHUR0HKG7I56F0lEz1r8DJ_t4.roa
Signing time: Mon 22 Jul 2024 08:45:39 +0000
ROA not before: Mon 22 Jul 2024 08:45:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1257
IP address blocks: 192.71.180.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
193.181.2.0/24 maxlen: 24
193.234.87.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.103.24.0/22 maxlen: 24
194.132.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 08:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:9e:28:30:f3:fb:ec:98:f3:52:2b:ba:48:f0:f4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jul 22 08:45:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=284507511d07286ec8e7a174944cf5afc0c9fede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c2:bd:4e:f9:00:e7:6d:c5:0e:82:03:37:68:
a8:7f:66:bd:f0:1d:e6:4d:08:56:52:35:e1:38:d4:
8d:c9:6f:27:67:e0:b3:34:64:3b:6a:43:93:f5:a9:
86:e0:d3:63:c8:94:1d:ef:1f:aa:33:b4:71:43:50:
fc:9d:8b:7d:f2:d0:4f:fa:cc:7c:59:7b:3b:25:35:
df:7e:13:58:dc:77:31:4d:ac:b7:43:02:64:e2:be:
d5:53:18:9d:ac:3a:27:00:1c:ab:d3:02:72:ca:8a:
75:e5:83:dd:91:64:db:32:b9:e6:da:f8:0f:93:a6:
3b:54:df:81:d4:ed:a3:09:05:6d:bf:74:da:59:14:
fd:95:76:8f:fb:b5:3e:8f:de:67:27:14:11:28:92:
be:7d:86:6a:47:de:7c:78:e0:11:96:24:a1:ae:8a:
69:5d:b8:6e:ab:43:c2:36:98:cd:e6:e7:c0:9c:1a:
1e:3d:bb:87:85:9d:98:67:e4:0f:4e:84:30:28:da:
1a:eb:32:4c:f5:6d:09:6e:53:3d:54:dc:0b:01:ac:
68:52:8e:fe:4f:32:2c:e3:ef:6b:1e:31:98:76:de:
73:8e:84:3b:8d:30:08:9a:03:da:83:9b:97:a6:6f:
4c:f7:02:df:7e:b9:45:c4:44:cb:6a:8c:f6:33:da:
fc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:45:07:51:1D:07:28:6E:C8:E7:A1:74:94:4C:F5:AF:C0:C9:FE:DE
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/KEUHUR0HKG7I56F0lEz1r8DJ_t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.87.0/24
193.234.177.0/24
194.71.248.0/21
194.103.24.0/22
194.132.60.0/24
Signature Algorithm: sha256WithRSAEncryption
63:3c:75:68:f7:ee:57:29:83:10:38:c1:17:e8:e1:74:76:6b:
d5:55:f1:df:61:16:25:85:74:6f:17:52:71:51:95:1f:a4:5e:
43:68:38:ca:d3:5d:fa:5a:ea:40:64:dc:a0:10:eb:fb:c5:59:
12:a0:67:44:0e:bd:38:26:c7:5f:ef:17:27:32:84:85:b2:aa:
83:a5:f3:61:9c:cb:2d:f1:57:64:dd:8e:f0:fe:82:bd:d6:20:
15:7a:ea:5b:0d:ca:7f:52:86:9c:49:d9:59:24:73:69:b4:ea:
f9:ed:b9:d6:2b:b0:c0:87:60:56:22:5a:c6:46:b3:e5:8f:39:
80:55:3e:91:1b:da:56:da:c3:ef:86:e6:8b:3c:c9:4d:40:b1:
09:43:5e:98:d9:b3:c0:d4:f7:17:91:8d:dd:a3:65:9d:69:bb:
4b:23:12:89:be:18:7f:83:3e:91:82:ad:0b:49:69:91:7f:8c:
68:15:5a:b6:32:9c:22:15:af:e7:fe:2d:be:37:e5:73:73:2e:
ef:bb:4b:35:84:bf:31:ad:c3:5a:8d:47:39:ed:ab:92:ef:15:
e2:fd:ea:6a:28:61:f4:1c:20:ea:78:af:d8:bc:cb:9e:5c:44:
5c:c5:bf:b7:a7:ff:f9:2f:85:1a:a3:24:0c:73:b4:f2:9c:61:
1e:c0:1b:b2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZDZnigw8/vsmPNSK7pI8PToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNzIyMDg0NTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQ1MDc1MTFkMDcyODZlYzhlN2ExNzQ5NDRjZjVhZmMwYzlmZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcK9TvkA523FDoIDN2iof2a98B3m
TQhWUjXhONSNyW8nZ+CzNGQ7akOT9amG4NNjyJQd7x+qM7RxQ1D8nYt98tBP+sx8
WXs7JTXffhNY3HcxTay3QwJk4r7VUxidrDonAByr0wJyyop15YPdkWTbMrnm2vgP
k6Y7VN+B1O2jCQVtv3TaWRT9lXaP+7U+j95nJxQRKJK+fYZqR958eOARliShropp
Xbhuq0PCNpjN5ufAnBoePbuHhZ2YZ+QPToQwKNoa6zJM9W0JblM9VNwLAaxoUo7+
TzIs4+9rHjGYdt5zjoQ7jTAImgPag5uXpm9M9wLffrlFxETLaoz2M9r81wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFChFB1EdByhuyOehdJRM9a/Ayf7eMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvS0VVSFVSMEhLRzdJNTZGMGxFejFyOERKX3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAwepXAwQAweqxAwQDwkf4AwQC
wmcYAwQAwoQ8MA0GCSqGSIb3DQEBCwUAA4IBAQBjPHVo9+5XKYMQOMEX6OF0dmvV
VfHfYRYlhXRvF1JxUZUfpF5DaDjK0136WupAZNygEOv7xVkSoGdEDr04Jsdf7xcn
MoSFsqqDpfNhnMst8Vdk3Y7w/oK91iAVeupbDcp/UoacSdlZJHNptOr57bnWK7DA
h2BWIlrGRrPljzmAVT6RG9pW2sPvhuaLPMlNQLEJQ16Y2bPA1PcXkY3do2WdabtL
IxKJvhh/gz6Rgq0LSWmRf4xoFVq2MpwiFa/n/i2+N+Vzcy7vu0s1hL8xrcNajUc5
7auS7xXi/epqKGH0HCDqeK/YvMueXERcxb+3p//5L4UaoyQMc7TynGEewBuy
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:12 2025 by rpki-client