Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/KgHfX8PgUHujJlamUxdNDxuzGBY.roa
File: KgHfX8PgUHujJlamUxdNDxuzGBY.roa (raw, json)
Hash identifier: 9HgypNEr8o0XefDwANw9ZK0xyEst73P1+bLIEq+VTj0=
Subject key identifier: 2A:01:DF:5F:C3:E0:50:7B:A3:26:56:A6:53:17:4D:0F:1B:B3:18:16
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 0192E1F5E5D7E5B5E8BF21BDFA9A121546F1
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/KgHfX8PgUHujJlamUxdNDxuzGBY.roa
Signing time: Thu 31 Oct 2024 09:44:01 +0000
ROA not before: Thu 31 Oct 2024 09:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8400
IP address blocks: 5.154.225.0/24 maxlen: 24
62.101.128.0/20 maxlen: 20
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
79.101.0.0/21 maxlen: 21
79.101.21.0/24 maxlen: 24
87.250.32.0/19 maxlen: 19
89.39.144.0/23 maxlen: 23
89.46.126.0/23 maxlen: 23
89.47.40.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.64.0/23 maxlen: 23
91.150.66.0/24 maxlen: 24
91.150.91.0/24 maxlen: 24
92.244.128.0/19 maxlen: 19
93.86.0.0/15 maxlen: 15
93.86.0.0/16 maxlen: 16
93.87.0.0/16 maxlen: 16
93.87.38.0/24 maxlen: 24
93.87.39.0/24 maxlen: 24
93.87.50.0/24 maxlen: 24
93.87.58.0/24 maxlen: 24
109.72.48.0/20 maxlen: 20
109.92.0.0/15 maxlen: 15
109.122.64.0/18 maxlen: 24
109.122.77.0/24 maxlen: 24
109.198.0.0/19 maxlen: 19
178.79.0.0/18 maxlen: 18
178.220.0.0/15 maxlen: 15
178.222.0.0/16 maxlen: 16
178.223.0.0/17 maxlen: 17
178.223.128.0/18 maxlen: 18
178.223.192.0/19 maxlen: 19
185.26.172.0/22 maxlen: 22
185.71.88.0/22 maxlen: 22
185.157.104.0/22 maxlen: 22
185.190.152.0/22 maxlen: 22
195.178.32.0/19 maxlen: 19
212.62.59.0/24 maxlen: 24
212.200.0.0/16 maxlen: 16
212.200.0.0/17 maxlen: 17
212.200.0.0/21 maxlen: 21
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
212.200.45.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.51.0/24 maxlen: 24
212.200.52.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
212.200.132.0/24 maxlen: 24
212.200.192.0/19 maxlen: 19
212.200.224.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.228.0/22 maxlen: 22
212.200.232.0/21 maxlen: 21
212.200.240.0/20 maxlen: 20
213.196.96.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
2a06:5b00::/29 maxlen: 29
2a06:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 31 Oct 2024 11:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:f5:e5:d7:e5:b5:e8:bf:21:bd:fa:9a:12:15:46:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Oct 31 09:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a01df5fc3e0507ba32656a653174d0f1bb31816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:64:97:e2:54:bb:23:7d:29:35:cc:05:b4:cc:
48:a6:3f:b7:36:e4:71:36:99:43:48:c2:38:61:ef:
e9:2b:00:89:70:80:99:b1:d4:f8:a5:aa:ad:c4:db:
b2:6a:e7:ea:44:ab:a4:b7:d5:d0:1f:24:bb:53:df:
12:bc:89:7d:ab:90:da:fb:1f:96:26:ba:f1:41:be:
19:f1:47:1a:00:09:89:8b:c5:5c:cc:f2:fa:79:35:
10:d1:24:79:11:0a:fe:6f:59:a0:b0:6f:d8:0e:02:
5a:d3:42:ca:19:2b:33:48:8e:85:d5:25:2a:2e:d3:
63:94:aa:f3:9f:f3:be:ee:53:d5:2e:a6:75:1f:f0:
15:29:e5:c1:47:a2:96:4c:73:be:88:41:82:1d:32:
0a:82:d0:2c:55:4f:c5:83:bb:dd:0a:89:5b:4f:ed:
aa:98:7b:83:4b:c0:7b:5b:28:e3:79:3a:d2:7e:95:
9f:6e:56:b6:f5:8a:ca:0f:26:92:cb:9c:c4:91:1f:
b2:67:99:90:99:d6:87:b6:1d:57:7e:97:7b:61:21:
a3:e4:c7:7e:35:73:f6:dc:23:27:c1:91:4d:11:67:
45:93:f3:52:f5:12:a3:c4:05:ad:3d:f8:6e:d0:f8:
cd:57:2e:fa:df:0b:2d:67:6e:a0:5e:71:31:54:8d:
f2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:01:DF:5F:C3:E0:50:7B:A3:26:56:A6:53:17:4D:0F:1B:B3:18:16
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/KgHfX8PgUHujJlamUxdNDxuzGBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
62.101.128.0/20
77.46.128.0/17
79.101.0.0/16
87.250.32.0/19
89.39.144.0/23
89.46.126.0/23
89.47.40.0/23
91.150.64.0/18
92.244.128.0/19
93.86.0.0/15
109.72.48.0/20
109.92.0.0/15
109.122.64.0/18
109.198.0.0/19
178.79.0.0/18
178.220.0.0-178.223.223.255
185.26.172.0/22
185.71.88.0/22
185.157.104.0/22
185.190.152.0/22
195.178.32.0/19
212.62.59.0/24
212.200.0.0/16
213.196.96.0/20
IPv6:
2a00:e90::/32
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
37:f8:c9:1d:cb:cc:e3:e9:ba:78:00:03:9e:c9:42:36:ce:c1:
bb:61:e9:82:5a:58:ae:37:c9:77:9a:2c:d6:2a:20:f9:3e:0e:
a1:c4:c3:93:a9:d3:e8:c5:f4:64:a9:d8:03:75:55:13:6d:c9:
83:cb:d7:e2:ae:5c:65:a1:57:31:e4:d6:28:0f:39:0f:08:e6:
57:43:48:29:95:b1:ac:54:a5:f0:c6:e2:d8:6f:ff:ea:7a:68:
4c:0d:4d:fd:d1:77:b7:90:29:7f:e8:e3:da:76:cf:15:80:a8:
4e:4a:95:98:84:7e:f7:db:9b:45:21:28:4a:4e:9d:69:19:c5:
4b:9e:f4:78:67:b8:ca:1e:cf:af:8b:7f:ab:95:0b:1b:90:64:
cc:18:bc:8e:70:60:53:b2:a0:10:1e:50:f0:a9:88:ed:3c:45:
1f:04:15:a4:2f:a2:bf:9e:1b:c3:f2:dd:ec:53:57:25:9c:64:
98:9f:8f:c5:de:0e:e2:39:e2:80:54:eb:e2:71:7a:cd:dc:5b:
44:d4:51:94:7c:e2:d0:b1:a5:39:57:00:62:fe:f4:86:a3:4b:
72:ba:44:f1:2d:9e:d8:a5:4b:af:a7:73:0e:fa:72:34:d8:32:
2d:e8:11:01:ab:9e:f7:db:ba:cd:4c:83:bb:14:e0:ea:f9:e1:
c6:8d:ca:09
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZLh9eXX5bXovyG9+poSFUbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQxMDMxMDk0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTAxZGY1ZmMzZTA1MDdiYTMyNjU2YTY1MzE3NGQwZjFiYjMxODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GSX4lS7I30pNcwFtMxIpj+3NuRx
NplDSMI4Ye/pKwCJcICZsdT4paqtxNuyaufqRKukt9XQHyS7U98SvIl9q5Da+x+W
JrrxQb4Z8UcaAAmJi8VczPL6eTUQ0SR5EQr+b1mgsG/YDgJa00LKGSszSI6F1SUq
LtNjlKrzn/O+7lPVLqZ1H/AVKeXBR6KWTHO+iEGCHTIKgtAsVU/Fg7vdColbT+2q
mHuDS8B7WyjjeTrSfpWfbla29YrKDyaSy5zEkR+yZ5mQmdaHth1Xfpd7YSGj5Md+
NXP23CMnwZFNEWdFk/NS9RKjxAWtPfhu0PjNVy763wstZ26gXnExVI3y1wIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFCoB31/D4FB7oyZWplMXTQ8bsxgWMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvS2dIZlg4UGdVSHVqSmxhbVV4ZE5EeHV6R0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBoAQCAAEwgZkDBAAF
muEDBAQ+ZYADBAdNLoADAwBPZQMEBVf6IAMEAVknkAMEAVkufgMEAVkvKAMEBluW
QAMEBVz0gAMDAV1WAwQEbUgwAwMBbVwDBAZtekADBAVtxgADBAayTwAwCwMDArLc
AwQFst/AAwQCuRqsAwQCuUdYAwQCuZ1oAwQCub6YAwQFw7IgAwQA1D47AwMA1MgD
BATVxGAwGwQCAAIwFQMFACoADpADBQMqBlsAAwUDKgZjwDANBgkqhkiG9w0BAQsF
AAOCAQEAN/jJHcvM4+m6eAADnslCNs7Bu2HpglpYrjfJd5os1iog+T4OocTDk6nT
6MX0ZKnYA3VVE23Jg8vX4q5cZaFXMeTWKA85DwjmV0NIKZWxrFSl8Mbi2G//6npo
TA1N/dF3t5Apf+jj2nbPFYCoTkqVmIR+99ubRSEoSk6daRnFS570eGe4yh7Pr4t/
q5ULG5BkzBi8jnBgU7KgEB5Q8KmI7TxFHwQVpC+iv54bw/Ld7FNXJZxkmJ+Pxd4O
4jnigFTr4nF6zdxbRNRRlHzi0LGlOVcAYv70hqNLcrpE8S2e2KVLr6dzDvpyNNgy
LegRAaue99u6zUyDuxTg6vnhxo3KCQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:29:38 2025 by rpki-client