Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/_KKUgnWP_97hmCxDTjGnyx9J0VE.roa
File: _KKUgnWP_97hmCxDTjGnyx9J0VE.roa (raw, json)
Hash identifier: wPyV5CYuMSkVZu5QSS8w5N1yD9NKVNbd5SNu6PgK2uo=
Subject key identifier: FC:A2:94:82:75:8F:FF:DE:E1:98:2C:43:4E:31:A7:CB:1F:49:D1:51
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018E32BC9B37DC7BA9CCB9FFC497F59014B8
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/_KKUgnWP_97hmCxDTjGnyx9J0VE.roa
Signing time: Tue 12 Mar 2024 12:56:45 +0000
ROA not before: Tue 12 Mar 2024 12:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 08:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:bc:9b:37:dc:7b:a9:cc:b9:ff:c4:97:f5:90:14:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 12 12:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fca29482758fffdee1982c434e31a7cb1f49d151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e1:b0:33:67:0a:ce:5d:e5:ee:c3:e7:26:ca:
86:a9:d2:4b:f1:a5:39:79:4a:21:ef:c7:8e:3c:f6:
3a:f1:c9:a2:c6:47:1e:93:6d:ec:48:0d:dc:8c:e8:
66:56:cc:71:f4:71:d3:bb:8c:05:06:ff:aa:b6:e5:
1e:a0:8f:64:21:73:e6:f7:d9:1b:5f:ea:90:7c:85:
86:8e:bc:fd:7e:86:f2:0a:71:21:f9:50:8b:26:3d:
c5:04:48:20:bb:c5:cc:48:2f:6a:78:70:7f:e9:ca:
51:18:cb:78:4f:ad:b6:4d:62:f6:0e:81:07:10:e6:
b2:9d:5a:ae:0f:f9:d1:0e:7c:67:b3:5d:78:70:61:
3a:ff:7a:72:14:7c:84:45:0e:9b:89:94:42:0b:5d:
7c:83:91:cc:3d:06:89:1e:0b:f5:01:f2:ae:a0:e0:
ac:99:fd:a8:4f:46:32:87:91:d4:d4:e5:c0:c3:42:
e5:92:21:61:be:ed:3a:35:a1:58:54:8d:62:2c:79:
46:90:39:45:fc:ec:f6:f7:fe:30:4d:07:00:6c:c9:
70:b5:75:8f:6e:aa:bb:a5:56:dd:6b:6c:dc:bd:1e:
fb:c3:20:60:d1:49:e6:71:28:47:b3:15:36:7d:95:
1b:68:86:4a:1a:80:93:f3:62:bb:ea:de:5d:40:06:
78:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A2:94:82:75:8F:FF:DE:E1:98:2C:43:4E:31:A7:CB:1F:49:D1:51
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/_KKUgnWP_97hmCxDTjGnyx9J0VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/22
78.159.128.0/23
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0-91.92.35.255
91.92.40.0/21
91.92.49.0-91.92.53.255
93.152.205.0-93.152.227.255
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c1:3a:6d:0e:27:0c:1e:ab:5f:5a:cd:0e:a7:8e:77:8c:31:
65:8b:33:e5:ba:0b:c4:59:87:98:21:24:79:cc:88:1d:a8:6d:
5e:25:9c:94:2a:a0:94:cc:fd:1a:68:59:53:e9:ad:6f:a2:bb:
f3:1f:56:d1:b4:e7:6f:d6:88:92:ac:5f:cf:67:c0:f1:22:12:
8f:9a:34:53:c3:cb:fa:d4:a7:cc:57:a6:c7:4a:76:28:6f:17:
3e:07:57:42:46:35:d6:30:9b:9f:55:fe:bc:79:9d:23:0c:4a:
9b:21:c8:4c:24:2c:e7:7f:5c:50:d1:d9:3b:1c:05:a3:4b:a3:
0d:01:d4:b5:35:03:12:fe:00:d0:5b:75:63:61:22:b0:75:4c:
b7:6e:11:dc:68:e3:62:b1:0a:09:f0:83:4f:fa:38:49:a6:2a:
15:48:56:34:b4:63:78:ff:e6:53:39:ae:ad:0f:05:90:b7:12:
28:e1:35:9b:b0:a0:1d:ee:d7:9a:de:ed:c9:af:38:58:cc:7b:
a7:fb:51:c7:8c:2d:51:c2:98:49:23:42:78:ab:05:dd:86:c8:
72:3c:29:5d:1c:a3:a9:7f:89:2d:aa:9e:03:b1:03:12:eb:2e:
dd:86:33:c0:f4:54:fc:a3:0e:5b:a4:a7:24:30:9c:8d:f4:e9:
85:90:a3:3d
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAY4yvJs33HupzLn/xJf1kBS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMzEyMTI1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2EyOTQ4Mjc1OGZmZmRlZTE5ODJjNDM0ZTMxYTdjYjFmNDlkMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleGwM2cKzl3l7sPnJsqGqdJL8aU5
eUoh78eOPPY68cmixkcek23sSA3cjOhmVsxx9HHTu4wFBv+qtuUeoI9kIXPm99kb
X+qQfIWGjrz9fobyCnEh+VCLJj3FBEggu8XMSC9qeHB/6cpRGMt4T622TWL2DoEH
EOaynVquD/nRDnxns114cGE6/3pyFHyERQ6biZRCC118g5HMPQaJHgv1AfKuoOCs
mf2oT0Yyh5HU1OXAw0LlkiFhvu06NaFYVI1iLHlGkDlF/Oz29/4wTQcAbMlwtXWP
bqq7pVbda2zcvR77wyBg0UnmcShHsxU2fZUbaIZKGoCT82K76t5dQAZ4GQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFPyilIJ1j//e4ZgsQ04xp8sfSdFRMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvX0tLVWduV1BfOTdobUN4RFRqR255eDlKMFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIt
jegDBAFOn4ADBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmDAMAwQAW1whAwQCW1wg
AwQDW1woMAwDBABbXDEDBAFbXDQwDAMEAF2YzQMEAl2Y4AMEAF2Y5gMEAV4aHAME
Al4aTDAMAwQAXhpZAwQAXhpaAwQAXr7DAwQBuWD8AwQAuWD/AwQA1GZpAwQA1GZr
MA0GCSqGSIb3DQEBCwUAA4IBAQBVwTptDicMHqtfWs0Op453jDFlizPlugvEWYeY
ISR5zIgdqG1eJZyUKqCUzP0aaFlT6a1vorvzH1bRtOdv1oiSrF/PZ8DxIhKPmjRT
w8v61KfMV6bHSnYobxc+B1dCRjXWMJufVf68eZ0jDEqbIchMJCznf1xQ0dk7HAWj
S6MNAdS1NQMS/gDQW3VjYSKwdUy3bhHcaONisQoJ8INP+jhJpioVSFY0tGN4/+ZT
Oa6tDwWQtxIo4TWbsKAd7tea3u3JrzhYzHun+1HHjC1RwphJI0J4qwXdhshyPCld
HKOpf4ktqp4DsQMS6y7dhjPA9FT8ow5bpKckMJyN9OmFkKM9
-----END CERTIFICATE-----
Generated at Wed Apr 17 12:33:48 2024 by rpki-client on console-ams.rpki-client.org