Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/KMthBgZ3Kj15wzZgJ6oURKO2Sc8.roa
File: KMthBgZ3Kj15wzZgJ6oURKO2Sc8.roa (raw, json)
Hash identifier: Odbnyt8w2uS/L8PY/QgNus36ms0vA4TnM00EmrtFJQg=
Subject key identifier: 28:CB:61:06:06:77:2A:3D:79:C3:36:60:27:AA:14:44:A3:B6:49:CF
Certificate issuer: /CN=deb046b6e309e9a866522c2a40c66ffc42fbb843
Certificate serial: 018CC94AB6643B138F816C15200BB7D70EB5
Authority key identifier: DE:B0:46:B6:E3:09:E9:A8:66:52:2C:2A:40:C6:6F:FC:42:FB:B8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/KMthBgZ3Kj15wzZgJ6oURKO2Sc8.roa
Signing time: Tue 02 Jan 2024 08:29:25 +0000
ROA not before: Tue 02 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24713
IP address blocks: 80.248.160.0/20 maxlen: 20
81.22.160.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:b6:64:3b:13:8f:81:6c:15:20:0b:b7:d7:0e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=deb046b6e309e9a866522c2a40c66ffc42fbb843
Validity
Not Before: Jan 2 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28cb610606772a3d79c3366027aa1444a3b649cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:dc:ed:3b:fb:c0:75:c7:32:2c:39:7e:20:
e9:ff:2e:09:47:93:83:ac:c8:1d:02:f0:ac:4e:bc:
34:f1:8a:58:f0:5f:e8:90:d1:f1:4f:a3:84:c3:81:
8d:5e:c9:86:c8:19:da:ad:6c:79:a8:c7:b2:2d:b3:
6f:4d:95:04:cc:f0:c4:1e:36:ba:b3:23:30:d0:6d:
b4:aa:d8:14:62:eb:ce:ff:67:37:9d:3c:3f:6f:82:
e4:e9:3e:1a:a0:1a:e9:d3:4b:d6:9f:1b:af:b2:b1:
08:64:1a:bc:5c:c6:c7:d4:84:ea:1e:be:1b:8f:ad:
01:17:af:cf:53:c9:3e:4d:c8:0d:16:f7:27:a3:90:
8b:3b:d4:ba:bf:f5:b1:f4:b4:d9:35:16:76:ef:36:
df:0f:4d:6f:3b:f5:ee:2d:74:4a:b0:6f:9b:b6:f9:
20:59:54:63:2b:dd:7d:54:76:86:25:3a:71:b4:21:
54:de:22:1f:0d:90:f3:da:7e:b7:2c:60:9a:d0:16:
8c:79:f5:05:01:46:67:00:50:90:99:7b:65:f7:05:
43:69:0c:de:77:10:17:db:ea:0e:a7:fc:d7:95:69:
d4:8f:7f:e4:85:81:92:f0:67:8e:60:2f:d8:53:0c:
c2:4d:64:24:d9:e0:12:e1:e3:49:c3:1a:1c:d0:33:
cc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CB:61:06:06:77:2A:3D:79:C3:36:60:27:AA:14:44:A3:B6:49:CF
X509v3 Authority Key Identifier:
keyid:DE:B0:46:B6:E3:09:E9:A8:66:52:2C:2A:40:C6:6F:FC:42:FB:B8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/KMthBgZ3Kj15wzZgJ6oURKO2Sc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.160.0/20
81.22.160.0/20
Signature Algorithm: sha256WithRSAEncryption
16:e9:d3:38:99:ca:d5:dd:8b:ff:81:e9:1b:a9:e6:63:aa:c4:
7e:fa:2f:62:a9:dd:2e:ab:b0:23:31:cf:4a:fc:53:ce:56:90:
92:69:8c:2d:49:11:78:a6:36:29:b7:46:aa:77:fe:b5:67:8d:
fe:fc:f0:f8:04:a6:7f:a7:a9:de:b3:09:f2:25:ef:14:bc:06:
bf:03:23:f6:65:5d:c7:25:54:5f:c3:d8:9c:de:95:30:05:34:
5d:52:02:88:99:63:97:0c:70:26:6e:b6:b9:15:6d:a8:a6:91:
f0:dd:47:48:22:0f:6e:2e:5c:dc:5d:83:ef:ff:c6:6c:d1:a2:
db:96:e0:7d:4e:62:47:74:98:bb:61:b7:b4:07:35:82:a0:c4:
2b:92:ce:1a:49:23:6c:ed:d5:43:09:c7:2c:17:46:0c:90:67:
6a:62:c2:df:de:70:4d:bf:55:8e:c0:62:4d:33:42:b4:81:8c:
7c:e5:35:f8:c8:3a:70:1b:16:b0:c1:1c:37:ea:15:4b:38:d2:
86:86:fb:d9:d9:71:24:f6:5b:c9:80:34:79:e6:01:01:bd:5b:
d8:3b:f8:a5:c7:04:89:3c:38:2c:cd:b3:0d:16:a9:9a:07:c9:
59:6b:48:19:3c:41:df:30:b3:33:30:c3:e4:4a:b6:66:57:95:
dc:67:e6:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJSrZkOxOPgWwVIAu31w61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYjA0NmI2ZTMwOWU5YTg2NjUyMmMyYTQwYzY2ZmZjNDJm
YmI4NDMwHhcNMjQwMTAyMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNiNjEwNjA2NzcyYTNkNzljMzM2NjAyN2FhMTQ0NGEzYjY0OWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ3c7Tv7wHXHMiw5fiDp/y4JR5OD
rMgdAvCsTrw08YpY8F/okNHxT6OEw4GNXsmGyBnarWx5qMeyLbNvTZUEzPDEHja6
syMw0G20qtgUYuvO/2c3nTw/b4Lk6T4aoBrp00vWnxuvsrEIZBq8XMbH1ITqHr4b
j60BF6/PU8k+TcgNFvcno5CLO9S6v/Wx9LTZNRZ27zbfD01vO/XuLXRKsG+btvkg
WVRjK919VHaGJTpxtCFU3iIfDZDz2n63LGCa0BaMefUFAUZnAFCQmXtl9wVDaQze
dxAX2+oOp/zXlWnUj3/khYGS8GeOYC/YUwzCTWQk2eAS4eNJwxoc0DPMQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCjLYQYGdyo9ecM2YCeqFESjtknPMB8GA1UdIwQY
MBaAFN6wRrbjCemoZlIsKkDGb/xC+7hDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3JCR3R1TUo2YWhtVWl3cVFNWnZfRUw3dUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kMjRiYzItNDJmMy00NmQ5LWJkZDkt
MWM5NDkyMjQ1Y2FiLzEvS010aEJnWjNLajE1d3paZ0o2b1VSS08yU2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kMjRiYzItNDJmMy00NmQ5LWJkZDktMWM5NDkyMjQ1Y2Fi
LzEvM3JCR3R1TUo2YWhtVWl3cVFNWnZfRUw3dUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUPigAwQE
URagMA0GCSqGSIb3DQEBCwUAA4IBAQAW6dM4mcrV3Yv/gekbqeZjqsR++i9iqd0u
q7AjMc9K/FPOVpCSaYwtSRF4pjYpt0aqd/61Z43+/PD4BKZ/p6neswnyJe8UvAa/
AyP2ZV3HJVRfw9ic3pUwBTRdUgKImWOXDHAmbra5FW2oppHw3UdIIg9uLlzcXYPv
/8Zs0aLbluB9TmJHdJi7Ybe0BzWCoMQrks4aSSNs7dVDCccsF0YMkGdqYsLf3nBN
v1WOwGJNM0K0gYx85TX4yDpwGxawwRw36hVLONKGhvvZ2XEk9lvJgDR55gEBvVvY
O/ilxwSJPDgszbMNFqmaB8lZa0gZPEHfMLMzMMPkSrZmV5XcZ+Yf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:08 2025 by rpki-client