Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/knbamKZXoWU4nxoVV3WlItUZafQ.roa
File: knbamKZXoWU4nxoVV3WlItUZafQ.roa (raw, json)
Hash identifier: RgiVS91f7ab0JyEhR0Ixq0VxpCNCqhFHZbSxYHeS+BY=
Subject key identifier: 92:76:DA:98:A6:57:A1:65:38:9F:1A:15:57:75:A5:22:D5:19:69:F4
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 01906373E6F1525194A26A857A1C640DC478
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/knbamKZXoWU4nxoVV3WlItUZafQ.roa
Signing time: Sat 29 Jun 2024 10:04:18 +0000
ROA not before: Sat 29 Jun 2024 10:04:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 86.111.224.0/24 maxlen: 24
86.111.225.0/24 maxlen: 24
86.111.226.0/24 maxlen: 24
86.111.227.0/24 maxlen: 24
86.111.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 15:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:63:73:e6:f1:52:51:94:a2:6a:85:7a:1c:64:0d:c4:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jun 29 10:04:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9276da98a657a165389f1a155775a522d51969f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:35:e8:59:e4:f5:0c:48:95:d0:fe:cf:d4:03:
59:9e:6a:ae:a6:a3:75:52:bf:14:0f:d9:32:a5:f0:
23:24:cc:0a:16:28:50:83:49:9d:c9:b0:12:8d:d0:
ad:b3:a4:5e:3e:da:db:91:7f:07:a8:2d:29:26:e5:
91:33:71:74:20:85:b0:2d:80:cb:a9:10:49:1b:fd:
5c:13:c1:1c:07:91:37:dc:41:d7:3c:72:60:80:14:
a1:3a:65:a8:b0:7c:7a:c4:06:04:ec:7d:f1:86:17:
44:7b:b0:be:36:f6:bf:ea:a2:3e:e7:63:6a:ef:ee:
7e:b3:d9:4c:54:d8:07:26:61:1b:b5:37:e8:0c:98:
92:c0:4a:c6:02:b1:c1:fc:81:47:f9:11:8d:00:e8:
b5:ac:a4:2b:c5:09:cf:cd:e9:4d:8f:87:a8:9a:b0:
f3:2b:41:94:cb:c1:66:93:70:3f:93:8d:48:e5:74:
02:e3:1d:1f:51:c0:29:9f:79:c5:34:ef:43:98:42:
4d:8b:44:ed:95:c1:6f:5b:ed:bd:df:76:52:ca:80:
bb:3d:fa:74:92:d9:75:f6:46:8e:f6:ef:f2:30:1b:
ef:84:ba:f5:5d:41:5a:87:08:87:8c:a8:46:42:30:
44:b0:2c:bf:a4:41:1c:f9:4b:d0:17:3b:43:6b:0d:
2a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:76:DA:98:A6:57:A1:65:38:9F:1A:15:57:75:A5:22:D5:19:69:F4
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/knbamKZXoWU4nxoVV3WlItUZafQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.224.0/22
86.111.229.0/24
Signature Algorithm: sha256WithRSAEncryption
46:e2:e6:c6:14:aa:51:b1:87:32:cb:8d:b8:5c:76:59:9c:9b:
68:ed:49:0b:38:7f:b8:71:15:14:e1:84:4f:c4:a4:4d:57:ac:
1a:50:c0:30:38:04:85:83:f9:2f:fd:23:e3:bb:eb:6d:ef:a0:
77:f7:70:06:e9:06:8d:85:60:3d:8a:84:7e:89:9d:3b:81:f7:
3d:d2:83:cd:85:49:8d:f9:14:f4:0b:96:8a:fe:7d:4e:18:46:
34:f8:dd:c1:cf:92:96:29:b8:22:f2:6b:16:8e:ac:dd:c3:9f:
40:45:d0:e2:45:6f:57:ac:08:e2:6d:b8:66:dd:00:30:c1:b4:
98:db:d3:ea:d4:69:5e:23:0d:8c:9e:1c:ef:17:35:ca:c5:6a:
ac:02:84:63:d5:e8:70:1c:60:23:3e:c8:eb:89:e5:16:a9:d4:
da:13:1f:83:ae:4c:2e:fc:5f:f8:9d:91:6c:79:d0:e2:de:a1:
2e:27:83:0f:ab:bf:53:16:57:ea:71:a5:e4:1b:a4:b8:60:1f:
1e:1f:0d:0f:5b:df:4d:97:f6:eb:a2:72:8e:0a:ff:9d:b6:87:
88:27:c4:70:3d:47:ac:a9:40:45:69:19:9a:e4:4f:59:70:fb:
a7:42:a7:28:f7:7c:ca:ef:23:81:47:d6:b4:22:d9:7c:ea:42:
6e:f3:ba:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBjc+bxUlGUomqFehxkDcR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwNjI5MTAwNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc2ZGE5OGE2NTdhMTY1Mzg5ZjFhMTU1Nzc1YTUyMmQ1MTk2OWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzXoWeT1DEiV0P7P1ANZnmqupqN1
Ur8UD9kypfAjJMwKFihQg0mdybASjdCts6RePtrbkX8HqC0pJuWRM3F0IIWwLYDL
qRBJG/1cE8EcB5E33EHXPHJggBShOmWosHx6xAYE7H3xhhdEe7C+Nva/6qI+52Nq
7+5+s9lMVNgHJmEbtTfoDJiSwErGArHB/IFH+RGNAOi1rKQrxQnPzelNj4eomrDz
K0GUy8Fmk3A/k41I5XQC4x0fUcApn3nFNO9DmEJNi0TtlcFvW+2933ZSyoC7Pfp0
ktl19kaO9u/yMBvvhLr1XUFahwiHjKhGQjBEsCy/pEEc+UvQFztDaw0qKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJJ22pimV6FlOJ8aFVd1pSLVGWn0MB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEva25iYW1LWlhvV1U0bnhvVlYzV2xJdFVaYWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVm/gAwQA
Vm/lMA0GCSqGSIb3DQEBCwUAA4IBAQBG4ubGFKpRsYcyy424XHZZnJto7UkLOH+4
cRUU4YRPxKRNV6waUMAwOASFg/kv/SPju+tt76B393AG6QaNhWA9ioR+iZ07gfc9
0oPNhUmN+RT0C5aK/n1OGEY0+N3Bz5KWKbgi8msWjqzdw59ARdDiRW9XrAjibbhm
3QAwwbSY29Pq1GleIw2MnhzvFzXKxWqsAoRj1ehwHGAjPsjrieUWqdTaEx+Drkwu
/F/4nZFsedDi3qEuJ4MPq79TFlfqcaXkG6S4YB8eHw0PW99Nl/bronKOCv+dtoeI
J8RwPUesqUBFaRma5E9ZcPunQqco93zK7yOBR9a0Itl86kJu87q5
-----END CERTIFICATE-----
Generated at Wed Jul 17 19:33:29 2024 by rpki-client on console-fra.rpki-client.org