Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/KeR4lfn_kkEWxt2JiEF8zfqRDOA.roa
File: KeR4lfn_kkEWxt2JiEF8zfqRDOA.roa (raw, json)
Hash identifier: 4fSk7ziwDAxXwAWpIvejCLEotXmKjrTFzYuHayGt6dI=
Subject key identifier: 29:E4:78:95:F9:FF:92:41:16:C6:DD:89:88:41:7C:CD:FA:91:0C:E0
Certificate issuer: /CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Certificate serial: 018CC2DB1BEAA919E94C6AEF51C32941178B
Authority key identifier: 8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/KeR4lfn_kkEWxt2JiEF8zfqRDOA.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29600
IP address blocks: 80.70.29.0/24 maxlen: 24
80.70.28.0/24 maxlen: 24
95.131.112.0/21 maxlen: 21
83.136.136.0/24 maxlen: 24
83.136.136.0/21 maxlen: 21
80.70.16.0/20 maxlen: 20
85.15.193.0/24 maxlen: 24
85.15.192.0/18 maxlen: 18
80.70.19.0/24 maxlen: 24
2a01:a880::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1b:ea:a9:19:e9:4c:6a:ef:51:c3:29:41:17:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29e47895f9ff924116c6dd8988417ccdfa910ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:45:a4:b6:af:4d:5a:e0:31:4c:84:97:e6:4a:
93:82:1b:33:3e:ac:d2:cb:99:b2:86:14:5a:5b:0b:
2e:2f:84:e0:79:58:21:b2:69:7a:de:a1:09:27:bc:
c2:4d:18:6d:6a:94:b7:3e:30:a5:94:5e:f0:4e:4a:
e4:7f:d3:23:23:18:58:cb:43:06:28:03:37:09:b7:
c5:65:54:2a:67:f7:9b:b2:4d:78:b1:5c:ab:24:f6:
a6:81:0a:81:35:92:f0:e5:7c:6e:d1:d1:79:e4:9b:
91:73:01:43:c6:68:83:62:83:f5:2e:50:82:e4:87:
d9:a1:e6:e3:e9:30:8d:ff:40:2e:3a:47:8c:fe:62:
72:b0:77:bd:54:f3:5f:2d:a2:b9:40:d2:d3:43:b3:
06:0b:4a:a8:87:7c:41:97:2a:cb:88:c4:4f:22:a0:
06:5a:61:21:81:e3:3d:e3:1d:65:a2:2e:7e:ce:27:
ae:64:e4:06:8e:3b:0f:ea:06:bb:9f:93:5c:a8:c4:
e9:56:cb:c4:99:16:a0:cb:e1:cf:6f:00:82:a4:74:
82:ee:8a:02:a3:d4:e0:29:e3:18:05:34:1f:55:ac:
a2:14:93:7b:16:bd:49:25:c9:bf:5c:da:02:21:23:
dc:2a:63:89:7f:87:4a:53:9c:e6:0d:c7:fb:76:80:
4c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E4:78:95:F9:FF:92:41:16:C6:DD:89:88:41:7C:CD:FA:91:0C:E0
X509v3 Authority Key Identifier:
keyid:8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/KeR4lfn_kkEWxt2JiEF8zfqRDOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.16.0/20
83.136.136.0/21
85.15.192.0/18
95.131.112.0/21
IPv6:
2a01:a880::/29
Signature Algorithm: sha256WithRSAEncryption
5a:67:a3:f3:91:53:45:7a:16:0e:e2:de:23:54:63:93:00:12:
a7:67:57:b5:58:43:6c:54:82:15:cb:f1:44:5d:53:0b:ce:ee:
2c:b7:f0:d9:40:58:34:7d:26:92:1d:d1:f0:e8:5f:b9:7c:cf:
ba:44:4f:67:90:32:46:11:1c:e4:da:0d:1b:01:82:15:63:34:
e3:03:a8:77:a5:43:ea:f8:73:5a:20:e0:cf:1f:52:28:c6:2b:
7a:b2:74:a1:23:f8:e4:e5:41:f9:41:a4:a8:89:46:3e:92:83:
cf:6d:0c:3a:cc:7f:ee:cf:30:df:bc:28:07:0e:52:99:7e:40:
9e:d4:95:32:d3:12:c7:e6:04:97:c6:c7:00:84:4b:e7:18:b8:
2b:02:de:e8:0a:fa:d8:cf:6d:4e:75:82:26:6b:c6:0c:86:5e:
f7:cd:14:bc:70:1b:72:13:48:33:41:1d:b7:2f:4e:5a:b3:ee:
c0:54:bb:02:08:3c:03:4e:96:ed:71:c6:2a:e7:a6:a0:61:d2:
48:b6:fa:35:28:f0:4f:65:38:8b:ba:db:29:f5:5e:b4:ff:e7:
66:0b:38:4c:cb:cf:7b:9d:52:ab:bd:56:74:36:31:a8:00:8c:
73:4f:0a:86:9c:e3:f1:b6:82:92:59:21:ff:8c:ab:93:79:f0:
30:11:b1:b9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC2xvqqRnpTGrvUcMpQReLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTc1MjI1ZjM4NmNlOTgwMTE5ZjY5ODg0ZjliZTdjNmEy
YjNiMzMwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWU0Nzg5NWY5ZmY5MjQxMTZjNmRkODk4ODQxN2NjZGZhOTEwY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUWktq9NWuAxTISX5kqTghszPqzS
y5myhhRaWwsuL4TgeVghsml63qEJJ7zCTRhtapS3PjCllF7wTkrkf9MjIxhYy0MG
KAM3CbfFZVQqZ/ebsk14sVyrJPamgQqBNZLw5Xxu0dF55JuRcwFDxmiDYoP1LlCC
5IfZoebj6TCN/0AuOkeM/mJysHe9VPNfLaK5QNLTQ7MGC0qoh3xBlyrLiMRPIqAG
WmEhgeM94x1loi5+zieuZOQGjjsP6ga7n5NcqMTpVsvEmRagy+HPbwCCpHSC7ooC
o9TgKeMYBTQfVayiFJN7Fr1JJcm/XNoCISPcKmOJf4dKU5zmDcf7doBMsQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCnkeJX5/5JBFsbdiYhBfM36kQzgMB8GA1UdIwQY
MBaAFI8XUiXzhs6YARn2mIT5vnxqKzszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjct
NjFiNzcyZDc1MWVjLzEvS2VSNGxmbl9ra0VXeHQySmlFRjh6ZnFSRE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjctNjFiNzcyZDc1MWVj
LzEvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEYQAwQD
U4iIAwQGVQ/AAwQDX4NwMA0EAgACMAcDBQMqAaiAMA0GCSqGSIb3DQEBCwUAA4IB
AQBaZ6PzkVNFehYO4t4jVGOTABKnZ1e1WENsVIIVy/FEXVMLzu4st/DZQFg0fSaS
HdHw6F+5fM+6RE9nkDJGERzk2g0bAYIVYzTjA6h3pUPq+HNaIODPH1Ioxit6snSh
I/jk5UH5QaSoiUY+koPPbQw6zH/uzzDfvCgHDlKZfkCe1JUy0xLH5gSXxscAhEvn
GLgrAt7oCvrYz21OdYIma8YMhl73zRS8cBtyE0gzQR23L05as+7AVLsCCDwDTpbt
ccYq56agYdJItvo1KPBPZTiLutsp9V60/+dmCzhMy897nVKrvVZ0NjGoAIxzTwqG
nOPxtoKSWSH/jKuTefAwEbG5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:11 2025 by rpki-client