Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/KMsGy0IarEkXFiV9DiH0grEMTzU.roa
File: KMsGy0IarEkXFiV9DiH0grEMTzU.roa (raw, json)
Hash identifier: lWDmWE6eKqdCmoE2glT7578sB7NWjiRLGnbj3hgJMFE=
Subject key identifier: 28:CB:06:CB:42:1A:AC:49:17:16:25:7D:0E:21:F4:82:B1:0C:4F:35
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018DBB433B0155E9E280D34942B653141AF3
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/KMsGy0IarEkXFiV9DiH0grEMTzU.roa
Signing time: Sun 18 Feb 2024 08:09:21 +0000
ROA not before: Sun 18 Feb 2024 08:09:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
46.41.159.0/24 maxlen: 24
46.242.128.0/17 maxlen: 17
46.242.144.0/24 maxlen: 24
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
89.161.128.0/17 maxlen: 17
89.161.253.0/24 maxlen: 24
89.161.254.0/24 maxlen: 24
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.244.0/24 maxlen: 24
188.128.255.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
212.85.96.0/24 maxlen: 24
2a02:25a8::/29 maxlen: 29
2a02:25a8::/32 maxlen: 32
2a02:25a8:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 18 Feb 2024 22:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:43:3b:01:55:e9:e2:80:d3:49:42:b6:53:14:1a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Feb 18 08:09:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28cb06cb421aac491716257d0e21f482b10c4f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:9c:f9:ca:71:bf:74:37:d5:f0:27:3b:9f:
4f:0b:07:3d:e9:20:54:57:ea:88:28:32:cf:bf:26:
17:84:65:6f:35:b8:69:63:ae:14:8e:0a:4a:d5:de:
41:08:ed:ef:14:23:47:1a:bf:ed:7a:7c:3c:22:ca:
13:de:37:99:dc:39:8e:8e:ee:aa:58:2a:6c:9e:89:
3c:b7:97:f5:bd:bb:70:dd:8a:77:84:b7:db:9d:4c:
da:6c:af:7f:ed:ac:05:61:6f:5a:28:64:59:20:85:
4a:bb:13:9d:59:59:e5:12:d0:4f:b9:e8:40:ff:08:
fa:07:0f:8a:fd:7c:c6:99:23:f4:ac:c9:18:3b:e0:
90:f0:bc:53:67:56:ca:df:e5:38:8a:87:eb:88:27:
8d:cd:4a:33:d4:e3:5b:86:74:b8:d0:d6:3a:50:a6:
48:32:d9:09:62:f6:8e:6e:bc:fb:cf:fe:72:92:46:
38:06:b0:33:e6:12:4a:8d:b0:fa:71:16:1f:5e:7e:
63:97:9d:0e:40:9f:22:7b:87:fa:bf:03:1a:5d:53:
88:56:98:ae:9d:b5:4f:53:9a:b6:84:50:72:b6:90:
15:5b:6f:52:a0:2f:07:25:2e:02:71:c8:5d:14:15:
ad:d9:8b:9b:e0:b4:0d:d6:17:a7:4a:12:26:a7:1b:
2c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CB:06:CB:42:1A:AC:49:17:16:25:7D:0E:21:F4:82:B1:0C:4F:35
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/KMsGy0IarEkXFiV9DiH0grEMTzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
41:26:69:77:e5:0e:92:62:3f:1b:92:c5:7f:ba:13:f3:5b:53:
ca:b4:b5:40:9a:82:6a:9d:9f:42:03:c0:21:5a:23:d7:1f:ef:
ce:98:a9:df:71:47:89:10:2d:9d:4b:19:92:9e:c6:72:08:54:
23:d2:68:7d:cb:b9:82:e6:0e:21:d3:a7:66:86:9a:1c:db:35:
16:57:b0:df:69:10:26:5f:70:1f:d1:69:50:06:ef:35:4b:9b:
23:e0:61:55:e9:b3:10:b4:63:81:32:f8:2a:0c:e3:a7:24:ff:
43:5f:bb:a3:22:d3:7c:2a:5b:bd:f2:ad:98:d6:10:cf:5a:92:
8c:45:e7:ba:21:18:46:44:ef:0d:41:f0:57:cf:f4:b7:74:a2:
31:2f:b9:13:86:58:c0:0b:0d:a2:a7:bc:47:00:08:b6:78:f8:
68:5b:eb:d3:8e:17:e1:99:d6:80:dd:f6:0c:2a:7e:ee:28:8d:
b0:99:69:3e:a2:43:f6:51:3e:04:01:e5:20:be:6b:1c:49:0e:
66:b2:0b:a5:fb:05:7f:42:6d:a9:b2:c0:60:f9:27:83:a0:cf:
14:b2:60:7b:d3:ba:b2:50:a9:b7:14:b5:b5:52:82:f6:db:f9:
68:16:d9:7e:b3:f6:f5:16:15:1f:38:c2:2c:38:b6:d0:f9:39:
d3:d1:1f:f0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY27QzsBVenigNNJQrZTFBrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMjE4MDgwOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNiMDZjYjQyMWFhYzQ5MTcxNjI1N2QwZTIxZjQ4MmIxMGM0ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplec+cpxv3Q31fAnO59PCwc96SBU
V+qIKDLPvyYXhGVvNbhpY64UjgpK1d5BCO3vFCNHGr/tenw8IsoT3jeZ3DmOju6q
WCpsnok8t5f1vbtw3Yp3hLfbnUzabK9/7awFYW9aKGRZIIVKuxOdWVnlEtBPuehA
/wj6Bw+K/XzGmSP0rMkYO+CQ8LxTZ1bK3+U4iofriCeNzUoz1ONbhnS40NY6UKZI
MtkJYvaObrz7z/5ykkY4BrAz5hJKjbD6cRYfXn5jl50OQJ8ie4f6vwMaXVOIVpiu
nbVPU5q2hFBytpAVW29SoC8HJS4CcchdFBWt2Yub4LQN1henShImpxssaQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCjLBstCGqxJFxYlfQ4h9IKxDE81MB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvS01zR3kwSWFyRWtYRmlWOURpSDBnckVNVHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGLimAAwQH
LvKAAwQGPoHAAwMAT2ADBAdZoYADBAe8gIADBAXUVWAwDQQCAAIwBwMFAyoCJagw
DQYJKoZIhvcNAQELBQADggEBAEEmaXflDpJiPxuSxX+6E/NbU8q0tUCagmqdn0ID
wCFaI9cf786Yqd9xR4kQLZ1LGZKexnIIVCPSaH3LuYLmDiHTp2aGmhzbNRZXsN9p
ECZfcB/RaVAG7zVLmyPgYVXpsxC0Y4Ey+CoM46ck/0Nfu6Mi03wqW73yrZjWEM9a
koxF57ohGEZE7w1B8FfP9Ld0ojEvuROGWMALDaKnvEcACLZ4+Ghb69OOF+GZ1oDd
9gwqfu4ojbCZaT6iQ/ZRPgQB5SC+axxJDmayC6X7BX9CbamywGD5J4OgzxSyYHvT
urJQqbcUtbVSgvbb+WgW2X6z9vUWFR84wiw4ttD5OdPRH/A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:54 2025 by rpki-client