Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/KM6KEx4xjY47tESfaOgDAIBy57w.roa
File: KM6KEx4xjY47tESfaOgDAIBy57w.roa (raw, json)
Hash identifier: wxBmoyxv6WzgOwMxgc/XXDmnMB1yNB8Ecmrcj39wEgE=
Subject key identifier: 28:CE:8A:13:1E:31:8D:8E:3B:B4:44:9F:68:E8:03:00:80:72:E7:BC
Certificate issuer: /CN=07fa540a25432e2aa4dca057845c359d214886f7
Certificate serial: 018CF3DD94C45E3D703F01B1B8C1DBE472CD
Authority key identifier: 07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/KM6KEx4xjY47tESfaOgDAIBy57w.roa
Signing time: Wed 10 Jan 2024 14:53:54 +0000
ROA not before: Wed 10 Jan 2024 14:53:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196922
IP address blocks: 46.232.186.0/24 maxlen: 24
46.232.184.0/21 maxlen: 21
46.232.184.0/24 maxlen: 24
46.232.185.0/24 maxlen: 24
46.232.189.0/24 maxlen: 24
46.232.190.0/24 maxlen: 24
46.232.188.0/24 maxlen: 24
46.232.191.0/24 maxlen: 24
46.232.187.0/24 maxlen: 24
178.248.240.0/24 maxlen: 24
178.248.241.0/24 maxlen: 24
178.248.240.0/21 maxlen: 21
178.248.242.0/24 maxlen: 24
178.248.245.0/24 maxlen: 24
178.248.246.0/24 maxlen: 24
178.248.243.0/24 maxlen: 24
178.248.244.0/24 maxlen: 24
185.115.24.0/22 maxlen: 24
185.115.24.0/23 maxlen: 23
178.248.247.0/24 maxlen: 24
185.115.26.128/27 maxlen: 27
185.115.26.0/23 maxlen: 23
2a02:1308::/29 maxlen: 32
2a02:1308::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Jan 2024 09:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:dd:94:c4:5e:3d:70:3f:01:b1:b8:c1:db:e4:72:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07fa540a25432e2aa4dca057845c359d214886f7
Validity
Not Before: Jan 10 14:53:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28ce8a131e318d8e3bb4449f68e803008072e7bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:68:73:0b:b8:de:82:f7:8d:11:e7:91:d6:66:
59:a8:7d:bd:4e:97:99:33:d8:22:68:b7:84:6d:42:
ad:aa:f3:1f:cc:04:a8:78:78:37:76:73:c0:04:83:
2d:1a:36:29:97:31:92:6e:1b:38:ed:11:b7:96:5f:
a1:9b:f1:31:6e:1a:24:07:1d:81:f6:5b:7f:3f:84:
7a:7f:2f:3a:56:31:7b:ec:76:ce:d0:79:0b:83:b0:
14:5f:96:cf:ba:d4:64:d5:bf:2a:50:4f:86:2e:ba:
16:aa:ab:97:b0:27:86:f5:29:57:01:d3:ac:51:96:
aa:27:76:a8:e7:30:83:62:9e:b2:7d:0b:0d:fc:d8:
ed:52:da:f6:64:f9:3c:92:07:86:0d:13:58:03:41:
47:90:e8:62:2f:1e:b4:c8:8f:00:f8:71:7e:a7:b8:
61:d6:81:7d:1d:ad:e4:3b:6b:ba:54:30:ed:50:70:
3a:9d:09:3c:0a:af:1b:a0:3e:a1:d0:9f:fe:1c:f8:
52:9e:57:92:8a:2a:54:2f:fd:63:87:87:d2:50:68:
98:b2:8f:0f:d8:47:a6:b3:49:ac:55:d4:04:df:fe:
7c:c2:2b:a0:a8:93:67:e6:d4:68:94:e1:a4:f8:10:
64:3c:4d:fb:5d:6b:be:3e:fe:22:7f:6f:9e:db:a7:
b2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CE:8A:13:1E:31:8D:8E:3B:B4:44:9F:68:E8:03:00:80:72:E7:BC
X509v3 Authority Key Identifier:
keyid:07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/KM6KEx4xjY47tESfaOgDAIBy57w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/B_pUCiVDLiqk3KBXhFw1nSFIhvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.184.0/21
178.248.240.0/21
185.115.24.0/22
IPv6:
2a02:1308::/29
Signature Algorithm: sha256WithRSAEncryption
6d:b5:ae:4c:ad:09:e0:82:fe:0d:bf:ea:19:f0:09:a5:81:c1:
15:d1:d1:16:7e:4c:ed:32:1b:aa:ae:c5:e6:fa:79:8c:10:c0:
fa:8a:c7:9b:e0:9d:cf:5b:94:8c:01:cc:57:09:d8:cf:27:fe:
54:71:24:cb:74:22:7f:46:2a:31:bb:2d:9c:e3:44:96:fe:0a:
4d:df:a0:ff:70:78:a3:2d:1b:52:9d:34:9e:d5:e1:ee:cc:8d:
fe:0b:29:de:a4:f9:7e:a0:7c:f5:90:1b:1a:d4:4b:8a:cb:c1:
88:3a:33:8d:e6:21:9a:98:a4:e1:a1:8d:ab:f1:ed:a4:6f:80:
3a:3a:be:ff:f6:af:fb:0b:09:98:ec:02:9f:27:28:45:41:10:
93:6d:31:57:6d:53:54:21:56:bb:34:74:36:66:fe:a4:47:b3:
4e:90:4d:65:6a:cc:3a:f5:e0:00:e4:13:db:b2:96:14:6a:e3:
af:0c:26:d6:4e:f0:a1:c8:1e:42:ea:85:b1:26:b9:86:12:2b:
89:1e:e4:d3:84:95:2d:96:a5:3b:15:3c:64:d7:09:1c:27:64:
35:b9:32:94:cf:1e:e2:fe:1b:64:13:22:4b:e1:16:74:a9:ae:
73:40:b2:ad:6f:ba:0f:01:09:39:97:f8:75:98:2f:d0:9f:ac:
b4:f6:99:1f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzz3ZTEXj1wPwGxuMHb5HLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZmE1NDBhMjU0MzJlMmFhNGRjYTA1Nzg0NWMzNTlkMjE0
ODg2ZjcwHhcNMjQwMTEwMTQ1MzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNlOGExMzFlMzE4ZDhlM2JiNDQ0OWY2OGU4MDMwMDgwNzJlN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimhzC7jegveNEeeR1mZZqH29TpeZ
M9giaLeEbUKtqvMfzASoeHg3dnPABIMtGjYplzGSbhs47RG3ll+hm/ExbhokBx2B
9lt/P4R6fy86VjF77HbO0HkLg7AUX5bPutRk1b8qUE+GLroWqquXsCeG9SlXAdOs
UZaqJ3ao5zCDYp6yfQsN/NjtUtr2ZPk8kgeGDRNYA0FHkOhiLx60yI8A+HF+p7hh
1oF9Ha3kO2u6VDDtUHA6nQk8Cq8boD6h0J/+HPhSnleSiipUL/1jh4fSUGiYso8P
2Eems0msVdQE3/58wiugqJNn5tRolOGk+BBkPE37XWu+Pv4if2+e26eyTQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCjOihMeMY2OO7REn2joAwCAcue8MB8GA1UdIwQY
MBaAFAf6VAolQy4qpNygV4RcNZ0hSIb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9wVUNpVkRMaXFrM0tCWGhGdzFuU0ZJaHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80MzA3ZDEtYjYwOC00NTgxLTk5MmMt
NzUzNzQxYTgwZTk0LzEvS002S0V4NHhqWTQ3dEVTZmFPZ0RBSUJ5NTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80MzA3ZDEtYjYwOC00NTgxLTk5MmMtNzUzNzQxYTgwZTk0
LzEvQl9wVUNpVkRMaXFrM0tCWGhGdzFuU0ZJaHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLui4AwQD
svjwAwQCuXMYMA0EAgACMAcDBQMqAhMIMA0GCSqGSIb3DQEBCwUAA4IBAQBtta5M
rQnggv4Nv+oZ8AmlgcEV0dEWfkztMhuqrsXm+nmMEMD6iseb4J3PW5SMAcxXCdjP
J/5UcSTLdCJ/Rioxuy2c40SW/gpN36D/cHijLRtSnTSe1eHuzI3+CynepPl+oHz1
kBsa1EuKy8GIOjON5iGamKThoY2r8e2kb4A6Or7/9q/7CwmY7AKfJyhFQRCTbTFX
bVNUIVa7NHQ2Zv6kR7NOkE1lasw69eAA5BPbspYUauOvDCbWTvChyB5C6oWxJrmG
EiuJHuTThJUtlqU7FTxk1wkcJ2Q1uTKUzx7i/htkEyJL4RZ0qa5zQLKtb7oPAQk5
l/h1mC/Qn6y09pkf
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:30:47 2025 by rpki-client