Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/KCbdMVNRQjQ8Dzw4VQjZBPwwJyo.roa
File: KCbdMVNRQjQ8Dzw4VQjZBPwwJyo.roa (raw, json)
Hash identifier: DOquMADcIHqm5X012DGkrGRFO6R161/okbspXe+QPFo=
Subject key identifier: 28:26:DD:31:53:51:42:34:3C:0F:3C:38:55:08:D9:04:FC:30:27:2A
Certificate issuer: /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Certificate serial: 01939B7C6B19D8870FC3C5E46FA035DFF78E
Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/KCbdMVNRQjQ8Dzw4VQjZBPwwJyo.roa
Signing time: Fri 06 Dec 2024 10:20:42 +0000
ROA not before: Fri 06 Dec 2024 10:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59437
IP address blocks: 87.120.208.0/21 maxlen: 21
87.121.28.0/22 maxlen: 22
94.156.254.0/23 maxlen: 23
176.56.192.0/19 maxlen: 23
176.56.192.0/21 maxlen: 21
176.56.200.0/21 maxlen: 21
176.56.204.0/23 maxlen: 23
176.56.206.0/23 maxlen: 23
176.56.208.0/23 maxlen: 23
185.159.86.0/24 maxlen: 24
185.251.18.0/24 maxlen: 24
195.211.49.0/24 maxlen: 24
2a0b:d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 06 Dec 2024 11:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:7c:6b:19:d8:87:0f:c3:c5:e4:6f:a0:35:df:f7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Validity
Not Before: Dec 6 10:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2826dd31535142343c0f3c385508d904fc30272a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:78:0c:ef:94:e6:86:6f:a7:53:f3:cf:be:76:
8a:c6:1f:f6:e0:f7:d4:9c:f7:a8:88:45:00:53:1a:
a2:c1:54:ec:3f:4d:b4:46:76:3f:0d:bf:d9:20:9c:
35:7f:c2:9f:c4:7f:63:d7:b3:cb:c4:15:70:87:f2:
9b:6b:63:d7:25:fd:c7:5f:6e:d9:5e:54:4b:57:e2:
64:a7:7d:49:c2:5f:da:9e:46:c5:f3:31:68:8a:64:
d9:c2:63:8c:60:f3:a0:5a:82:5a:ad:24:eb:99:d4:
70:84:3e:f8:9f:2c:d0:1c:d2:40:0b:6e:79:5e:63:
35:86:3d:ee:c8:70:46:63:46:73:ba:94:f1:cb:5c:
79:06:e2:39:9e:4c:88:67:10:d7:79:5d:34:0c:54:
63:d5:ce:a8:24:94:b0:29:ee:c2:e3:f7:fa:b1:28:
54:62:dd:f5:11:68:d2:75:ca:6e:0d:aa:ec:7d:e7:
6a:d6:ea:27:5e:8d:f5:0b:51:4d:d8:9c:14:3a:32:
17:6d:73:79:b0:89:f6:79:f9:06:a3:0f:e9:27:9e:
38:1c:3e:c8:c8:7f:14:18:2b:b1:53:35:67:16:ad:
70:79:d5:82:9f:ec:4d:7b:03:30:61:48:5a:4e:b8:
71:8b:34:10:c5:e1:b0:9e:5c:47:88:4f:85:c0:15:
24:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:26:DD:31:53:51:42:34:3C:0F:3C:38:55:08:D9:04:FC:30:27:2A
X509v3 Authority Key Identifier:
keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/KCbdMVNRQjQ8Dzw4VQjZBPwwJyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.208.0/21
87.121.28.0/22
94.156.254.0/23
176.56.192.0/19
185.159.86.0/24
185.251.18.0/24
195.211.49.0/24
IPv6:
2a0b:d40::/29
Signature Algorithm: sha256WithRSAEncryption
2a:36:fa:00:71:31:32:fd:11:53:15:52:3a:6c:dd:0e:0a:77:
84:ae:76:9e:38:5f:f1:38:c3:ce:1f:bf:95:14:1e:4e:7d:71:
44:95:61:aa:5b:23:45:47:fe:52:5d:22:89:e9:6f:a6:62:2e:
9f:22:8f:c6:e0:33:cb:db:e2:a2:43:7d:80:44:8e:0b:f6:d3:
b7:78:51:df:db:35:13:b3:af:c1:71:22:6f:ac:40:4b:28:fb:
00:3f:6e:6c:de:e6:e6:4c:76:8b:16:2c:b7:81:8c:b3:bf:a9:
8e:a1:30:5b:72:21:c1:36:c9:cf:67:c7:17:d7:da:9e:17:a9:
d0:c9:de:89:65:c7:94:31:b7:42:25:72:ce:12:7b:16:1e:8c:
ac:cc:fc:35:d8:44:d4:c6:a1:ba:46:7b:1f:62:9a:52:41:18:
02:b7:e6:52:18:ee:fa:1c:18:42:e2:fc:7d:62:a7:19:98:7b:
3d:f0:2c:9c:2a:34:c7:f2:39:60:ca:31:12:c6:e3:3b:f5:a8:
c2:b7:97:1d:9b:d1:09:8e:91:2a:45:f3:6a:4b:9f:b6:95:2e:
30:5f:29:9a:00:16:ce:91:ea:07:41:5a:3e:da:d5:51:ce:40:
d1:05:e8:e7:05:fe:e9:4e:07:1b:35:ef:48:79:e7:49:86:77:
94:6b:d0:2d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZObfGsZ2IcPw8Xkb6A13/eOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlY2Q1M2M2NjQyNGMzZjM2OWNhODhlZTdhZjc2YWRiMjVl
MTg0NTEwHhcNMjQxMjA2MTAyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI2ZGQzMTUzNTE0MjM0M2MwZjNjMzg1NTA4ZDkwNGZjMzAyNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XgM75Tmhm+nU/PPvnaKxh/24PfU
nPeoiEUAUxqiwVTsP020RnY/Db/ZIJw1f8KfxH9j17PLxBVwh/Kba2PXJf3HX27Z
XlRLV+Jkp31Jwl/ankbF8zFoimTZwmOMYPOgWoJarSTrmdRwhD74nyzQHNJAC255
XmM1hj3uyHBGY0ZzupTxy1x5BuI5nkyIZxDXeV00DFRj1c6oJJSwKe7C4/f6sShU
Yt31EWjSdcpuDarsfedq1uonXo31C1FN2JwUOjIXbXN5sIn2efkGow/pJ544HD7I
yH8UGCuxUzVnFq1wedWCn+xNewMwYUhaTrhxizQQxeGwnlxHiE+FwBUkzQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCgm3TFTUUI0PA88OFUI2QT8MCcqMB8GA1UdIwQY
MBaAFD7NU8ZkJMPzacqI7nr3atsl4YRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAt
YzIyNTY4MDRlOTIyLzEvS0NiZE1WTlJRalE4RHp3NFZRalpCUHd3SnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAtYzIyNTY4MDRlOTIy
LzEvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDV3jQAwQC
V3kcAwQBXpz+AwQFsDjAAwQAuZ9WAwQAufsSAwQAw9MxMA0EAgACMAcDBQMqCw1A
MA0GCSqGSIb3DQEBCwUAA4IBAQAqNvoAcTEy/RFTFVI6bN0OCneErnaeOF/xOMPO
H7+VFB5OfXFElWGqWyNFR/5SXSKJ6W+mYi6fIo/G4DPL2+KiQ32ARI4L9tO3eFHf
2zUTs6/BcSJvrEBLKPsAP25s3ubmTHaLFiy3gYyzv6mOoTBbciHBNsnPZ8cX19qe
F6nQyd6JZceUMbdCJXLOEnsWHoyszPw12ETUxqG6RnsfYppSQRgCt+ZSGO76HBhC
4vx9YqcZmHs98CycKjTH8jlgyjESxuM79ajCt5cdm9EJjpEqRfNqS5+2lS4wXyma
ABbOkeoHQVo+2tVRzkDRBejnBf7pTgcbNe9IeedJhneUa9At
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:01:38 2025 by rpki-client