Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KUd5lWrQkASATbEH6K65x6XYp7U.roa
File: KUd5lWrQkASATbEH6K65x6XYp7U.roa (raw, json)
Hash identifier: 3iUVY2yCE8CItijdtKRsUMTd2f2b+MYgAtzidGYrKXk=
Subject key identifier: 29:47:79:95:6A:D0:90:04:80:4D:B1:07:E8:AE:B9:C7:A5:D8:A7:B5
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D81F68DD61C2A91416D8865F3B9917CC2
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KUd5lWrQkASATbEH6K65x6XYp7U.roa
Signing time: Wed 07 Feb 2024 05:07:15 +0000
ROA not before: Wed 07 Feb 2024 05:07:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 31.170.55.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 09:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f6:8d:d6:1c:2a:91:41:6d:88:65:f3:b9:91:7c:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 7 05:07:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=294779956ad09004804db107e8aeb9c7a5d8a7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e3:be:2e:1b:bd:29:24:ad:fe:2c:56:01:ef:
04:f7:4f:da:57:54:e4:da:81:74:02:ca:b5:68:49:
69:9c:c7:63:78:e0:4a:94:42:b4:00:9d:1b:a6:70:
ac:dd:20:95:ab:71:cf:75:4e:c9:56:98:c7:fe:90:
76:ff:3f:1b:d6:5d:30:6d:9e:89:60:b8:07:48:d3:
00:72:d4:d0:ac:7b:cb:56:36:16:3d:a5:da:bb:a2:
00:43:b3:f5:94:f3:bb:a9:e9:3f:e0:b2:8c:df:df:
b4:59:6c:70:fc:2b:cd:65:1a:f1:42:26:04:db:bf:
6e:4b:4f:b8:62:c8:40:4f:2a:d5:83:39:7f:61:57:
96:0e:71:1c:8c:2e:28:e2:21:45:fb:dc:da:ae:ea:
a1:7b:1f:1b:cb:d5:76:c6:35:45:cc:40:91:83:9d:
46:31:e0:ee:36:d4:f9:32:96:01:49:c7:1d:f0:08:
2e:eb:6d:af:34:cf:a6:24:48:fc:26:d7:1c:7c:69:
00:39:f7:18:ea:ec:a4:bc:7d:a7:d6:f1:f6:b2:f9:
ba:79:0e:92:ea:4e:08:77:c7:8a:dd:08:80:39:39:
fa:03:76:8a:d4:d7:9f:e1:3f:90:aa:f1:44:39:7e:
86:13:e4:86:57:70:e8:6b:09:c3:96:e6:7c:6c:19:
76:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:47:79:95:6A:D0:90:04:80:4D:B1:07:E8:AE:B9:C7:A5:D8:A7:B5
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KUd5lWrQkASATbEH6K65x6XYp7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
94.74.152.0/22
109.203.160.0/24
109.203.168.0-109.203.191.255
176.46.132.0/24
176.46.140.0/24
176.46.145.0/24
176.46.147.0/24
176.46.151.0/24
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:12:97:ea:58:10:c5:1b:fe:00:37:ee:75:d9:55:7d:a0:70:
b1:24:e5:ca:94:16:65:52:6b:ba:35:dc:d8:f7:0a:33:a6:97:
3f:9d:2a:5b:8b:d7:7a:98:d6:da:8d:70:2e:ea:ab:8b:ec:e5:
4f:f6:03:c4:52:75:7d:bd:6e:ce:d5:bf:09:17:9f:9a:87:2a:
16:31:64:16:fa:fd:d5:18:16:82:21:5f:1a:e5:b5:e4:94:fa:
10:89:3b:a9:3b:8c:83:5f:14:02:23:b9:67:a5:ed:c7:be:e6:
c7:70:67:1f:dc:2d:d7:6d:14:9f:e1:c1:f8:af:ca:84:83:de:
9d:0f:6a:a9:4b:40:83:58:5c:fe:95:a3:c7:1f:45:6b:18:9b:
f8:7e:a7:8a:fe:87:5f:fa:f7:89:9f:41:02:34:95:7c:c3:62:
80:a1:71:a2:f8:d7:e6:92:4a:18:80:b8:38:68:fe:74:2d:97:
35:84:88:8e:bd:8c:37:46:ff:71:9a:5a:92:91:87:82:9e:d1:
13:72:8e:5b:d8:44:18:5b:69:06:13:03:99:c2:05:a1:92:b2:
9d:20:45:eb:16:b6:09:3e:03:fd:a1:96:00:ee:e9:86:02:9c:
96:b6:e9:28:0e:36:75:24:d3:a3:21:e9:c2:27:d8:d6:f8:e4:
cf:38:a7:98
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY2B9o3WHCqRQW2IZfO5kXzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMjA3MDUwNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQ3Nzk5NTZhZDA5MDA0ODA0ZGIxMDdlOGFlYjljN2E1ZDhhN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuO+Lhu9KSSt/ixWAe8E90/aV1Tk
2oF0Asq1aElpnMdjeOBKlEK0AJ0bpnCs3SCVq3HPdU7JVpjH/pB2/z8b1l0wbZ6J
YLgHSNMActTQrHvLVjYWPaXau6IAQ7P1lPO7qek/4LKM39+0WWxw/CvNZRrxQiYE
279uS0+4YshATyrVgzl/YVeWDnEcjC4o4iFF+9zaruqhex8by9V2xjVFzECRg51G
MeDuNtT5MpYBSccd8Agu622vNM+mJEj8JtccfGkAOfcY6uykvH2n1vH2svm6eQ6S
6k4Id8eK3QiAOTn6A3aK1Nef4T+QqvFEOX6GE+SGV3DoawnDluZ8bBl26QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFClHeZVq0JAEgE2xB+iuucel2Ke1MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvS1VkNWxXclFrQVNBVGJFSDZLNjV4NlhZcDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAH6o3AwQC
XkqYAwQAbcugMAwDBANty6gDBAZty4ADBACwLoQDBACwLowDBACwLpEDBACwLpMD
BACwLpcDBAK5IqAwDQYJKoZIhvcNAQELBQADggEBAA8Sl+pYEMUb/gA37nXZVX2g
cLEk5cqUFmVSa7o13Nj3CjOmlz+dKluL13qY1tqNcC7qq4vs5U/2A8RSdX29bs7V
vwkXn5qHKhYxZBb6/dUYFoIhXxrlteSU+hCJO6k7jINfFAIjuWel7ce+5sdwZx/c
LddtFJ/hwfivyoSD3p0PaqlLQINYXP6Vo8cfRWsYm/h+p4r+h1/694mfQQI0lXzD
YoChcaL41+aSShiAuDho/nQtlzWEiI69jDdG/3GaWpKRh4Ke0RNyjlvYRBhbaQYT
A5nCBaGSsp0gResWtgk+A/2hlgDu6YYCnJa26SgONnUk06Mh6cIn2Nb45M84p5g=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:13:24 2025 by rpki-client