Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KH3BFCAva_rHx3uOkKpIR3-IA68.roa
File: KH3BFCAva_rHx3uOkKpIR3-IA68.roa (raw, json)
Hash identifier: 7Ae2gm7xm1xzyPifAsQWlWEpUjh/5LYKRdb9tTYYErc=
Subject key identifier: 28:7D:C1:14:20:2F:6B:FA:C7:C7:7B:8E:90:AA:48:47:7F:88:03:AF
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01942143F5070B19C380A0EB9550B62E977C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KH3BFCAva_rHx3uOkKpIR3-IA68.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12722
IP address blocks: 5.182.116.0/24 maxlen: 24
45.15.255.0/24 maxlen: 24
45.86.3.0/24 maxlen: 24
45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
46.149.174.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
83.171.212.0/22 maxlen: 22
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 07:04:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f5:07:0b:19:c3:80:a0:eb:95:50:b6:2e:97:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=287dc114202f6bfac7c77b8e90aa48477f8803af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:8f:5e:f1:30:f7:2d:b1:5e:c0:b9:51:f8:d0:
9c:15:fa:53:5c:d5:c0:d3:2f:a7:5c:62:62:40:84:
3b:e0:6c:37:9f:a4:85:15:09:81:e2:0c:23:b5:fa:
59:9c:39:98:72:df:53:7f:99:45:f8:1b:02:f0:50:
cb:09:85:f1:18:46:a4:ed:2c:5a:3e:c9:27:14:ac:
6f:c1:b0:6e:ee:83:94:ed:46:66:ce:86:d7:d2:93:
05:ce:06:1d:d2:46:17:e4:64:b5:a3:db:3f:68:9f:
78:8d:e4:50:cc:eb:43:79:7d:7a:8c:92:cf:dd:f2:
19:4c:78:66:47:f9:ee:04:9e:07:00:43:3a:1a:71:
b1:ce:3b:86:96:87:3a:0a:17:29:19:8f:6c:24:99:
dc:a5:02:a1:44:8c:6e:e5:43:0b:3b:59:51:ce:c2:
66:32:58:4f:c6:0e:97:a5:77:90:04:13:d0:c3:a1:
13:11:b3:10:84:1a:64:e2:fb:a8:ba:f0:90:84:33:
a2:50:c5:c5:d6:c8:df:3a:67:ce:7f:43:ef:db:70:
01:f9:ca:dd:71:45:0b:8d:55:d4:96:87:db:ce:20:
8e:5e:5b:0c:a6:fb:f6:09:b0:3d:dd:1e:7c:44:8e:
15:9b:85:16:c5:1c:a5:de:17:74:d3:88:e5:f6:b1:
0a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7D:C1:14:20:2F:6B:FA:C7:C7:7B:8E:90:AA:48:47:7F:88:03:AF
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KH3BFCAva_rHx3uOkKpIR3-IA68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
45.15.255.0/24
45.86.3.0/24
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
46.149.174.0/24
62.204.32.0/24
83.171.212.0/22
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
212.60.6.0/24
212.107.24.0/24
212.115.48.0/24
212.115.50.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:48:e3:08:03:5d:5b:0b:ab:da:5d:20:7d:ad:64:69:b1:60:
ee:86:a2:b5:47:be:bd:2e:16:c5:6b:74:8c:37:76:75:ed:47:
71:40:f2:27:9b:26:54:15:c8:cb:8c:2a:d0:e7:3e:17:78:7d:
47:0d:f4:c7:52:26:58:b0:cd:30:b0:6f:ab:0a:0f:02:12:ad:
96:68:61:a1:07:dc:92:60:4e:38:ed:5e:71:9b:89:17:31:f1:
82:81:8e:f2:fd:58:f8:fd:d6:73:3c:af:31:c7:ef:be:4d:20:
6b:e1:04:3f:cb:81:76:77:89:64:82:64:66:05:17:da:c8:8f:
93:96:c3:33:a0:10:50:2b:4f:3b:77:c8:9e:34:fb:9b:2b:5c:
85:49:96:0b:7a:2c:ed:c3:9a:4c:3a:ca:29:aa:b7:59:02:72:
cd:61:80:b1:89:aa:44:1c:28:87:cd:4d:79:0b:34:2e:96:68:
cb:b0:14:5d:2b:3c:6e:eb:ce:94:16:d9:de:c7:c2:84:96:d1:
70:ba:fc:28:eb:39:53:91:6d:b2:d4:69:a2:7c:4a:fe:2b:c6:
18:bf:fa:c5:6c:e1:49:cb:31:a2:51:7b:91:98:3b:ad:e7:16:
ac:ff:a2:29:03:5e:6b:cd:6e:ab:e3:5e:ed:9f:c3:3e:17:3a:
aa:6d:66:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQhQ/UHCxnDgKDrlVC2Lpd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODdkYzExNDIwMmY2YmZhYzdjNzdiOGU5MGFhNDg0NzdmODgwM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Y9e8TD3LbFewLlR+NCcFfpTXNXA
0y+nXGJiQIQ74Gw3n6SFFQmB4gwjtfpZnDmYct9Tf5lF+BsC8FDLCYXxGEak7Sxa
PsknFKxvwbBu7oOU7UZmzobX0pMFzgYd0kYX5GS1o9s/aJ94jeRQzOtDeX16jJLP
3fIZTHhmR/nuBJ4HAEM6GnGxzjuGloc6ChcpGY9sJJncpQKhRIxu5UMLO1lRzsJm
MlhPxg6XpXeQBBPQw6ETEbMQhBpk4vuouvCQhDOiUMXF1sjfOmfOf0Pv23AB+crd
cUULjVXUlofbziCOXlsMpvv2CbA93R58RI4Vm4UWxRyl3hd004jl9rEKMQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCh9wRQgL2v6x8d7jpCqSEd/iAOvMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvS0gzQkZDQXZhX3JIeDN1T2tLcElSMy1JQTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABbZ0AwQA
LQ//AwQALVYDAwQALVosAwQALVovAwQBLYCCAwQALpWuAwQAPswgAwQCU6vUAwQA
stROAwQAuf0CAwQAvECMAwQAvF2IAwQA1DwGAwQA1GsYAwQA1HMwAwQA1HMyMA0G
CSqGSIb3DQEBCwUAA4IBAQAOSOMIA11bC6vaXSB9rWRpsWDuhqK1R769LhbFa3SM
N3Z17UdxQPInmyZUFcjLjCrQ5z4XeH1HDfTHUiZYsM0wsG+rCg8CEq2WaGGhB9yS
YE447V5xm4kXMfGCgY7y/Vj4/dZzPK8xx+++TSBr4QQ/y4F2d4lkgmRmBRfayI+T
lsMzoBBQK087d8ieNPubK1yFSZYLeiztw5pMOsopqrdZAnLNYYCxiapEHCiHzU15
CzQulmjLsBRdKzxu686UFtnex8KEltFwuvwo6zlTkW2y1GmifEr+K8YYv/rFbOFJ
yzGiUXuRmDut5xas/6IpA15rzW6r417tn8M+FzqqbWaR
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:44:02 2025 by rpki-client