Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/kbueeR8S6K_OPuqrGgv3vEeH5hU.roa
File: kbueeR8S6K_OPuqrGgv3vEeH5hU.roa (raw, json)
Hash identifier: IADKibPdM/DHOcsOdRCDzrNgtvJt7L+UVkkKe873Hwk=
Subject key identifier: 91:BB:9E:79:1F:12:E8:AF:CE:3E:EA:AB:1A:0B:F7:BC:47:87:E6:15
Certificate issuer: /CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b
Certificate serial: 018CC8011E220E02BA92CD301848D383FF00
Authority key identifier: 60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/kbueeR8S6K_OPuqrGgv3vEeH5hU.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48522
IP address blocks: 193.36.229.0/24 maxlen: 24
194.13.238.0/23 maxlen: 23
185.70.232.0/22 maxlen: 24
2a03:3620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1e:22:0e:02:ba:92:cd:30:18:48:d3:83:ff:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91bb9e791f12e8afce3eeaab1a0bf7bc4787e615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:83:3b:ca:47:62:a1:5f:4c:d6:4b:62:89:fb:
66:77:7c:ab:c8:8d:3e:7a:dd:d8:52:37:f5:ca:43:
49:ad:0a:11:f8:f9:82:57:17:a9:08:5b:71:d1:d7:
cb:c2:5d:ea:13:0c:79:2c:6f:d5:5c:af:de:2a:2b:
8a:80:70:82:fd:7a:b1:70:e8:e1:86:ac:0c:10:28:
5d:d6:70:83:b3:4c:db:da:e5:7e:b4:4f:b6:40:bb:
2a:e8:a0:8b:24:49:fe:c6:3a:6d:d3:d2:fa:2b:df:
dc:3f:03:6b:ad:23:9a:38:9c:0b:4a:6d:f1:fe:72:
a1:1b:a9:8b:44:70:44:74:41:67:d5:2b:36:5b:90:
84:49:c3:49:20:0d:d5:4f:81:21:a5:db:c0:67:78:
99:db:95:9f:85:be:3b:ca:32:95:5c:19:b1:29:b4:
14:01:cc:fe:41:f8:2f:36:f2:bc:0e:ea:a3:40:26:
86:fe:e5:2e:40:9c:11:d0:d4:91:3f:c1:47:23:6f:
aa:dc:1d:9d:07:61:08:3f:03:3e:40:6d:cb:b3:10:
9f:15:aa:f4:34:59:52:4c:a6:99:1d:8a:8a:8f:d8:
ea:70:71:89:79:88:56:7d:41:bf:e5:51:51:86:3c:
58:89:87:db:f2:9e:4a:ea:7b:37:ea:e6:0b:7b:02:
21:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BB:9E:79:1F:12:E8:AF:CE:3E:EA:AB:1A:0B:F7:BC:47:87:E6:15
X509v3 Authority Key Identifier:
keyid:60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/kbueeR8S6K_OPuqrGgv3vEeH5hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.232.0/22
193.36.229.0/24
194.13.238.0/23
IPv6:
2a03:3620::/32
Signature Algorithm: sha256WithRSAEncryption
99:9f:a9:1f:9a:af:47:3f:c7:01:22:8f:1f:14:73:dd:a3:48:
aa:59:6b:c4:71:fd:81:c4:62:c6:56:19:79:92:a9:a8:c1:a6:
25:07:1e:d5:c2:4e:28:43:f5:cd:bd:32:1e:bf:b2:c5:02:ae:
66:88:ac:46:e2:70:24:ca:53:43:31:f3:03:6e:96:a9:ba:e6:
79:93:9f:36:c2:be:03:9d:46:33:f5:e7:aa:e2:c0:dc:90:46:
a4:b8:fa:28:92:e2:f4:bc:80:34:48:9f:cf:5a:06:28:d8:d7:
3c:6b:d5:b7:1b:ce:d9:3d:69:1c:52:4e:41:ae:2a:b5:df:3d:
fc:00:23:a1:54:ae:98:d7:33:37:56:c5:1f:20:95:66:b1:c1:
1a:06:c9:3f:a3:a4:9f:f3:d2:50:df:8f:cf:bb:62:6d:8b:aa:
b4:95:30:9a:db:fb:81:2f:5a:2f:05:e6:55:e2:09:99:b6:01:
29:45:14:a5:ee:0e:21:ac:f6:66:6a:43:a9:7c:12:e9:41:f4:
a2:3c:d6:33:f5:37:a4:94:c7:e7:fa:f2:d7:86:c4:f4:ac:5d:
e9:76:b5:85:85:18:dc:67:46:9c:93:7c:d3:bf:67:d7:29:80:
2d:80:fb:73:4d:6c:7c:0a:a3:7b:02:1a:16:13:1d:60:0b:fe:
c6:58:8b:63
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAR4iDgK6ks0wGEjTg/8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYmYzNzM2MjAxNDZlNmYyOThhZTgyZDJjOGE4MzcxY2Fj
YjdiMWIwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJiOWU3OTFmMTJlOGFmY2UzZWVhYWIxYTBiZjdiYzQ3ODdlNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoM7ykdioV9M1ktiiftmd3yryI0+
et3YUjf1ykNJrQoR+PmCVxepCFtx0dfLwl3qEwx5LG/VXK/eKiuKgHCC/XqxcOjh
hqwMEChd1nCDs0zb2uV+tE+2QLsq6KCLJEn+xjpt09L6K9/cPwNrrSOaOJwLSm3x
/nKhG6mLRHBEdEFn1Ss2W5CEScNJIA3VT4EhpdvAZ3iZ25Wfhb47yjKVXBmxKbQU
Acz+QfgvNvK8DuqjQCaG/uUuQJwR0NSRP8FHI2+q3B2dB2EIPwM+QG3LsxCfFar0
NFlSTKaZHYqKj9jqcHGJeYhWfUG/5VFRhjxYiYfb8p5K6ns36uYLewIh9QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJG7nnkfEuivzj7qqxoL97xHh+YVMB8GA1UdIwQY
MBaAFGC/NzYgFG5vKYroLSyKg3HKy3sbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUw4M05pQVVibThwaXVndExJcURjY3JMZXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kZWNkZTMtMjc3YS00OTU2LWJmOTIt
ZjBhODEyM2U3MGY5LzEva2J1ZWVSOFM2S19PUHVxckdndjN2RWVINWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kZWNkZTMtMjc3YS00OTU2LWJmOTItZjBhODEyM2U3MGY5
LzEvWUw4M05pQVVibThwaXVndExJcURjY3JMZXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUboAwQA
wSTlAwQBwg3uMA0EAgACMAcDBQAqAzYgMA0GCSqGSIb3DQEBCwUAA4IBAQCZn6kf
mq9HP8cBIo8fFHPdo0iqWWvEcf2BxGLGVhl5kqmowaYlBx7Vwk4oQ/XNvTIev7LF
Aq5miKxG4nAkylNDMfMDbpapuuZ5k582wr4DnUYz9eeq4sDckEakuPookuL0vIA0
SJ/PWgYo2Nc8a9W3G87ZPWkcUk5Briq13z38ACOhVK6Y1zM3VsUfIJVmscEaBsk/
o6Sf89JQ34/Pu2Jti6q0lTCa2/uBL1ovBeZV4gmZtgEpRRSl7g4hrPZmakOpfBLp
QfSiPNYz9TeklMfn+vLXhsT0rF3pdrWFhRjcZ0ack3zTv2fXKYAtgPtzTWx8CqN7
AhoWEx1gC/7GWItj
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:57:05 2025 by rpki-client