Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/K0grIAiONlRXkGuaO2r_IYl7G2M.roa
File: K0grIAiONlRXkGuaO2r_IYl7G2M.roa (raw, json)
Hash identifier: Vh4TsYC+WNf0/tMMUF5PTzNCSobygmRXatv7lO2JWJk=
Subject key identifier: 2B:48:2B:20:08:8E:36:54:57:90:6B:9A:3B:6A:FF:21:89:7B:1B:63
Certificate issuer: /CN=8cad303bc70b12f83dbf89fc1489cb4612cf5526
Certificate serial: 0193DDC9B4E703D68589FA736BF6C2D6B080
Authority key identifier: 8C:AD:30:3B:C7:0B:12:F8:3D:BF:89:FC:14:89:CB:46:12:CF:55:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jK0wO8cLEvg9v4n8FInLRhLPVSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/K0grIAiONlRXkGuaO2r_IYl7G2M.roa
Signing time: Thu 19 Dec 2024 07:20:03 +0000
ROA not before: Thu 19 Dec 2024 07:20:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60258
IP address blocks: 82.194.16.0/24 maxlen: 24
82.194.17.0/24 maxlen: 24
82.194.18.0/24 maxlen: 24
82.194.19.0/24 maxlen: 24
82.194.20.0/24 maxlen: 24
82.194.21.0/24 maxlen: 24
82.194.22.0/24 maxlen: 24
82.194.23.0/24 maxlen: 24
82.194.24.0/24 maxlen: 24
82.194.25.0/24 maxlen: 24
82.194.26.0/24 maxlen: 24
82.194.28.0/24 maxlen: 24
82.194.29.0/24 maxlen: 24
82.194.30.0/24 maxlen: 24
82.194.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 10:39:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:dd:c9:b4:e7:03:d6:85:89:fa:73:6b:f6:c2:d6:b0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cad303bc70b12f83dbf89fc1489cb4612cf5526
Validity
Not Before: Dec 19 07:20:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b482b20088e365457906b9a3b6aff21897b1b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:12:20:87:fc:39:d1:cd:9d:66:29:94:1a:54:
01:d1:cc:4f:2a:b3:08:a3:3e:19:61:28:6a:2a:47:
26:30:1a:f6:f1:44:e7:14:90:5c:cb:31:e2:19:2c:
89:f6:4e:a7:08:60:42:59:91:ed:0f:fe:39:71:3a:
55:73:ef:28:b5:ea:c3:2a:38:2f:79:01:1f:f4:0b:
5c:4b:9a:90:c8:0f:f6:97:79:ad:1b:22:38:1e:ae:
b0:2e:2e:6f:0d:92:30:6d:06:8c:4c:f1:48:50:34:
05:ed:fe:47:80:8c:d6:c0:78:85:a5:b5:50:79:46:
41:c0:57:2d:fb:22:9c:33:fb:9b:c2:5c:2f:59:c4:
a5:a6:23:a9:89:64:22:0b:e4:ad:bf:53:b4:82:d4:
fa:bd:a4:52:e9:e9:7e:95:c2:ad:9f:78:ad:f5:32:
13:1b:40:d2:3d:a7:7b:98:cb:32:cd:65:7c:82:12:
35:41:22:02:92:b9:d5:c4:a6:31:7d:05:ae:3d:cb:
1f:38:3f:36:6d:dc:92:f1:63:d8:87:8a:19:e8:8e:
86:33:0e:31:78:fc:80:45:4f:c5:09:34:a3:74:51:
92:d7:f0:f7:2d:79:9b:96:9d:8b:1a:2b:c9:e6:1b:
1d:38:8a:63:22:b9:f9:56:c4:82:30:bb:c5:bf:48:
5c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:48:2B:20:08:8E:36:54:57:90:6B:9A:3B:6A:FF:21:89:7B:1B:63
X509v3 Authority Key Identifier:
keyid:8C:AD:30:3B:C7:0B:12:F8:3D:BF:89:FC:14:89:CB:46:12:CF:55:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jK0wO8cLEvg9v4n8FInLRhLPVSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/K0grIAiONlRXkGuaO2r_IYl7G2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/jK0wO8cLEvg9v4n8FInLRhLPVSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.16.0-82.194.26.255
82.194.28.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c2:d2:49:63:1a:17:f0:98:36:89:02:dc:b6:43:db:49:cf:
eb:f9:bf:e8:14:82:7b:ff:a3:3b:fa:7c:12:46:c8:80:c2:3d:
db:85:fb:9d:24:10:7a:f4:85:b9:f7:4a:77:59:08:f3:6a:d7:
e2:41:36:5b:37:bc:73:24:0a:73:56:5d:ba:08:53:42:92:f3:
1d:ab:a9:df:00:d7:a1:f7:0f:bf:4f:7c:44:2f:fa:53:23:fc:
5b:44:11:84:aa:93:57:a8:27:d4:1a:a7:c3:c3:e6:54:7b:a1:
d7:53:6a:32:f2:ea:94:b0:a3:43:d9:55:36:50:cc:f3:ec:e5:
fe:59:61:88:d1:dc:84:af:7e:e2:bc:f8:ae:f2:87:ff:f3:70:
da:0f:99:e2:e1:0a:ed:a9:3d:f2:d5:75:9d:11:df:f9:d0:19:
9b:e6:88:66:48:5d:5b:bd:c1:55:d4:b0:b6:03:e0:d8:31:75:
7d:b4:8d:19:dd:41:64:18:c8:c0:78:61:ce:e4:96:e6:98:ba:
df:80:85:40:d7:86:0b:52:04:38:dd:7d:48:a1:4c:bc:f3:54:
7b:8b:48:cf:0b:9f:54:4c:b6:00:16:6c:9f:f9:a4:27:f2:98:
84:ad:98:e0:eb:4f:9f:42:29:f4:e6:5e:64:fb:f0:17:5b:f5:
57:8a:0a:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZPdybTnA9aFifpza/bC1rCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYWQzMDNiYzcwYjEyZjgzZGJmODlmYzE0ODljYjQ2MTJj
ZjU1MjYwHhcNMjQxMjE5MDcyMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQ4MmIyMDA4OGUzNjU0NTc5MDZiOWEzYjZhZmYyMTg5N2IxYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8BIgh/w50c2dZimUGlQB0cxPKrMI
oz4ZYShqKkcmMBr28UTnFJBcyzHiGSyJ9k6nCGBCWZHtD/45cTpVc+8oterDKjgv
eQEf9AtcS5qQyA/2l3mtGyI4Hq6wLi5vDZIwbQaMTPFIUDQF7f5HgIzWwHiFpbVQ
eUZBwFct+yKcM/ubwlwvWcSlpiOpiWQiC+Stv1O0gtT6vaRS6el+lcKtn3it9TIT
G0DSPad7mMsyzWV8ghI1QSICkrnVxKYxfQWuPcsfOD82bdyS8WPYh4oZ6I6GMw4x
ePyARU/FCTSjdFGS1/D3LXmblp2LGivJ5hsdOIpjIrn5VsSCMLvFv0hc7QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCtIKyAIjjZUV5Brmjtq/yGJextjMB8GA1UdIwQY
MBaAFIytMDvHCxL4Pb+J/BSJy0YSz1UmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakswd084Y0xFdmc5djRuOEZJbkxSaExQVlNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZDNmOWUtOWE2Yy00Yzg2LWEwMzYt
NDgyNTU1NDUyODMxLzEvSzBncklBaU9ObFJYa0d1YU8ycl9JWWw3RzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xZDNmOWUtOWE2Yy00Yzg2LWEwMzYtNDgyNTU1NDUyODMx
LzEvakswd084Y0xFdmc5djRuOEZJbkxSaExQVlNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARSwhAD
BABSwhoDBAJSwhwwDQYJKoZIhvcNAQELBQADggEBAGXC0kljGhfwmDaJAty2Q9tJ
z+v5v+gUgnv/ozv6fBJGyIDCPduF+50kEHr0hbn3SndZCPNq1+JBNls3vHMkCnNW
XboIU0KS8x2rqd8A16H3D79PfEQv+lMj/FtEEYSqk1eoJ9Qap8PD5lR7oddTajLy
6pSwo0PZVTZQzPPs5f5ZYYjR3ISvfuK8+K7yh//zcNoPmeLhCu2pPfLVdZ0R3/nQ
GZvmiGZIXVu9wVXUsLYD4NgxdX20jRndQWQYyMB4Yc7kluaYut+AhUDXhgtSBDjd
fUihTLzzVHuLSM8Ln1RMtgAWbJ/5pCfymIStmODrT59CKfTmXmT78Bdb9VeKCmc=
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:41:15 2025 by rpki-client