Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/KLz3KrMe-EkIbNPPiEs6LiYGUCs.roa
File: KLz3KrMe-EkIbNPPiEs6LiYGUCs.roa (raw, json)
Hash identifier: HpLDWhoUd6IR1VL6Q0XOzd5INZStYgxSiHLWX6Ew0Ws=
Subject key identifier: 28:BC:F7:2A:B3:1E:F8:49:08:6C:D3:CF:88:4B:3A:2E:26:06:50:2B
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 0194DA768042BE59F2B41080CFC965583816
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/KLz3KrMe-EkIbNPPiEs6LiYGUCs.roa
Signing time: Thu 06 Feb 2025 08:53:06 +0000
ROA not before: Thu 06 Feb 2025 08:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48147
IP address blocks: 89.42.136.0/22 maxlen: 24
89.42.136.0/23 maxlen: 24
89.42.136.0/24 maxlen: 24
89.42.137.0/24 maxlen: 24
89.42.138.0/23 maxlen: 24
89.42.138.0/24 maxlen: 24
89.42.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 07:47:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:76:80:42:be:59:f2:b4:10:80:cf:c9:65:58:38:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Feb 6 08:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28bcf72ab31ef849086cd3cf884b3a2e2606502b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4a:c6:1a:25:23:e9:d3:9a:55:88:b4:59:f1:
80:a6:7b:43:f8:2a:9c:e6:c5:b2:e3:24:3b:14:54:
2b:71:0d:0b:f3:c8:85:3d:8b:89:84:e1:0b:73:a9:
10:c9:a0:5a:af:ac:c4:25:52:e7:46:3e:30:84:56:
84:ce:e9:00:e4:3d:ab:81:ef:cd:75:e7:ed:31:92:
b5:a3:77:98:0e:64:55:06:f1:40:45:bc:d6:72:7c:
62:aa:42:dd:fd:62:aa:2c:8a:d1:f7:31:67:04:90:
48:5e:e5:d0:9b:47:68:ce:b1:6b:bd:55:1e:5f:82:
89:b7:a4:1d:95:a4:ef:44:8f:53:30:45:05:9d:23:
2a:82:46:fb:0f:76:fa:a3:b4:cf:e1:07:05:ab:95:
61:74:de:6d:a8:23:6c:f1:59:31:7f:76:95:14:eb:
23:33:dd:00:ea:fc:22:fe:26:19:fe:0a:e6:a1:b1:
37:71:0a:87:02:b5:80:bc:a9:23:19:b9:9e:a1:db:
5b:ac:3d:c5:e9:02:2f:4e:06:1c:f8:f6:50:e8:69:
69:d6:e6:b1:a6:aa:4b:bb:bd:fd:55:ac:c4:39:05:
07:27:b4:52:24:84:a4:8b:ff:36:1e:2a:b0:35:6c:
ae:c1:cf:ad:d2:4f:e2:4b:bd:bd:0f:02:d0:b7:58:
7c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BC:F7:2A:B3:1E:F8:49:08:6C:D3:CF:88:4B:3A:2E:26:06:50:2B
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/KLz3KrMe-EkIbNPPiEs6LiYGUCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.136.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:d9:27:fc:d3:c6:ec:46:65:c7:7f:9c:09:8c:59:ce:a4:4b:
d8:e3:1f:5d:7e:71:f7:45:6f:fc:1b:24:11:3e:c8:a1:d5:18:
e7:96:3e:0e:fb:6a:0e:0b:cc:d1:a3:b8:6c:43:d4:17:b7:7b:
61:21:8d:ca:1a:e9:bb:a4:ae:d3:80:f6:bd:dd:2f:b7:41:a6:
a9:02:ca:fd:77:06:8b:59:5d:59:e3:71:19:fa:49:ae:51:e7:
00:e8:13:38:eb:8a:83:76:0e:27:21:50:79:f0:dc:8f:83:67:
50:be:3f:5d:2b:0f:c2:61:c2:de:d3:ec:ed:cb:98:58:1c:35:
65:d5:f7:f4:77:db:92:b4:d7:8a:61:fe:db:89:71:bc:b2:cb:
ab:16:01:5d:8c:39:1a:ba:5c:c3:f4:90:2e:63:ec:b0:cc:fe:
51:42:c1:86:5a:0d:6b:44:1a:f8:47:33:8e:08:32:ef:dd:a0:
53:c0:a6:4b:0c:46:28:ab:ff:a3:ff:28:84:11:69:49:59:a7:
4e:ba:e8:b7:32:3b:33:ec:57:83:ed:cc:48:02:67:06:6f:e8:
c0:81:49:9e:cb:b9:46:e9:b5:1b:66:dd:22:8f:17:02:5d:b8:
5f:e5:b6:da:bd:ad:db:17:a5:68:35:37:0b:28:5b:6e:fe:c9:
38:07:e3:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTadoBCvlnytBCAz8llWDgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjUwMjA2MDg1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJjZjcyYWIzMWVmODQ5MDg2Y2QzY2Y4ODRiM2EyZTI2MDY1MDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUrGGiUj6dOaVYi0WfGApntD+Cqc
5sWy4yQ7FFQrcQ0L88iFPYuJhOELc6kQyaBar6zEJVLnRj4whFaEzukA5D2rge/N
deftMZK1o3eYDmRVBvFARbzWcnxiqkLd/WKqLIrR9zFnBJBIXuXQm0dozrFrvVUe
X4KJt6QdlaTvRI9TMEUFnSMqgkb7D3b6o7TP4QcFq5VhdN5tqCNs8Vkxf3aVFOsj
M90A6vwi/iYZ/grmobE3cQqHArWAvKkjGbmeodtbrD3F6QIvTgYc+PZQ6Glp1uax
pqpLu739VazEOQUHJ7RSJISki/82HiqwNWyuwc+t0k/iS729DwLQt1h8swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCi89yqzHvhJCGzTz4hLOi4mBlArMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvS0x6M0tyTWUtRWtJYk5QUGlFczZMaVlHVUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSqIMA0G
CSqGSIb3DQEBCwUAA4IBAQCM2Sf808bsRmXHf5wJjFnOpEvY4x9dfnH3RW/8GyQR
Psih1Rjnlj4O+2oOC8zRo7hsQ9QXt3thIY3KGum7pK7TgPa93S+3QaapAsr9dwaL
WV1Z43EZ+kmuUecA6BM464qDdg4nIVB58NyPg2dQvj9dKw/CYcLe0+zty5hYHDVl
1ff0d9uStNeKYf7biXG8ssurFgFdjDkaulzD9JAuY+ywzP5RQsGGWg1rRBr4RzOO
CDLv3aBTwKZLDEYoq/+j/yiEEWlJWadOuui3Mjsz7FeD7cxIAmcGb+jAgUmey7lG
6bUbZt0ijxcCXbhf5bbava3bF6VoNTcLKFtu/sk4B+OJ
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:40:55 2025 by rpki-client