Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/KTi10jVvzKY_f9BrhmU_KKePlgo.roa
File: KTi10jVvzKY_f9BrhmU_KKePlgo.roa (raw, json)
Hash identifier: faTuvGZbO0BjtQjvGYrr3tO20+P0lBPctLVRV8vH5k4=
Subject key identifier: 29:38:B5:D2:35:6F:CC:A6:3F:7F:D0:6B:86:65:3F:28:A7:8F:96:0A
Certificate issuer: /CN=b466ac0a49255283cd53066971cd7b3dfe2a3ce8
Certificate serial: 01856E6FB0149C679D0174DF57AF0AD9A154
Authority key identifier: B4:66:AC:0A:49:25:52:83:CD:53:06:69:71:CD:7B:3D:FE:2A:3C:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGasCkklUoPNUwZpcc17Pf4qPOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/KTi10jVvzKY_f9BrhmU_KKePlgo.roa
Signing time: Sun 01 Jan 2023 17:44:51 +0000
ROA not before: Sun 01 Jan 2023 17:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48101
IP address blocks: 134.19.192.0/22 maxlen: 22
134.19.196.0/22 maxlen: 23
185.122.192.0/22 maxlen: 22
185.16.160.0/22 maxlen: 24
98.96.160.0/20 maxlen: 23
134.65.128.0/21 maxlen: 21
134.65.136.0/22 maxlen: 22
91.228.232.0/23 maxlen: 24
134.65.144.0/22 maxlen: 22
134.65.140.0/22 maxlen: 22
91.228.234.0/24 maxlen: 24
134.65.148.0/22 maxlen: 22
199.15.232.0/22 maxlen: 22
134.65.152.0/21 maxlen: 21
37.25.44.0/24 maxlen: 24
199.15.237.0/24 maxlen: 24
199.15.236.0/24 maxlen: 24
199.15.239.0/24 maxlen: 24
199.15.238.0/24 maxlen: 24
37.25.45.0/24 maxlen: 24
37.25.46.0/23 maxlen: 23
2a04:200::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b0:14:9c:67:9d:01:74:df:57:af:0a:d9:a1:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b466ac0a49255283cd53066971cd7b3dfe2a3ce8
Validity
Not Before: Jan 1 17:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2938b5d2356fcca63f7fd06b86653f28a78f960a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:17:5b:9d:bb:90:dd:3c:89:32:bd:88:74:4c:
10:fa:87:11:6b:d2:c9:eb:40:e9:39:00:d6:28:a1:
66:f2:82:ac:7d:43:4b:86:a5:fe:d3:cd:bd:bb:ec:
5a:e1:c6:84:69:54:01:d8:27:56:04:7c:db:00:93:
f7:bf:aa:46:41:ba:f5:e3:86:ca:be:b6:a0:ef:ed:
6a:48:e8:82:71:fe:fd:93:5f:75:b8:05:6d:47:63:
67:a6:de:c4:ad:68:07:91:94:6c:4d:94:1c:39:e3:
b1:9e:f3:d6:e0:a0:79:76:4a:a6:27:ff:74:55:f7:
7e:02:80:28:be:0d:6c:2e:6a:d7:12:b7:af:37:1d:
a0:71:fe:7c:db:18:d5:5b:2c:26:7a:f2:23:45:59:
7d:b7:4b:e7:96:86:d4:83:cd:31:b6:18:e8:78:55:
2d:73:8e:83:1b:f4:7f:ed:17:b8:c2:57:97:f8:e5:
fd:e7:2e:8b:f6:76:63:5c:29:19:ce:91:dc:e3:92:
be:7a:3c:ef:15:b7:a8:dc:4a:a2:a6:2f:01:4a:93:
4d:66:6e:ea:da:2b:bf:01:f5:61:ab:74:30:d9:8a:
54:4e:ee:a0:16:4d:80:69:72:bf:a0:dd:96:b0:e0:
1c:86:7f:a1:99:7a:4c:73:bb:c0:85:f7:d6:18:9f:
3f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:38:B5:D2:35:6F:CC:A6:3F:7F:D0:6B:86:65:3F:28:A7:8F:96:0A
X509v3 Authority Key Identifier:
keyid:B4:66:AC:0A:49:25:52:83:CD:53:06:69:71:CD:7B:3D:FE:2A:3C:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGasCkklUoPNUwZpcc17Pf4qPOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/KTi10jVvzKY_f9BrhmU_KKePlgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/tGasCkklUoPNUwZpcc17Pf4qPOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.44.0/22
91.228.232.0-91.228.234.255
98.96.160.0/20
134.19.192.0/21
134.65.128.0/19
185.16.160.0/22
185.122.192.0/22
199.15.232.0/21
IPv6:
2a04:200::/29
Signature Algorithm: sha256WithRSAEncryption
e0:c7:08:08:73:85:65:9f:2a:77:d6:93:a3:c2:48:6b:17:e4:
50:b0:b6:3e:bd:bb:90:b1:76:36:3b:df:85:7c:17:20:16:94:
06:55:05:33:89:6c:23:6b:53:d9:ac:ea:bf:44:40:e2:1d:51:
ec:89:9e:2e:6e:19:91:45:fe:c9:89:f3:a5:58:ee:94:e9:9f:
71:f8:8a:4b:ad:43:d1:b3:44:f4:4c:1b:ed:4c:ca:5e:3a:78:
bf:50:13:76:6b:d4:ac:a5:3e:61:75:cb:24:ae:4e:db:03:2a:
09:41:e3:0c:14:c8:29:16:f7:09:7f:45:f0:1b:3a:f5:e3:24:
ac:94:71:da:6c:de:69:45:c4:ef:30:92:1a:c5:ce:09:55:de:
4c:1f:bf:8b:f2:8b:d8:84:57:73:b7:4f:f2:bf:fc:31:73:38:
31:e6:2a:c2:36:a2:ae:73:11:c6:53:a3:8a:80:94:91:e6:24:
6b:be:6c:fd:b1:76:7e:47:89:93:d7:de:2f:12:2b:98:1c:a2:
34:21:85:cf:44:f6:8a:1f:41:92:e4:14:45:27:0b:7f:d0:66:
3b:ee:b8:f5:52:a1:cb:40:fe:3b:8d:7e:aa:69:64:c6:c3:73:
3f:e0:98:4b:3f:8a:1a:b6:f0:ce:59:20:c9:b8:60:67:36:3b:
07:c7:bb:28
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVub7AUnGedAXTfV68K2aFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjZhYzBhNDkyNTUyODNjZDUzMDY2OTcxY2Q3YjNkZmUy
YTNjZTgwHhcNMjMwMTAxMTc0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM4YjVkMjM1NmZjY2E2M2Y3ZmQwNmI4NjY1M2YyOGE3OGY5NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRdbnbuQ3TyJMr2IdEwQ+ocRa9LJ
60DpOQDWKKFm8oKsfUNLhqX+0829u+xa4caEaVQB2CdWBHzbAJP3v6pGQbr144bK
vrag7+1qSOiCcf79k191uAVtR2Nnpt7ErWgHkZRsTZQcOeOxnvPW4KB5dkqmJ/90
Vfd+AoAovg1sLmrXErevNx2gcf582xjVWywmevIjRVl9t0vnlobUg80xthjoeFUt
c46DG/R/7Re4wleX+OX95y6L9nZjXCkZzpHc45K+ejzvFbeo3Eqipi8BSpNNZm7q
2iu/AfVhq3Qw2YpUTu6gFk2AaXK/oN2WsOAchn+hmXpMc7vAhffWGJ8/mwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCk4tdI1b8ymP3/Qa4ZlPyinj5YKMB8GA1UdIwQY
MBaAFLRmrApJJVKDzVMGaXHNez3+KjzoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdhc0Nra2xVb1BOVXdacGNjMTdQZjRxUE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8xMzNiNTItN2E2Ni00MWFiLWFlZWUt
YzliNDcwZGMyNDBiLzEvS1RpMTBqVnZ6S1lfZjlCcmhtVV9LS2VQbGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8xMzNiNTItN2E2Ni00MWFiLWFlZWUtYzliNDcwZGMyNDBi
LzEvdEdhc0Nra2xVb1BOVXdacGNjMTdQZjRxUE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQCJRksMAwD
BANb5OgDBABb5OoDBARiYKADBAOGE8ADBAWGQYADBAK5EKADBAK5esADBAPHD+gw
DQQCAAIwBwMFAyoEAgAwDQYJKoZIhvcNAQELBQADggEBAODHCAhzhWWfKnfWk6PC
SGsX5FCwtj69u5CxdjY734V8FyAWlAZVBTOJbCNrU9ms6r9EQOIdUeyJni5uGZFF
/smJ86VY7pTpn3H4ikutQ9GzRPRMG+1Myl46eL9QE3Zr1KylPmF1yySuTtsDKglB
4wwUyCkW9wl/RfAbOvXjJKyUcdps3mlFxO8wkhrFzglV3kwfv4vyi9iEV3O3T/K/
/DFzODHmKsI2oq5zEcZTo4qAlJHmJGu+bP2xdn5HiZPX3i8SK5gcojQhhc9E9oof
QZLkFEUnC3/QZjvuuPVSoctA/juNfqppZMbDcz/gmEs/ihq28M5ZIMm4YGc2OwfH
uyg=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:23 2023 by rpki-client on console.sobornost.net