Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/kt0GBnuBSSOQNp5-T21KdPR_kfA.roa
File: kt0GBnuBSSOQNp5-T21KdPR_kfA.roa (raw, json)
Hash identifier: AMY9rl+oRWKAvLXeboUDql8BqblvIcJGFnLGECcodQE=
Subject key identifier: 92:DD:06:06:7B:81:49:23:90:36:9E:7E:4F:6D:4A:74:F4:7F:91:F0
Certificate issuer: /CN=cc5911433ba206f450ac9bd065c86c96608401c1
Certificate serial: 01942747F35CF478C2D6800A5202588AAE9A
Authority key identifier: CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/kt0GBnuBSSOQNp5-T21KdPR_kfA.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47716
IP address blocks: 185.164.60.0/22 maxlen: 22
193.186.162.0/24 maxlen: 24
194.0.104.0/22 maxlen: 22
2a0a:c400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Mar 2025 17:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f3:5c:f4:78:c2:d6:80:0a:52:02:58:8a:ae:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc5911433ba206f450ac9bd065c86c96608401c1
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92dd06067b81492390369e7e4f6d4a74f47f91f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:21:92:c3:91:23:42:fc:5b:4c:6a:75:6c:13:
58:54:e7:7a:27:ae:68:d4:ac:1b:c3:b6:7a:bc:84:
10:ad:1a:cf:b8:4c:80:7e:95:03:59:e9:6d:e9:44:
b3:91:b9:92:b5:d4:46:85:db:65:30:bd:3d:94:fe:
54:b7:85:95:54:4d:45:73:a9:a7:0d:48:df:5a:03:
e1:4f:ea:e1:ea:53:c9:53:76:da:f8:db:5f:87:09:
da:dc:ec:a6:aa:91:74:99:1d:49:ea:cc:99:87:93:
0f:93:8c:87:46:1e:c2:30:89:db:08:e3:9e:95:dc:
20:61:97:e1:18:d3:e7:10:39:74:af:53:06:6d:22:
ff:48:7a:2f:05:32:63:36:12:81:02:4a:c7:8f:d9:
90:86:62:08:66:ac:ed:e4:d4:fd:99:78:af:4a:0d:
69:3a:2b:a8:ef:91:c6:ea:f0:4d:eb:47:42:ad:ac:
f6:57:9d:47:7d:37:71:3b:a9:4f:56:bd:9e:0b:b9:
95:76:53:f8:87:42:6e:ce:62:a1:76:bc:71:49:3f:
a8:d6:26:ce:0b:ff:ad:2b:83:0b:ba:d1:3e:6c:fe:
5a:25:2a:4c:d3:29:cf:47:99:02:b3:e3:5c:b5:27:
03:19:23:e9:0f:fa:0b:31:07:e6:50:3b:a8:a9:f8:
2a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DD:06:06:7B:81:49:23:90:36:9E:7E:4F:6D:4A:74:F4:7F:91:F0
X509v3 Authority Key Identifier:
keyid:CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/kt0GBnuBSSOQNp5-T21KdPR_kfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.60.0/22
193.186.162.0/24
194.0.104.0/22
IPv6:
2a0a:c400::/29
Signature Algorithm: sha256WithRSAEncryption
b4:77:13:5c:82:c0:37:87:74:89:bb:3c:4e:1c:5e:3b:e7:30:
31:2a:0d:45:b1:bf:7d:db:70:13:28:97:10:54:5c:dc:da:c9:
58:8a:bd:cc:d8:c1:af:49:ff:49:d8:80:32:55:65:41:b6:7b:
66:b6:a9:6d:a7:e4:6e:1c:19:f8:a6:57:0b:85:57:82:9a:50:
89:7d:d8:6b:63:8b:e5:15:4b:b3:35:6c:a0:1e:b8:3a:60:3b:
34:70:8b:35:8f:be:0d:e1:df:e7:bc:54:85:33:ca:75:61:44:
ea:77:7f:ea:df:64:b6:d5:23:0b:c8:11:10:2a:26:4e:65:48:
a9:c2:6c:3f:29:e9:1c:35:f5:09:e1:63:09:c2:31:cb:2a:2f:
2a:8a:fa:5b:c1:08:b2:06:e2:34:98:d1:62:9e:fb:e0:62:40:
82:b7:46:86:2f:10:b9:75:5c:ae:fd:df:89:ee:46:dc:78:a8:
43:de:62:96:5c:21:f7:08:37:0b:11:b0:c4:b8:7b:bf:40:59:
c7:58:6e:dc:5b:eb:f1:5c:f5:13:c0:12:35:0b:3e:43:7c:90:
4b:3f:47:b7:af:d3:a4:38:67:81:fc:c9:15:59:ca:22:7b:7d:
dd:33:3f:1f:6f:9b:3d:03:fa:b6:7b:48:bc:a5:60:e8:75:51:
e0:08:96:8c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQnR/Nc9HjC1oAKUgJYiq6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNTkxMTQzM2JhMjA2ZjQ1MGFjOWJkMDY1Yzg2Yzk2NjA4
NDAxYzEwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRkMDYwNjdiODE0OTIzOTAzNjllN2U0ZjZkNGE3NGY0N2Y5MWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCGSw5EjQvxbTGp1bBNYVOd6J65o
1Kwbw7Z6vIQQrRrPuEyAfpUDWelt6USzkbmStdRGhdtlML09lP5Ut4WVVE1Fc6mn
DUjfWgPhT+rh6lPJU3ba+Ntfhwna3OymqpF0mR1J6syZh5MPk4yHRh7CMInbCOOe
ldwgYZfhGNPnEDl0r1MGbSL/SHovBTJjNhKBAkrHj9mQhmIIZqzt5NT9mXivSg1p
Oiuo75HG6vBN60dCraz2V51HfTdxO6lPVr2eC7mVdlP4h0JuzmKhdrxxST+o1ibO
C/+tK4MLutE+bP5aJSpM0ynPR5kCs+NctScDGSPpD/oLMQfmUDuoqfgqcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJLdBgZ7gUkjkDaefk9tSnT0f5HwMB8GA1UdIwQY
MBaAFMxZEUM7ogb0UKyb0GXIbJZghAHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAt
MmIyNzUwNDM3MTlmLzEva3QwR0JudUJTU09RTnA1LVQyMUtkUFJfa2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAtMmIyNzUwNDM3MTlm
LzEvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuaQ8AwQA
wbqiAwQCwgBoMA0EAgACMAcDBQMqCsQAMA0GCSqGSIb3DQEBCwUAA4IBAQC0dxNc
gsA3h3SJuzxOHF475zAxKg1Fsb9923ATKJcQVFzc2slYir3M2MGvSf9J2IAyVWVB
tntmtqltp+RuHBn4plcLhVeCmlCJfdhrY4vlFUuzNWygHrg6YDs0cIs1j74N4d/n
vFSFM8p1YUTqd3/q32S21SMLyBEQKiZOZUipwmw/KekcNfUJ4WMJwjHLKi8qivpb
wQiyBuI0mNFinvvgYkCCt0aGLxC5dVyu/d+J7kbceKhD3mKWXCH3CDcLEbDEuHu/
QFnHWG7cW+vxXPUTwBI1Cz5DfJBLP0e3r9OkOGeB/MkVWcoie33dMz8fb5s9A/q2
e0i8pWDodVHgCJaM
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:16:30 2025 by rpki-client