Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/KgTA-nynWCivwjq4IUIQtMzIlMI.roa
File: KgTA-nynWCivwjq4IUIQtMzIlMI.roa (raw, json)
Hash identifier: W7gCtF/ObFffG4m6I/YbkbTtb4mNpn3CGnUgGmNpem0=
Subject key identifier: 2A:04:C0:FA:7C:A7:58:28:AF:C2:3A:B8:21:42:10:B4:CC:C8:94:C2
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0195B9741FFDD1B742C36E9BBAA7362E12DB
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/KgTA-nynWCivwjq4IUIQtMzIlMI.roa
Signing time: Fri 21 Mar 2025 16:05:49 +0000
ROA not before: Fri 21 Mar 2025 16:05:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199760
IP address blocks: 144.56.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 21:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:74:1f:fd:d1:b7:42:c3:6e:9b:ba:a7:36:2e:12:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Mar 21 16:05:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a04c0fa7ca75828afc23ab8214210b4ccc894c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7c:22:c3:73:81:88:b4:c9:9c:ed:5a:35:22:
3b:72:68:b5:0f:a8:ba:35:0b:d2:80:3a:40:c8:df:
70:53:27:07:83:de:3c:4a:c1:8e:58:e1:55:54:ba:
cd:f0:77:b8:65:78:a2:66:f5:1c:2a:95:7b:38:28:
74:17:63:3f:fe:59:f7:f5:76:ed:06:d8:21:d9:a1:
11:d6:1b:64:2e:c4:cf:95:13:e7:a4:e1:c4:e5:c6:
cd:19:5b:6c:0c:e1:4b:c4:c3:f1:f1:c4:a0:41:ad:
ec:c6:10:6b:7c:92:ff:8b:62:18:b9:17:1e:ef:7b:
f5:c8:05:98:e2:20:5a:bc:77:fd:41:23:10:16:41:
8c:24:86:8a:aa:07:49:20:b5:a2:6c:64:82:a9:dc:
8a:d3:13:1e:b3:fd:5a:f5:61:47:d1:86:c1:f3:7d:
e0:13:df:ad:13:fb:d9:ef:5b:e5:1b:75:c7:9f:c3:
9e:b9:83:e5:ff:62:29:20:7d:7b:41:b7:75:a0:0b:
e1:cd:77:2f:48:68:10:ca:01:d2:64:4e:d9:6c:f1:
c2:be:b2:f2:97:14:c6:41:79:84:ac:24:b2:49:8f:
8b:c3:09:de:82:69:6b:c9:79:d3:1f:72:39:44:c5:
7e:54:51:d5:2b:35:f4:d4:5a:c7:09:6b:57:6a:55:
67:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:04:C0:FA:7C:A7:58:28:AF:C2:3A:B8:21:42:10:B4:CC:C8:94:C2
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/KgTA-nynWCivwjq4IUIQtMzIlMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.29.0/24
Signature Algorithm: sha256WithRSAEncryption
95:89:43:bd:9e:16:8d:75:8a:86:e3:a4:e4:3d:e5:b3:4f:e3:
b1:eb:77:87:a8:e0:c3:db:39:93:2d:fb:1a:1e:3d:cf:43:bb:
de:d8:15:4d:77:88:ec:0f:79:c8:a9:95:87:69:a9:5e:93:29:
73:b5:5f:8e:48:09:5f:03:c3:6e:ee:8c:f6:65:96:75:05:c8:
38:b3:10:41:e3:75:8c:72:e1:70:2c:91:c7:80:1a:ba:09:15:
2e:be:d9:54:c8:da:47:a9:9a:c4:28:5f:54:fb:82:10:1b:09:
4b:8a:75:34:62:3e:d2:9f:38:e4:d3:4c:5c:90:d8:c6:eb:45:
63:13:63:8f:ed:36:33:4d:27:ae:1f:54:23:70:76:b8:84:ce:
39:bc:bf:b3:68:a6:8e:56:18:0b:5f:6d:5a:71:52:95:2f:7b:
29:bd:25:c0:e5:b0:03:47:e2:04:5e:92:92:81:14:de:91:1e:
79:a1:57:77:c2:30:c7:0e:64:c7:8b:52:9c:fe:75:23:3f:05:
0c:ac:b5:a1:e6:38:af:5f:fb:a6:d1:7b:39:b4:a4:94:30:6d:
5d:a1:99:2b:3f:93:37:01:34:39:6b:21:a0:61:3c:8d:29:90:
d0:99:0f:0a:2a:d7:3d:50:e5:62:f8:86:06:5d:5c:83:7d:5a:
7f:a9:4d:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW5dB/90bdCw26buqc2LhLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwMzIxMTYwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA0YzBmYTdjYTc1ODI4YWZjMjNhYjgyMTQyMTBiNGNjYzg5NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXwiw3OBiLTJnO1aNSI7cmi1D6i6
NQvSgDpAyN9wUycHg948SsGOWOFVVLrN8He4ZXiiZvUcKpV7OCh0F2M//ln39Xbt
Btgh2aER1htkLsTPlRPnpOHE5cbNGVtsDOFLxMPx8cSgQa3sxhBrfJL/i2IYuRce
73v1yAWY4iBavHf9QSMQFkGMJIaKqgdJILWibGSCqdyK0xMes/1a9WFH0YbB833g
E9+tE/vZ71vlG3XHn8OeuYPl/2IpIH17Qbd1oAvhzXcvSGgQygHSZE7ZbPHCvrLy
lxTGQXmErCSySY+LwwnegmlryXnTH3I5RMV+VFHVKzX01FrHCWtXalVnZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoEwPp8p1gor8I6uCFCELTMyJTCMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvS2dUQS1ueW5XQ2l2d2pxNElVSVF0TXpJbE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkDgdMA0G
CSqGSIb3DQEBCwUAA4IBAQCViUO9nhaNdYqG46TkPeWzT+Ox63eHqODD2zmTLfsa
Hj3PQ7ve2BVNd4jsD3nIqZWHaalekylztV+OSAlfA8Nu7oz2ZZZ1Bcg4sxBB43WM
cuFwLJHHgBq6CRUuvtlUyNpHqZrEKF9U+4IQGwlLinU0Yj7Snzjk00xckNjG60Vj
E2OP7TYzTSeuH1QjcHa4hM45vL+zaKaOVhgLX21acVKVL3spvSXA5bADR+IEXpKS
gRTekR55oVd3wjDHDmTHi1Kc/nUjPwUMrLWh5jivX/um0Xs5tKSUMG1doZkrP5M3
ATQ5ayGgYTyNKZDQmQ8KKtc9UOVi+IYGXVyDfVp/qU3c
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:50:41 2025 by rpki-client