Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/KfIAMMzSsbFD28kyBjstyuEW9PA.roa
File: KfIAMMzSsbFD28kyBjstyuEW9PA.roa (raw, json)
Hash identifier: W0uNGtGF+p3M3LA9eREbHwxkhzEGcDeTWUl/7Q16n7M=
Subject key identifier: 29:F2:00:30:CC:D2:B1:B1:43:DB:C9:32:06:3B:2D:CA:E1:16:F4:F0
Certificate issuer: /CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Certificate serial: 0195692000970778A438C01F18E9025D4388
Authority key identifier: D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/KfIAMMzSsbFD28kyBjstyuEW9PA.roa
Signing time: Thu 06 Mar 2025 01:44:19 +0000
ROA not before: Thu 06 Mar 2025 01:44:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.244.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 14:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:69:20:00:97:07:78:a4:38:c0:1f:18:e9:02:5d:43:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Validity
Not Before: Mar 6 01:44:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29f20030ccd2b1b143dbc932063b2dcae116f4f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:10:43:f3:ba:3b:0a:a8:89:02:fa:62:c9:
1e:c5:ea:5f:80:b9:81:b3:ec:d1:5c:02:90:bb:bb:
86:b7:fb:1d:77:d7:db:87:f3:27:83:ba:07:ed:2e:
0f:b2:56:58:c5:cd:56:f3:cd:a1:cd:6e:fc:95:af:
e1:20:f6:9f:93:a4:e6:fa:2f:d3:7d:98:a2:01:b8:
b5:4e:c5:19:15:5d:b0:a3:5a:c8:50:45:a5:ea:49:
6c:30:b1:d3:f0:9e:e5:e3:e7:d8:cf:33:e6:bc:d6:
a8:d2:cd:95:16:11:97:37:60:1a:ce:3f:a2:06:90:
11:f5:1a:a2:70:bb:15:57:80:21:9c:8f:33:dc:7a:
ad:89:58:ab:b1:7e:a2:cd:6f:a2:b5:80:6b:f3:5e:
9b:a6:16:7c:13:34:d4:dc:7d:c9:de:7e:d3:45:2e:
3b:59:89:5b:9f:19:01:0e:b0:4b:d1:3f:75:a4:e3:
b1:ad:77:cf:8d:1c:75:b8:e3:f8:96:9b:44:d5:31:
8a:b0:5a:8c:50:ff:ee:b7:76:c4:6f:f2:6b:21:2f:
cb:86:86:cf:91:c3:10:05:90:23:eb:37:c4:94:83:
9f:04:31:48:5e:0c:9d:a2:22:a7:f4:69:48:5f:26:
f6:22:18:e3:0c:fa:ea:53:78:7a:a2:7f:34:30:1a:
e4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F2:00:30:CC:D2:B1:B1:43:DB:C9:32:06:3B:2D:CA:E1:16:F4:F0
X509v3 Authority Key Identifier:
keyid:D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/KfIAMMzSsbFD28kyBjstyuEW9PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.2.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:90:ed:28:41:e1:74:4f:21:36:bb:97:69:cd:d1:b5:1d:6a:
f9:fb:7c:20:db:86:86:51:50:fa:1b:cc:c5:2e:38:a0:6a:21:
3c:f4:6d:4b:42:a9:c1:1d:21:9d:ce:7c:9e:20:3f:c7:5e:51:
96:f3:52:b4:64:22:14:92:b7:52:ac:61:77:61:08:66:51:ae:
a8:7c:22:ec:7c:b2:dc:df:c0:92:87:cf:91:c1:7f:4d:a9:f8:
04:77:38:c5:1e:4b:c0:c9:01:26:27:32:ac:8e:04:40:05:c5:
73:c2:36:cf:62:05:2f:27:b2:14:2d:b5:c3:83:ee:a2:a5:00:
50:9d:18:a9:0b:a6:df:14:02:b8:07:18:b9:7d:09:c1:ce:78:
81:e3:bd:22:46:dd:0d:df:b9:6a:36:74:c6:2f:1c:7d:69:50:
9a:53:04:92:e8:ef:1c:de:21:c1:a1:28:86:ac:55:c4:2a:03:
cc:4f:fa:e7:a0:25:19:62:86:3c:fd:c7:83:bf:55:50:86:1f:
e6:99:45:aa:05:94:bc:da:62:b2:55:7e:3c:f5:58:7e:72:6f:
7f:a4:e1:76:55:0a:bb:cf:5e:25:2a:2a:5f:10:31:18:90:b2:
ba:a7:57:90:31:eb:e6:87:90:b7:43:50:f6:d4:29:fd:a9:ea:
15:be:8b:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVpIACXB3ikOMAfGOkCXUOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWEzZmJjNzhlMzEyMjkxNTdjNzhiNmQyM2E2NWViMmUz
NTNkY2UwHhcNMjUwMzA2MDE0NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYyMDAzMGNjZDJiMWIxNDNkYmM5MzIwNjNiMmRjYWUxMTZmNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv8QQ/O6OwqoiQL6YskexepfgLmB
s+zRXAKQu7uGt/sdd9fbh/Mng7oH7S4PslZYxc1W882hzW78la/hIPafk6Tm+i/T
fZiiAbi1TsUZFV2wo1rIUEWl6klsMLHT8J7l4+fYzzPmvNao0s2VFhGXN2Aazj+i
BpAR9RqicLsVV4AhnI8z3HqtiVirsX6izW+itYBr816bphZ8EzTU3H3J3n7TRS47
WYlbnxkBDrBL0T91pOOxrXfPjRx1uOP4lptE1TGKsFqMUP/ut3bEb/JrIS/LhobP
kcMQBZAj6zfElIOfBDFIXgydoiKn9GlIXyb2IhjjDPrqU3h6on80MBrk0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnyADDM0rGxQ9vJMgY7LcrhFvTwMB8GA1UdIwQY
MBaAFNaqP7x44xIpFXx4ttI6ZesuNT3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2Mt
ODI3NmM4YWFjNTBlLzEvS2ZJQU1NelNzYkZEMjhreUJqc3R5dUVXOVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2MtODI3NmM4YWFjNTBl
LzEvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufQCMA0G
CSqGSIb3DQEBCwUAA4IBAQCbkO0oQeF0TyE2u5dpzdG1HWr5+3wg24aGUVD6G8zF
LjigaiE89G1LQqnBHSGdznyeID/HXlGW81K0ZCIUkrdSrGF3YQhmUa6ofCLsfLLc
38CSh8+RwX9NqfgEdzjFHkvAyQEmJzKsjgRABcVzwjbPYgUvJ7IULbXDg+6ipQBQ
nRipC6bfFAK4Bxi5fQnBzniB470iRt0N37lqNnTGLxx9aVCaUwSS6O8c3iHBoSiG
rFXEKgPMT/rnoCUZYoY8/ceDv1VQhh/mmUWqBZS82mKyVX489Vh+cm9/pOF2VQq7
z14lKipfEDEYkLK6p1eQMevmh5C3Q1D21Cn9qeoVvov/
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:55:02 2025 by rpki-client