Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/KnKAeUOQJ1F8kTc3nn0WA2A-KuM.roa
File: KnKAeUOQJ1F8kTc3nn0WA2A-KuM.roa (raw, json)
Hash identifier: cBWRLw5Ol8El+Ks3FpHqYqbgNMp0mwECoymFLC7zPLs=
Subject key identifier: 2A:72:80:79:43:90:27:51:7C:91:37:37:9E:7D:16:03:60:3E:2A:E3
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 0197CFDD17585BE11D9093A81B69A12C344C
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/KnKAeUOQJ1F8kTc3nn0WA2A-KuM.roa
Signing time: Thu 03 Jul 2025 10:37:42 +0000
ROA not before: Thu 03 Jul 2025 10:37:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 84.22.64.0/19 maxlen: 19
84.22.64.0/24 maxlen: 24
84.22.65.0/24 maxlen: 24
84.22.66.0/24 maxlen: 24
84.22.67.0/24 maxlen: 24
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.70.0/24 maxlen: 24
84.22.71.0/24 maxlen: 24
84.22.72.0/24 maxlen: 24
84.22.73.0/24 maxlen: 24
84.22.74.0/24 maxlen: 24
84.22.75.0/24 maxlen: 24
84.22.76.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.79.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.81.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.86.0/24 maxlen: 24
128.140.128.0/20 maxlen: 20
185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.247.0/24 maxlen: 24
213.180.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 18 Jul 2025 09:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:dd:17:58:5b:e1:1d:90:93:a8:1b:69:a1:2c:34:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jul 3 10:37:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a728079439027517c9137379e7d1603603e2ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0e:d7:6b:15:8e:df:d1:af:3f:0b:63:45:9b:
a3:d7:3e:0e:12:e1:f1:dd:f1:91:05:16:03:44:59:
23:0b:f7:e8:9a:59:ac:f5:8f:ba:37:bf:9b:59:84:
15:bd:aa:98:9d:75:29:1e:eb:be:84:7b:fe:7b:22:
1b:92:16:af:90:d2:0f:38:a7:63:93:f7:57:0e:c3:
df:f7:05:26:ff:9f:9c:3b:21:63:6d:70:17:79:98:
cc:58:c4:f3:be:74:62:b6:71:0d:09:b7:0e:bf:d1:
e4:ef:c4:a7:b0:c9:f3:68:6b:77:5b:5c:b7:99:44:
b5:c0:94:72:97:f7:76:0a:d3:3e:84:6a:20:22:9b:
56:50:82:07:02:b7:3d:9c:ab:34:8a:7c:2c:9d:54:
e6:e5:0a:c2:b2:1c:f4:6e:0c:f8:77:ea:4c:e0:32:
3d:42:a4:47:95:60:9d:14:47:e2:cc:be:86:19:3f:
4b:8c:22:d0:74:67:8f:23:b6:33:bf:c6:02:ac:7c:
8e:2e:de:f7:5a:78:fa:c4:6a:8d:7d:2c:0e:97:d4:
c4:91:ab:88:3e:31:a6:d2:c2:0a:4b:ca:b6:a1:f1:
1b:66:71:df:18:51:3c:14:1b:5e:89:b1:66:00:7c:
74:74:71:fe:0f:08:e1:45:c6:19:13:db:b7:de:3f:
e3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:72:80:79:43:90:27:51:7C:91:37:37:9E:7D:16:03:60:3E:2A:E3
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/KnKAeUOQJ1F8kTc3nn0WA2A-KuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/19
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.247.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
56:51:98:37:f7:42:02:12:b7:3c:17:27:6f:02:d1:a6:93:8a:
60:d7:3c:06:8b:7c:f0:a8:e5:46:1d:49:82:10:e9:cf:4e:03:
30:69:1d:3a:0e:6d:dc:f2:5c:2f:bd:f0:98:f4:23:08:d2:81:
f4:1b:0c:ab:2a:b1:8a:53:0b:d5:7a:63:34:a6:08:b6:11:5f:
4a:af:61:44:a9:d3:ef:f2:a8:91:31:30:94:f0:21:23:b7:98:
4b:4e:ba:3d:f4:82:af:62:a7:40:a5:d7:a4:a6:9b:e3:03:7d:
5c:3a:71:fd:e7:e5:e2:34:2a:95:75:d5:70:07:07:4d:65:b9:
cd:86:ac:cb:a8:c9:8c:09:e8:01:ed:0c:f4:bf:18:a3:f5:25:
83:a5:9e:3c:b7:eb:f4:27:29:d5:4c:f1:0d:be:f6:dc:71:c8:
66:0a:2d:d7:07:be:e1:b3:8d:e7:52:3b:16:96:f5:45:2b:7c:
43:cc:ff:67:1d:74:78:1d:16:6b:98:35:1e:cd:bf:32:46:d8:
c7:1a:0f:37:c6:81:aa:fa:77:10:d5:65:4d:91:ad:af:ef:0e:
8a:5d:6f:2d:7c:d9:0b:c5:7e:0f:c4:2e:94:c5:9f:e5:e6:6c:
0c:11:08:71:87:94:21:db:d5:c4:0d:ee:82:9b:89:f7:1d:89:
85:69:33:24
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZfP3RdYW+EdkJOoG2mhLDRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwNzAzMTAzNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTcyODA3OTQzOTAyNzUxN2M5MTM3Mzc5ZTdkMTYwMzYwM2UyYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA7XaxWO39GvPwtjRZuj1z4OEuHx
3fGRBRYDRFkjC/fomlms9Y+6N7+bWYQVvaqYnXUpHuu+hHv+eyIbkhavkNIPOKdj
k/dXDsPf9wUm/5+cOyFjbXAXeZjMWMTzvnRitnENCbcOv9Hk78SnsMnzaGt3W1y3
mUS1wJRyl/d2CtM+hGogIptWUIIHArc9nKs0inwsnVTm5QrCshz0bgz4d+pM4DI9
QqRHlWCdFEfizL6GGT9LjCLQdGePI7Yzv8YCrHyOLt73Wnj6xGqNfSwOl9TEkauI
PjGm0sIKS8q2ofEbZnHfGFE8FBteibFmAHx0dHH+DwjhRcYZE9u33j/jywIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCpygHlDkCdRfJE3N559FgNgPirjMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvS25LQWVVT1FKMUY4a1RjM25uMFdBMkEtS3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQFVBZAAwQE
gIyAAwQBuRdgAwQAuRdjMAwDBADVtOEDBADVtOIwDAMEAtW05AMEANW05gMEANW0
9wMEAtW0/DANBgkqhkiG9w0BAQsFAAOCAQEAVlGYN/dCAhK3PBcnbwLRppOKYNc8
Bot88KjlRh1JghDpz04DMGkdOg5t3PJcL73wmPQjCNKB9BsMqyqxilML1XpjNKYI
thFfSq9hRKnT7/KokTEwlPAhI7eYS066PfSCr2KnQKXXpKab4wN9XDpx/efl4jQq
lXXVcAcHTWW5zYasy6jJjAnoAe0M9L8Yo/Ulg6WePLfr9Ccp1UzxDb723HHIZgot
1we+4bON51I7Fpb1RSt8Q8z/Zx10eB0Wa5g1Hs2/MkbYxxoPN8aBqvp3ENVlTZGt
r+8Oil1vLXzZC8V+D8QulMWf5eZsDBEIcYeUIdvVxA3ugpuJ9x2JhWkzJA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:30:23 2025 by rpki-client