Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kkKgJwGVaWT76oJVd5kCPpQcPSI.roa
File: kkKgJwGVaWT76oJVd5kCPpQcPSI.roa (raw, json)
Hash identifier: z/mJVqgnO0OVYNh6XKPakW6YfslMnKuq1gA3vdyf/Sc=
Subject key identifier: 92:42:A0:27:01:95:69:64:FB:EA:82:55:77:99:02:3E:94:1C:3D:22
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196820E3319A674DF70068711F0E5C56B8A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kkKgJwGVaWT76oJVd5kCPpQcPSI.roa
Signing time: Tue 29 Apr 2025 14:58:10 +0000
ROA not before: Tue 29 Apr 2025 14:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.234.0/24 maxlen: 24
62.76.238.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
192.124.175.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.41.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 16:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:0e:33:19:a6:74:df:70:06:87:11:f0:e5:c5:6b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 29 14:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9242a02701956964fbea82557799023e941c3d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:eb:26:04:00:0e:f1:78:d2:b2:be:5c:b5:34:
0e:43:ba:b0:0f:d3:17:3d:c5:e4:17:01:05:1f:c1:
2a:0a:37:c4:88:8c:8a:88:e2:cd:4d:df:24:78:d8:
a0:ff:a0:94:a5:8b:e1:a8:8f:b4:19:db:42:02:f7:
4c:90:3f:3c:42:85:7c:a4:89:6d:19:88:50:c5:05:
de:51:ea:fa:a0:2e:83:01:56:6b:5e:3b:f5:ad:92:
11:e7:aa:c6:69:c9:30:bd:f4:33:29:5d:7c:d8:e9:
c8:b7:d7:45:73:0e:06:55:a6:55:d7:9b:ed:72:8c:
6f:78:43:9d:6f:9c:30:b8:87:49:ef:35:19:d1:2c:
51:36:73:ec:02:55:35:f2:c7:97:f9:28:7c:64:dd:
9f:41:0b:8e:ef:f1:c5:4c:45:13:95:0f:c5:ca:3a:
a4:3b:74:f2:02:6a:83:ec:8b:75:cf:a2:a8:37:e7:
4d:e8:e8:8c:5b:ba:f1:6d:0b:86:79:31:c6:16:2c:
46:cd:52:74:fa:00:6b:d1:03:e1:76:a5:ef:ee:d1:
34:7b:cb:e5:64:f0:61:6f:8e:b3:9e:7e:e8:f8:e1:
1b:01:fc:d7:64:0b:b2:57:7e:1f:8f:17:21:ff:e2:
a4:55:c1:fc:9e:dd:bb:bb:97:1f:fc:9a:e2:c1:fc:
bb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:42:A0:27:01:95:69:64:FB:EA:82:55:77:99:02:3E:94:1C:3D:22
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kkKgJwGVaWT76oJVd5kCPpQcPSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.234.0/24
62.76.238.0/23
192.124.175.0-192.124.176.255
192.124.209.0/24
193.108.112.0/24
193.124.2.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.38.0-194.58.40.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.41.0/24
194.87.47.0-194.87.48.255
194.87.58.0/24
194.87.73.0/24
194.87.82.0/24
194.87.89.0/24
194.87.105.0/24
194.87.108.0/24
194.87.123.0/24
194.87.128.0/24
194.87.137.0/24
194.87.162.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.55.0/24
195.133.67.0/24
195.133.83.0/24
195.133.92.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:10:b4:84:43:6b:a1:35:07:c8:aa:e6:06:19:82:ef:be:7d:
15:93:88:f3:60:47:74:9e:7f:07:0e:c2:29:5a:8a:48:dd:1a:
f3:20:52:53:bf:ba:a0:8a:e0:96:d3:dc:b3:77:e4:51:2d:3c:
64:49:0a:48:95:61:ca:db:86:ac:51:af:c6:04:da:ef:fa:ce:
95:a3:91:80:e9:dc:38:7d:42:cf:0e:4a:ad:6e:4a:e4:9b:e1:
e1:e6:cd:54:f1:64:4f:d1:84:e1:87:e5:4f:aa:25:0d:d0:16:
c9:4c:d6:e8:21:00:2a:d2:67:6d:fc:95:be:00:af:b0:77:a5:
d8:2c:d6:d3:da:14:ae:34:ad:ee:c3:df:c9:99:50:8a:6f:63:
13:5a:3b:31:ce:bc:ee:ca:4c:44:cf:35:2d:4f:53:23:54:74:
dd:73:ab:dd:8a:05:4f:d6:44:4d:b7:3c:4f:59:66:d3:20:30:
9a:7a:6f:ab:82:7c:3b:b8:74:de:e7:ab:4c:be:5c:66:a7:d4:
c0:e9:80:5f:f0:d4:69:d5:87:e5:57:08:14:9e:43:74:6c:d0:
42:6a:cc:47:8a:0b:1a:b2:06:5a:79:22:65:87:52:ff:8f:ef:
63:cf:0a:d6:99:17:76:76:18:0a:5e:5f:08:89:f5:0b:46:7f:
66:5e:05:7b
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgISAZaCDjMZpnTfcAaHEfDlxWuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDI5MTQ1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQyYTAyNzAxOTU2OTY0ZmJlYTgyNTU3Nzk5MDIzZTk0MWMzZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7esmBAAO8XjSsr5ctTQOQ7qwD9MX
PcXkFwEFH8EqCjfEiIyKiOLNTd8keNig/6CUpYvhqI+0GdtCAvdMkD88QoV8pIlt
GYhQxQXeUer6oC6DAVZrXjv1rZIR56rGackwvfQzKV182OnIt9dFcw4GVaZV15vt
coxveEOdb5wwuIdJ7zUZ0SxRNnPsAlU18seX+Sh8ZN2fQQuO7/HFTEUTlQ/Fyjqk
O3TyAmqD7It1z6KoN+dN6OiMW7rxbQuGeTHGFixGzVJ0+gBr0QPhdqXv7tE0e8vl
ZPBhb46znn7o+OEbAfzXZAuyV34fjxch/+KkVcH8nt27u5cf/Jriwfy75QIDAQAB
o4IDQzCCAz8wHQYDVR0OBBYEFJJCoCcBlWlk++qCVXeZAj6UHD0iMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva2tLZ0p3R1ZhV1Q3Nm9KVmQ1a0NQcFFjUFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVwYIKwYBBQUHAQcBAf8EggFGMIIBQjCCAT4EAgABMIIB
NgMEAD5M6AMEAD5M6gMEAT5M7jAMAwQAwHyvAwQAwHywAwQAwHzRAwQAwWxwAwQA
wXwCAwQAwXwWAwQAwXwpAwQAwXwuMAwDBAHCOiYDBADCOigDBADCOjsDBADCOkID
BADCOkQDBADCVwowDAMEAMJXEQMEAMJXEgMEAMJXFwMEAMJXHgMEAMJXJwMEAMJX
KTAMAwQAwlcvAwQAwlcwAwQAwlc6AwQAwldJAwQAwldSAwQAwldZAwQAwldpAwQA
wldsAwQAwld7AwQAwleAAwQAwleJAwQAwleiAwQAwleyAwQAwlfGAwQAwlfjAwQA
wlfmAwQAwlfwAwQAwlf1AwQAw4U3AwQAw4VDAwQAw4VTAwQAw4VcAwQA1MDdAwQA
1MDfMAwDBADUwQEDBADUwQIDBADUwQYwDQYJKoZIhvcNAQELBQADggEBAEoQtIRD
a6E1B8iq5gYZgu++fRWTiPNgR3SefwcOwilaikjdGvMgUlO/uqCK4JbT3LN35FEt
PGRJCkiVYcrbhqxRr8YE2u/6zpWjkYDp3Dh9Qs8OSq1uSuSb4eHmzVTxZE/RhOGH
5U+qJQ3QFslM1ughACrSZ238lb4Ar7B3pdgs1tPaFK40re7D38mZUIpvYxNaOzHO
vO7KTETPNS1PUyNUdN1zq92KBU/WRE23PE9ZZtMgMJp6b6uCfDu4dN7nq0y+XGan
1MDpgF/w1GnVh+VXCBSeQ3Rs0EJqzEeKCxqyBlp5ImWHUv+P72PPCtaZF3Z2GApe
XwiJ9QtGf2ZeBXs=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:04:37 2025 by rpki-client