Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kv5JfP_bNP6bK1pF7QVaIZvLqU8.roa
File: Kv5JfP_bNP6bK1pF7QVaIZvLqU8.roa (raw, json)
Hash identifier: WbcPF6trCE65+zu00W+tp4J2lvgQByi8lCRBU/tNxlk=
Subject key identifier: 2A:FE:49:7C:FF:DB:34:FE:9B:2B:5A:45:ED:05:5A:21:9B:CB:A9:4F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824CD4D35DAA011768A8957DA0656CD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kv5JfP_bNP6bK1pF7QVaIZvLqU8.roa
Signing time: Thu 02 Jan 2025 17:51:27 +0000
ROA not before: Thu 02 Jan 2025 17:51:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215411
IP address blocks: 87.121.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 08:22:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:cd:4d:35:da:a0:11:76:8a:89:57:da:06:56:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2afe497cffdb34fe9b2b5a45ed055a219bcba94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f1:10:7e:49:44:42:bc:79:ed:bc:64:5f:bf:
fa:61:96:d1:f4:62:d5:08:e6:64:8c:bd:5c:e4:23:
85:63:2c:7d:d2:93:4d:3d:7a:1a:2f:ba:8d:fd:db:
27:cd:af:cc:16:1d:b9:31:f1:2d:46:4d:40:b3:a2:
b8:05:59:62:40:c2:58:c9:a1:ba:46:04:24:53:60:
89:4a:1e:23:15:66:83:70:35:2f:7f:1b:27:c3:57:
e6:43:93:0a:5d:3d:b0:8d:58:a3:fb:b3:6c:cc:d0:
2e:e3:b1:c2:a7:63:62:4e:00:42:d3:3c:21:d4:71:
d8:64:61:0d:49:e2:28:81:c5:ea:a7:fa:b1:8a:db:
ed:46:1c:ae:9c:da:03:15:7c:a7:fa:61:ea:5a:ce:
37:eb:6c:3d:82:2a:b7:f6:46:24:42:6f:fe:5f:97:
55:94:d0:68:67:c8:62:b7:30:18:89:bb:0c:dc:1c:
c7:c2:93:38:18:4c:65:0f:a4:12:f4:30:18:b8:ea:
88:3a:55:26:ce:a8:04:86:30:5e:88:f1:55:d0:ff:
ae:e2:47:01:2c:3a:45:2f:41:c7:04:49:ab:e0:13:
10:b4:21:ea:e4:02:ed:62:40:75:15:00:6a:e3:61:
a4:a8:65:30:23:14:02:a6:11:2b:49:58:a7:07:7a:
c0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FE:49:7C:FF:DB:34:FE:9B:2B:5A:45:ED:05:5A:21:9B:CB:A9:4F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kv5JfP_bNP6bK1pF7QVaIZvLqU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.104.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:a0:d3:56:a9:af:8f:a6:bf:96:85:43:b4:c8:e0:e4:3c:9b:
72:fe:5c:35:32:ec:65:0e:23:ec:81:19:56:54:3e:f6:e2:5c:
81:b9:b5:f4:72:80:2b:eb:8c:d5:79:94:36:ac:34:bc:96:b3:
5d:82:bd:93:43:92:8e:5d:bc:bd:80:40:07:f4:c0:5d:fd:db:
dc:e8:0b:64:69:fb:37:ac:47:f4:f0:1e:aa:fa:d8:ff:03:9f:
28:71:ee:cb:08:0d:fa:1f:9e:66:39:c3:1f:03:8d:e6:8d:33:
e3:8d:e1:1e:47:81:0c:ba:fd:c3:6e:85:24:eb:aa:07:ae:f7:
4e:a4:cc:ab:43:9d:2c:f4:f4:de:05:44:b4:76:21:ec:8c:b5:
57:dd:f6:d9:ca:13:4b:1f:fa:df:5f:69:b1:2f:22:2f:55:0e:
49:90:1a:1d:03:4f:e8:06:ad:43:aa:ac:6f:c9:c2:33:28:4b:
ed:f3:dc:e2:2a:8d:ea:78:bd:be:2f:b8:0c:c1:73:da:c4:ba:
a8:af:9d:31:71:4f:9d:b6:ce:6d:28:32:0e:7f:98:eb:9d:23:
76:e7:b0:66:db:bd:06:94:d8:ef:ad:84:78:05:07:3d:ec:50:
ad:51:86:b9:45:00:81:f1:d6:06:be:74:4a:64:4f:98:e1:50:
54:3c:14:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJM1NNdqgEXaKiVfaBlbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZlNDk3Y2ZmZGIzNGZlOWIyYjVhNDVlZDA1NWEyMTliY2JhOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfEQfklEQrx57bxkX7/6YZbR9GLV
COZkjL1c5COFYyx90pNNPXoaL7qN/dsnza/MFh25MfEtRk1As6K4BVliQMJYyaG6
RgQkU2CJSh4jFWaDcDUvfxsnw1fmQ5MKXT2wjVij+7NszNAu47HCp2NiTgBC0zwh
1HHYZGENSeIogcXqp/qxitvtRhyunNoDFXyn+mHqWs4362w9giq39kYkQm/+X5dV
lNBoZ8hitzAYibsM3BzHwpM4GExlD6QS9DAYuOqIOlUmzqgEhjBeiPFV0P+u4kcB
LDpFL0HHBEmr4BMQtCHq5ALtYkB1FQBq42GkqGUwIxQCphErSVinB3rAPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCr+SXz/2zT+mytaRe0FWiGby6lPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS3Y1SmZQX2JOUDZiSzFwRjdRVmFJWnZMcVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3loMA0G
CSqGSIb3DQEBCwUAA4IBAQA9oNNWqa+Ppr+WhUO0yODkPJty/lw1MuxlDiPsgRlW
VD724lyBubX0coAr64zVeZQ2rDS8lrNdgr2TQ5KOXby9gEAH9MBd/dvc6Atkafs3
rEf08B6q+tj/A58oce7LCA36H55mOcMfA43mjTPjjeEeR4EMuv3DboUk66oHrvdO
pMyrQ50s9PTeBUS0diHsjLVX3fbZyhNLH/rfX2mxLyIvVQ5JkBodA0/oBq1Dqqxv
ycIzKEvt89ziKo3qeL2+L7gMwXPaxLqor50xcU+dts5tKDIOf5jrnSN257Bm270G
lNjvrYR4BQc97FCtUYa5RQCB8dYGvnRKZE+Y4VBUPBRe
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:28:51 2025 by rpki-client