Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kftBfNZYENTPngezvOI5hTNxgIs.roa
File: kftBfNZYENTPngezvOI5hTNxgIs.roa (raw, json)
Hash identifier: D+AmmZjRAzXC+cZJDmZw+Wj+ACwTfDqEYAOnC3aR3AY=
Subject key identifier: 91:FB:41:7C:D6:58:10:D4:CF:9E:07:B3:BC:E2:39:85:33:71:80:8B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194AD2C688EAD9A0886099479D1934ADB98
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kftBfNZYENTPngezvOI5hTNxgIs.roa
Signing time: Tue 28 Jan 2025 13:49:15 +0000
ROA not before: Tue 28 Jan 2025 13:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213519
IP address blocks: 5.175.237.0/24 maxlen: 24
5.175.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 13:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:2c:68:8e:ad:9a:08:86:09:94:79:d1:93:4a:db:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 28 13:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91fb417cd65810d4cf9e07b3bce239853371808b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:5a:17:4e:8f:bb:bb:21:be:1a:44:c6:c8:
2d:d4:ae:e0:e5:50:32:d8:0c:ee:e7:78:93:9d:a6:
e2:44:ad:90:d8:de:42:64:25:97:7c:86:9d:97:e6:
a8:fb:63:bc:ed:c1:b2:43:d3:d4:50:8c:d2:82:aa:
f3:42:1d:0b:8b:f1:ed:9a:c7:05:af:74:d3:8c:ac:
52:3a:61:b6:c6:f8:7f:ca:e2:0b:2b:e0:a5:40:51:
e0:c1:57:13:f4:7a:fe:c1:b7:b7:3f:fb:7c:b1:df:
52:0f:e3:3e:13:60:a2:10:32:9c:e2:56:3a:7b:f8:
e4:a9:11:b8:4e:88:b9:c7:ce:c3:20:b9:2b:51:97:
2e:60:51:1f:58:b6:cc:a7:ab:76:93:01:f5:32:2f:
7a:90:c2:4d:42:9e:82:75:1b:5f:4b:d5:60:96:bc:
87:2e:41:82:dc:67:47:b3:aa:59:97:84:53:d8:65:
32:ae:46:dd:36:7e:75:ea:ec:bc:e1:f2:bb:fe:74:
4c:67:d9:23:b7:9d:40:ab:e9:f0:89:20:55:be:ab:
dc:85:9f:5c:0b:39:b5:32:4f:a9:cd:2f:b0:ac:56:
08:b4:67:07:16:53:ac:bd:e4:d2:00:37:9b:7d:cb:
8b:24:ff:b4:3c:82:f0:65:8f:52:cc:b2:0f:6c:c3:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FB:41:7C:D6:58:10:D4:CF:9E:07:B3:BC:E2:39:85:33:71:80:8B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kftBfNZYENTPngezvOI5hTNxgIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.237.0-5.175.238.255
Signature Algorithm: sha256WithRSAEncryption
15:f1:f6:1b:96:bd:17:ed:f0:15:cb:92:60:9c:04:bd:eb:22:
ba:49:65:7f:ea:d1:37:03:20:b3:ba:86:60:23:2e:d0:b7:ee:
ca:50:2c:dc:dc:a3:7f:81:c6:24:84:93:23:c0:dc:80:67:8a:
26:72:c8:d1:64:be:a0:64:2b:a8:dd:ff:d2:8f:20:33:82:a9:
58:ed:fc:57:27:2d:06:57:5b:56:13:e1:71:ea:ee:0e:e4:50:
75:38:f8:0f:5b:a3:d8:ef:3b:a4:9b:e1:af:70:b3:71:a3:0c:
b6:55:4d:07:10:77:e2:dd:74:fc:47:c4:89:b5:82:0b:6a:29:
a5:b7:c7:a7:3c:2a:5d:07:57:fb:c2:b8:6e:7d:5a:5f:02:cd:
59:b6:0a:03:b2:92:d5:db:89:d9:2b:c3:8f:28:2b:6f:b8:d1:
55:3f:f8:4f:73:31:32:f3:ca:d9:d0:49:38:46:62:f0:1f:82:
97:0e:51:a4:04:e4:ae:93:8f:24:57:c2:9b:a4:f6:0f:4e:2a:
6e:f2:78:77:59:96:80:cf:b4:df:24:e3:9c:24:fb:ba:c0:5a:
0b:53:aa:ef:03:e0:2d:23:08:ce:77:cb:07:21:29:91:2c:04:
99:50:cc:0e:1f:b5:d5:dc:36:39:ac:62:e3:be:89:49:2c:41:
e9:b3:f9:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZStLGiOrZoIhgmUedGTStuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTI4MTM0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZiNDE3Y2Q2NTgxMGQ0Y2Y5ZTA3YjNiY2UyMzk4NTMzNzE4MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrxaF06Pu7shvhpExsgt1K7g5VAy
2Azu53iTnabiRK2Q2N5CZCWXfIadl+ao+2O87cGyQ9PUUIzSgqrzQh0Li/HtmscF
r3TTjKxSOmG2xvh/yuILK+ClQFHgwVcT9Hr+wbe3P/t8sd9SD+M+E2CiEDKc4lY6
e/jkqRG4Toi5x87DILkrUZcuYFEfWLbMp6t2kwH1Mi96kMJNQp6CdRtfS9VglryH
LkGC3GdHs6pZl4RT2GUyrkbdNn516uy84fK7/nRMZ9kjt51Aq+nwiSBVvqvchZ9c
Czm1Mk+pzS+wrFYItGcHFlOsveTSADebfcuLJP+0PILwZY9SzLIPbMOS6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJH7QXzWWBDUz54Hs7ziOYUzcYCLMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEva2Z0QmZOWllFTlRQbmdlenZPSTVoVE54Z0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFr+0D
BAAFr+4wDQYJKoZIhvcNAQELBQADggEBABXx9huWvRft8BXLkmCcBL3rIrpJZX/q
0TcDILO6hmAjLtC37spQLNzco3+BxiSEkyPA3IBniiZyyNFkvqBkK6jd/9KPIDOC
qVjt/FcnLQZXW1YT4XHq7g7kUHU4+A9bo9jvO6Sb4a9ws3GjDLZVTQcQd+LddPxH
xIm1ggtqKaW3x6c8Kl0HV/vCuG59Wl8CzVm2CgOyktXbidkrw48oK2+40VU/+E9z
MTLzytnQSThGYvAfgpcOUaQE5K6TjyRXwpuk9g9OKm7yeHdZloDPtN8k45wk+7rA
WgtTqu8D4C0jCM53ywchKZEsBJlQzA4ftdXcNjmsYuO+iUksQemz+Zk=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:12:50 2025 by rpki-client