Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KsbDxBF1rLzccGgrZkavdO58vAs.roa
File: KsbDxBF1rLzccGgrZkavdO58vAs.roa (raw, json)
Hash identifier: nQji8ZVyg1EieXsYge5A5q6zH0PfsWbEBdLPzzn8wuE=
Subject key identifier: 2A:C6:C3:C4:11:75:AC:BC:DC:70:68:2B:66:46:AF:74:EE:7C:BC:0B
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0196EDF3A78F6F4E98500A1C2C12F2F3A8C5
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KsbDxBF1rLzccGgrZkavdO58vAs.roa
Signing time: Tue 20 May 2025 13:48:10 +0000
ROA not before: Tue 20 May 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 92.71.2.0/23 maxlen: 24
92.71.4.0/23 maxlen: 24
92.71.26.0/23 maxlen: 24
92.71.28.0/22 maxlen: 24
92.71.48.0/21 maxlen: 24
92.71.56.0/22 maxlen: 24
92.71.62.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 04:49:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:f3:a7:8f:6f:4e:98:50:0a:1c:2c:12:f2:f3:a8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: May 20 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ac6c3c41175acbcdc70682b6646af74ee7cbc0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3d:10:4b:82:20:70:29:f7:e2:d3:00:56:ce:
27:23:4d:a5:b8:e9:99:8d:02:f0:c8:c4:0f:ed:9f:
22:d0:ab:a8:18:40:d6:3e:39:d5:57:83:03:44:14:
d4:aa:fd:d8:92:f6:0a:1a:f2:b7:20:ea:53:12:7e:
e8:08:4a:20:2b:cb:13:30:88:2c:b9:f6:a3:47:cf:
79:96:48:19:f2:83:94:b9:06:fd:1c:c5:76:9f:94:
99:52:a3:f1:9b:eb:53:16:65:e8:a3:2c:50:21:b5:
89:d5:f2:72:8e:6e:c3:17:f2:43:61:f6:24:4b:fb:
b5:19:f5:e3:68:f9:6a:47:7a:66:61:f4:d6:6c:1e:
19:31:41:81:ef:34:d7:15:cd:e0:f7:d4:7b:01:14:
1f:09:95:80:2a:94:d4:eb:16:e6:76:43:33:74:3e:
b3:de:f1:aa:ae:0b:aa:34:1c:07:6f:35:f6:69:2c:
22:19:0e:6b:8b:68:89:23:46:e8:5c:89:77:16:c8:
d5:f1:df:a7:00:3e:ba:fa:33:b5:a1:62:4b:28:fd:
49:fe:74:0f:91:75:44:67:c9:53:40:19:dd:0d:21:
88:ec:3f:e2:22:31:34:fc:a8:9f:55:83:67:74:ec:
78:8d:19:91:c8:07:6f:11:e9:da:c1:b8:0f:e2:14:
37:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C6:C3:C4:11:75:AC:BC:DC:70:68:2B:66:46:AF:74:EE:7C:BC:0B
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KsbDxBF1rLzccGgrZkavdO58vAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.71.2.0-92.71.5.255
92.71.26.0-92.71.31.255
92.71.48.0-92.71.59.255
92.71.62.0/23
Signature Algorithm: sha256WithRSAEncryption
63:7a:2d:5c:97:63:46:12:52:23:1c:f3:d5:1c:d9:e0:8d:23:
40:b6:1e:cf:72:81:b3:2e:15:6e:fe:5f:00:91:73:f8:96:38:
28:d6:a2:4c:1f:c8:fd:a1:b0:a0:a1:5d:de:f6:47:51:61:77:
14:fd:21:19:b8:d3:f9:15:20:21:2f:5e:51:1f:6a:72:f7:3c:
b2:4c:c1:88:a8:f6:92:eb:32:84:ea:88:08:68:ce:fa:1f:e3:
36:46:ba:68:87:71:8b:e9:5c:65:6a:0f:da:12:4a:44:61:b8:
aa:d3:ad:1f:14:36:35:dd:99:c9:44:0b:0d:67:9d:10:88:6a:
83:b1:84:73:d9:57:81:6e:44:9e:87:a2:1e:4a:70:59:75:3b:
1d:f6:ab:d4:e6:65:f1:1f:92:2b:21:ac:f1:d4:24:37:ef:8f:
37:04:f5:56:f0:cc:7c:ec:0f:a0:e1:87:cb:71:02:c6:b4:62:
a8:d5:24:54:33:e1:35:4d:b1:b9:36:76:40:5b:68:1a:c5:fb:
e6:a6:96:d0:78:d2:83:a4:ab:1c:e8:ae:c3:d0:f7:5a:ad:e4:
33:ce:3e:62:e0:fa:30:33:71:03:90:6e:50:4f:99:ad:d1:d0:
92:40:7a:43:4d:b9:c2:c8:de:d6:70:1c:48:07:65:cf:08:df:
cc:f4:7d:69
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZbt86ePb06YUAocLBLy86jFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNTIwMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM2YzNjNDExNzVhY2JjZGM3MDY4MmI2NjQ2YWY3NGVlN2NiYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD0QS4IgcCn34tMAVs4nI02luOmZ
jQLwyMQP7Z8i0KuoGEDWPjnVV4MDRBTUqv3YkvYKGvK3IOpTEn7oCEogK8sTMIgs
ufajR895lkgZ8oOUuQb9HMV2n5SZUqPxm+tTFmXooyxQIbWJ1fJyjm7DF/JDYfYk
S/u1GfXjaPlqR3pmYfTWbB4ZMUGB7zTXFc3g99R7ARQfCZWAKpTU6xbmdkMzdD6z
3vGqrguqNBwHbzX2aSwiGQ5ri2iJI0boXIl3FsjV8d+nAD66+jO1oWJLKP1J/nQP
kXVEZ8lTQBndDSGI7D/iIjE0/KifVYNndOx4jRmRyAdvEenawbgP4hQ3UQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCrGw8QRday83HBoK2ZGr3TufLwLMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvS3NiRHhCRjFyTHpjY0dnclprYXZkTzU4dkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAFcRwID
BAFcRwQwDAMEAVxHGgMEBVxHADAMAwQEXEcwAwQCXEc4AwQBXEc+MA0GCSqGSIb3
DQEBCwUAA4IBAQBjei1cl2NGElIjHPPVHNngjSNAth7PcoGzLhVu/l8AkXP4ljgo
1qJMH8j9obCgoV3e9kdRYXcU/SEZuNP5FSAhL15RH2py9zyyTMGIqPaS6zKE6ogI
aM76H+M2Rrpoh3GL6Vxlag/aEkpEYbiq060fFDY13ZnJRAsNZ50QiGqDsYRz2VeB
bkSeh6IeSnBZdTsd9qvU5mXxH5IrIazx1CQ37483BPVW8Mx87A+g4YfLcQLGtGKo
1SRUM+E1TbG5NnZAW2gaxfvmppbQeNKDpKsc6K7D0PdareQzzj5i4PowM3EDkG5Q
T5mt0dCSQHpDTbnCyN7WcBxIB2XPCN/M9H1p
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:00:41 2025 by rpki-client