Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/KiYrt-FrlYfcvrfTl93T9l2mBP4.roa
File: KiYrt-FrlYfcvrfTl93T9l2mBP4.roa (raw, json)
Hash identifier: U0scJK1VhI3QAAqXBhtwEyaVT3E/Oa8TLbaJk9HYKKA=
Subject key identifier: 2A:26:2B:B7:E1:6B:95:87:DC:BE:B7:D3:97:DD:D3:F6:5D:A6:04:FE
Certificate issuer: /CN=72426c3d11c9f24acc0a1d8454cbc9604865a809
Certificate serial: 018CC5DD45529EE99185CD8D5A37EC58FB7D
Authority key identifier: 72:42:6C:3D:11:C9:F2:4A:CC:0A:1D:84:54:CB:C9:60:48:65:A8:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckJsPRHJ8krMCh2EVMvJYEhlqAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/KiYrt-FrlYfcvrfTl93T9l2mBP4.roa
Signing time: Mon 01 Jan 2024 16:31:01 +0000
ROA not before: Mon 01 Jan 2024 16:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200607
IP address blocks: 185.101.181.0/24 maxlen: 24
185.101.180.0/24 maxlen: 24
185.101.183.0/24 maxlen: 24
185.101.182.0/24 maxlen: 24
2a06:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:45:52:9e:e9:91:85:cd:8d:5a:37:ec:58:fb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72426c3d11c9f24acc0a1d8454cbc9604865a809
Validity
Not Before: Jan 1 16:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a262bb7e16b9587dcbeb7d397ddd3f65da604fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:80:56:96:59:85:45:46:47:91:61:e3:65:46:
70:ad:14:1d:93:71:ed:29:78:c8:aa:34:21:de:c3:
ed:74:1a:3c:77:8a:53:a6:bd:8f:69:02:b7:b1:45:
64:b3:92:d3:79:e6:6d:6d:e2:a7:4c:52:41:73:1d:
70:82:e5:41:64:d5:a9:b7:9c:77:c0:36:df:de:88:
b5:70:4c:c5:c0:5f:f1:b9:42:9d:70:c6:db:f0:71:
71:6a:5a:c1:9a:c7:b6:c3:65:f8:68:d6:2c:e0:b1:
b4:99:62:d4:e5:ed:20:7e:9d:75:be:e0:a4:ec:9f:
e3:6f:0f:f5:54:b2:e2:0d:e7:b8:60:20:d6:df:16:
11:5b:3d:1f:88:1e:11:5f:6b:3c:0b:19:f9:01:dc:
8d:ed:3e:cb:01:1f:c5:cf:8f:ba:57:5c:9d:37:56:
bc:9a:d1:c0:54:75:63:54:23:0c:d5:87:f1:07:b2:
74:6a:fd:74:9e:aa:38:0c:d3:90:3b:13:be:50:ec:
f4:2f:c9:11:54:c2:e3:f8:32:1a:93:48:c7:31:9d:
b6:9e:67:50:7e:0c:37:1c:d6:ff:4c:35:39:63:65:
02:19:31:5d:2b:ac:03:a1:0d:e1:10:96:6a:c3:41:
1b:52:00:91:c5:e2:16:e6:ff:1e:a7:22:11:5d:a1:
a7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:26:2B:B7:E1:6B:95:87:DC:BE:B7:D3:97:DD:D3:F6:5D:A6:04:FE
X509v3 Authority Key Identifier:
keyid:72:42:6C:3D:11:C9:F2:4A:CC:0A:1D:84:54:CB:C9:60:48:65:A8:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckJsPRHJ8krMCh2EVMvJYEhlqAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/KiYrt-FrlYfcvrfTl93T9l2mBP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/ckJsPRHJ8krMCh2EVMvJYEhlqAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.180.0/22
IPv6:
2a06:2040::/29
Signature Algorithm: sha256WithRSAEncryption
32:f7:f0:fa:ef:13:8a:48:24:0a:b7:4c:50:38:61:ca:cc:b9:
0b:bb:ee:24:66:8c:7b:df:28:6d:be:b7:cf:af:f4:e8:60:89:
80:65:65:f9:03:97:26:42:ac:c7:92:d3:5a:d9:08:9e:06:4d:
9b:86:38:9c:72:ec:12:fb:ea:69:27:de:a2:55:56:dd:7b:c6:
2b:04:5e:59:c6:85:4b:bc:18:3d:fb:c9:76:5a:6b:f9:a8:7f:
63:c4:00:c0:d0:69:5c:63:21:21:48:85:dc:df:a9:91:33:fc:
c1:ff:57:db:65:8b:40:ea:65:b3:40:bc:64:7e:c0:56:f6:41:
b6:36:d5:5a:41:b5:9e:86:e4:d1:21:19:76:4c:0f:77:47:0f:
3a:e9:10:13:da:8e:eb:97:36:3e:30:89:be:45:25:eb:e1:32:
7f:dd:d5:9c:4e:85:39:d0:8f:a5:54:e9:02:b8:b1:67:36:55:
73:12:3f:8c:88:da:d2:6d:4a:61:e7:93:8e:40:0b:c0:fd:a2:
48:ed:4a:2a:2c:b8:d8:0e:02:2d:cd:3d:d2:c3:01:60:f6:9b:
f4:59:a5:e7:d2:d5:c4:51:f9:04:61:73:76:5d:07:10:7a:b0:
0b:09:f4:32:5d:03:d5:b6:55:1e:72:3a:ab:64:f2:af:ec:7b:
b0:3b:8c:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3UVSnumRhc2NWjfsWPt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDI2YzNkMTFjOWYyNGFjYzBhMWQ4NDU0Y2JjOTYwNDg2
NWE4MDkwHhcNMjQwMTAxMTYzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI2MmJiN2UxNmI5NTg3ZGNiZWI3ZDM5N2RkZDNmNjVkYTYwNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIBWllmFRUZHkWHjZUZwrRQdk3Ht
KXjIqjQh3sPtdBo8d4pTpr2PaQK3sUVks5LTeeZtbeKnTFJBcx1wguVBZNWpt5x3
wDbf3oi1cEzFwF/xuUKdcMbb8HFxalrBmse2w2X4aNYs4LG0mWLU5e0gfp11vuCk
7J/jbw/1VLLiDee4YCDW3xYRWz0fiB4RX2s8Cxn5AdyN7T7LAR/Fz4+6V1ydN1a8
mtHAVHVjVCMM1YfxB7J0av10nqo4DNOQOxO+UOz0L8kRVMLj+DIak0jHMZ22nmdQ
fgw3HNb/TDU5Y2UCGTFdK6wDoQ3hEJZqw0EbUgCRxeIW5v8epyIRXaGnjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFComK7fha5WH3L6305fd0/ZdpgT+MB8GA1UdIwQY
MBaAFHJCbD0RyfJKzAodhFTLyWBIZagJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tKc1BSSEo4a3JNQ2gyRVZNdkpZRWhscUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80YzFiMzQtOWM3MC00MTFmLWIwMWYt
YmU5MGIwZmQxZjc4LzEvS2lZcnQtRnJsWWZjdnJmVGw5M1Q5bDJtQlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni80YzFiMzQtOWM3MC00MTFmLWIwMWYtYmU5MGIwZmQxZjc4
LzEvY2tKc1BSSEo4a3JNQ2gyRVZNdkpZRWhscUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWW0MA0E
AgACMAcDBQMqBiBAMA0GCSqGSIb3DQEBCwUAA4IBAQAy9/D67xOKSCQKt0xQOGHK
zLkLu+4kZox73yhtvrfPr/ToYImAZWX5A5cmQqzHktNa2QieBk2bhjiccuwS++pp
J96iVVbde8YrBF5ZxoVLvBg9+8l2Wmv5qH9jxADA0GlcYyEhSIXc36mRM/zB/1fb
ZYtA6mWzQLxkfsBW9kG2NtVaQbWehuTRIRl2TA93Rw866RAT2o7rlzY+MIm+RSXr
4TJ/3dWcToU50I+lVOkCuLFnNlVzEj+MiNrSbUph55OOQAvA/aJI7UoqLLjYDgIt
zT3SwwFg9pv0WaXn0tXEUfkEYXN2XQcQerALCfQyXQPVtlUecjqrZPKv7HuwO4zE
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:10:14 2025 by rpki-client