Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KfbiOLDXrGNikduiWXuFen5ZCNc.roa
File: KfbiOLDXrGNikduiWXuFen5ZCNc.roa (raw, json)
Hash identifier: P+13FFZN0Zmfuef9Qd0RNlGmX4qsNaucZtWFZhQmWB4=
Subject key identifier: 29:F6:E2:38:B0:D7:AC:63:62:91:DB:A2:59:7B:85:7A:7E:59:08:D7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01950A0D5F730A11EEB670BDD352C3A2FED2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KfbiOLDXrGNikduiWXuFen5ZCNc.roa
Signing time: Sat 15 Feb 2025 14:40:03 +0000
ROA not before: Sat 15 Feb 2025 14:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.131.186.0/24 maxlen: 24
2a06:de01:140::/44 maxlen: 48
2a06:de01:141::/48 maxlen: 48
2a06:de01:142::/48 maxlen: 48
2a06:de01:143::/48 maxlen: 48
2a06:de01:144::/48 maxlen: 48
2a06:de01:145::/48 maxlen: 48
2a06:de03:3690::/48 maxlen: 48
2a06:de03:3691::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Feb 2025 12:54:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0a:0d:5f:73:0a:11:ee:b6:70:bd:d3:52:c3:a2:fe:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 15 14:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29f6e238b0d7ac636291dba2597b857a7e5908d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:63:87:b6:8f:0e:ad:1a:31:86:1e:b7:84:
59:90:8b:4f:86:57:19:69:5c:ba:b8:21:9f:0e:68:
e2:e2:78:e2:2c:56:ed:b2:a8:2b:0f:3f:7a:d3:69:
24:50:dd:3b:a7:1c:51:5f:65:1e:75:bf:75:05:79:
95:44:e5:20:2e:5f:bf:88:4c:c6:ec:e6:a2:a5:fb:
46:40:e1:7b:aa:1d:e4:97:c3:c5:56:a8:ae:0b:25:
cc:00:5c:99:c5:cb:26:ee:f3:c1:98:4d:74:55:16:
39:7b:a9:04:8a:fd:be:9e:d9:d3:6e:7d:0e:9e:4b:
0c:a1:6a:26:6f:38:a5:01:46:47:59:a5:c1:9f:ab:
50:81:20:b8:e1:e4:90:6b:32:3e:68:2d:6f:f2:d6:
7d:b5:18:da:8c:1f:35:50:24:35:6c:3a:63:1b:63:
c1:c7:27:54:20:9d:27:a9:4b:16:93:14:34:b1:16:
d4:fb:70:06:e2:de:09:23:fb:7c:93:84:c5:fd:4f:
57:e1:96:f0:f3:22:72:0c:16:00:c1:9f:8c:e8:96:
9e:8e:3f:84:5e:54:31:50:19:95:97:c9:45:fd:df:
91:60:66:3a:8c:ed:33:c9:43:65:c4:6b:4c:10:93:
59:5c:20:65:76:59:d2:bf:60:90:69:c3:00:f6:89:
2b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F6:E2:38:B0:D7:AC:63:62:91:DB:A2:59:7B:85:7A:7E:59:08:D7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KfbiOLDXrGNikduiWXuFen5ZCNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.186.0/24
IPv6:
2a06:de01:140::/44
2a06:de03:3690::/47
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
62:1a:38:be:84:63:fb:f2:ef:3c:a7:05:e4:c8:62:8b:33:14:
51:a9:98:a5:ed:2c:0c:2b:62:3d:a9:24:88:1f:b3:62:2d:4f:
d8:87:47:25:4b:93:3e:66:cd:9c:3c:73:28:7b:d1:98:4f:6f:
d3:b4:6e:fa:6f:23:74:9c:4f:81:3f:54:52:0e:a4:e2:2a:2d:
89:94:cb:4a:e0:dd:a6:a9:5c:40:b2:0e:87:f1:77:5d:80:d2:
af:85:38:d7:b0:54:3c:d5:9c:70:6a:83:ca:1c:a5:32:78:dc:
d0:48:46:19:40:5d:d9:5b:33:38:34:63:d2:66:0f:0b:eb:d8:
c8:4d:75:74:31:49:7b:fd:27:00:a0:0f:7d:7a:52:e5:9b:b3:
8a:2c:da:3c:95:d9:f2:be:12:4d:11:2b:89:b3:f4:11:65:40:
7a:7a:27:cb:81:93:f1:78:4e:ee:03:4c:46:04:66:b5:65:b4:
bd:5a:2a:27:47:44:2a:f7:d1:0f:f7:d6:54:fe:8d:50:be:7f:
59:08:16:94:0f:58:45:7e:ef:e5:3b:15:e8:bd:b5:00:7f:5f:
bf:f8:e1:ab:4d:d1:d7:1a:a0:6c:11:e5:4a:a1:b2:e1:0d:04:
46:07:c1:e8:10:86:96:ef:49:9e:ae:54:b8:20:df:ca:db:5c:
80:8b:87:5a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZUKDV9zChHutnC901LDov7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjE1MTQ0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY2ZTIzOGIwZDdhYzYzNjI5MWRiYTI1OTdiODU3YTdlNTkwOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi5jh7aPDq0aMYYet4RZkItPhlcZ
aVy6uCGfDmji4njiLFbtsqgrDz9602kkUN07pxxRX2Uedb91BXmVROUgLl+/iEzG
7OaipftGQOF7qh3kl8PFVqiuCyXMAFyZxcsm7vPBmE10VRY5e6kEiv2+ntnTbn0O
nksMoWombzilAUZHWaXBn6tQgSC44eSQazI+aC1v8tZ9tRjajB81UCQ1bDpjG2PB
xydUIJ0nqUsWkxQ0sRbU+3AG4t4JI/t8k4TF/U9X4Zbw8yJyDBYAwZ+M6Jaejj+E
XlQxUBmVl8lF/d+RYGY6jO0zyUNlxGtMEJNZXCBldlnSv2CQacMA9okrcwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFCn24jiw16xjYpHboll7hXp+WQjXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS2ZiaU9MRFhyR05pa2R1aVdYdUZlbjVaQ05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizAMBAIAATAGAwQALYO6
MHsEAgACMHUDBwQqBt4BAUADBwEqBt4DNpADBgAqDDuH/wMHACoOl8AHUDASAwcA
Kg6XwAeRAwcAKg6XwAeSAwcAKg6xBwn0AwcAKg6xBwn2AwcAKg6xBw3yAwcAKg6x
BxhwAwcAKg6xBxueAwcAKg6xByeLAwYCKhDMx5AwDQYJKoZIhvcNAQELBQADggEB
AGIaOL6EY/vy7zynBeTIYoszFFGpmKXtLAwrYj2pJIgfs2ItT9iHRyVLkz5mzZw8
cyh70ZhPb9O0bvpvI3ScT4E/VFIOpOIqLYmUy0rg3aapXECyDofxd12A0q+FONew
VDzVnHBqg8ocpTJ43NBIRhlAXdlbMzg0Y9JmDwvr2MhNdXQxSXv9JwCgD316UuWb
s4os2jyV2fK+Ek0RK4mz9BFlQHp6J8uBk/F4Tu4DTEYEZrVltL1aKidHRCr30Q/3
1lT+jVC+f1kIFpQPWEV+7+U7Fei9tQB/X7/44atN0dcaoGwR5UqhsuENBEYHwegQ
hpbvSZ6uVLgg38rbXICLh1o=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:34:44 2025 by rpki-client