Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/ktr5osSRGAePlhG83LnpRCyNXpE.roa
File: ktr5osSRGAePlhG83LnpRCyNXpE.roa (raw, json)
Hash identifier: mt9Q896QZ4QcmVqnB/nOL2wfsQhIglauvCRXy7LP6Y8=
Subject key identifier: 92:DA:F9:A2:C4:91:18:07:8F:96:11:BC:DC:B9:E9:44:2C:8D:5E:91
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 018F4C5AEBAC3F8E76FEA679F276E8446467
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/ktr5osSRGAePlhG83LnpRCyNXpE.roa
Signing time: Mon 06 May 2024 05:22:57 +0000
ROA not before: Mon 06 May 2024 05:22:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205056
IP address blocks: 5.157.2.0/23 maxlen: 23
37.72.184.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:5a:eb:ac:3f:8e:76:fe:a6:79:f2:76:e8:44:64:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: May 6 05:22:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92daf9a2c49118078f9611bcdcb9e9442c8d5e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:94:97:a9:61:7f:1a:04:64:df:3d:10:bf:fd:
ec:a6:75:55:5f:04:d6:12:6d:fd:c2:e5:36:01:65:
f4:78:db:7a:93:e4:2f:61:bb:5c:a6:d6:05:c4:c7:
58:84:34:d6:9a:03:7e:58:b5:0e:aa:ee:9b:bf:94:
b9:2b:99:fc:b8:ac:27:c4:c8:f8:b4:d1:fe:5d:ab:
92:2d:14:9d:60:48:88:79:95:8c:3e:3a:11:4b:24:
f4:08:2a:cf:e1:e2:9b:da:d1:c2:b6:b2:d4:c2:11:
62:07:80:1a:cf:bc:e3:9f:cd:42:61:98:92:d4:6d:
e9:34:d6:13:4b:dd:9f:5d:db:85:bd:0f:92:15:bc:
7f:7a:d9:fd:74:ff:55:87:cc:5a:62:ae:f0:ae:31:
ce:a8:05:99:ad:a4:79:32:38:37:32:e0:89:4b:16:
71:f9:75:f4:a5:c1:f8:27:a3:31:3e:fa:58:ab:46:
ea:37:c3:f5:9b:7b:09:03:4f:0b:dc:df:cb:af:ed:
17:40:da:46:b2:37:57:8e:22:a5:e7:a9:87:17:ee:
03:55:b0:11:2f:57:fc:eb:ff:5e:06:55:21:0e:4d:
1d:55:be:66:f2:fb:e3:c7:6f:a1:13:6d:ee:c2:d0:
03:b8:03:65:be:08:e1:37:a5:12:7b:c4:24:11:70:
0d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DA:F9:A2:C4:91:18:07:8F:96:11:BC:DC:B9:E9:44:2C:8D:5E:91
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/ktr5osSRGAePlhG83LnpRCyNXpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.2.0/23
37.72.184.0/23
Signature Algorithm: sha256WithRSAEncryption
45:7d:ca:15:d5:55:1e:3b:77:30:96:98:70:7f:3e:5e:21:80:
6a:f2:23:40:bc:fe:b4:1e:8c:bd:cb:b9:53:8f:a5:3b:9a:22:
5e:fc:34:f8:6c:63:36:23:68:96:02:4d:0f:cb:cf:84:e6:1d:
6e:b4:31:b5:4b:ac:f0:84:c7:96:63:e8:71:41:95:7e:f6:7d:
94:1f:00:9e:be:c6:1e:4b:b2:3f:0e:9e:5d:fd:4f:55:65:bf:
ef:f0:2d:1c:bc:d1:31:93:39:e0:e2:8c:d5:f0:5c:7d:c2:37:
4f:6d:e2:53:2b:e7:02:da:b0:4a:dc:08:34:0d:d7:ad:bb:53:
ab:ee:41:7c:93:2f:0e:e3:1c:c3:28:44:12:ad:1a:90:32:22:
00:a3:7f:93:c9:0e:c2:99:36:cc:59:6a:e9:5f:c5:61:20:38:
e1:26:2a:01:97:c0:43:7b:8b:76:2e:7b:ad:3d:88:24:c2:08:
87:73:50:9f:3f:06:c2:5e:0d:41:de:18:4f:a8:d7:47:ee:4d:
0b:58:61:0c:e9:3d:78:70:62:14:e2:cd:9b:95:53:b1:fa:5d:
1a:70:04:e1:23:e7:01:6b:3f:ee:4d:f9:28:4b:40:2d:dc:fd:
04:ba:d6:00:14:b1:ac:bf:01:31:4e:a6:79:60:d4:c0:1d:5a:
b9:c3:f6:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9MWuusP452/qZ58nboRGRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNTA2MDUyMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRhZjlhMmM0OTExODA3OGY5NjExYmNkY2I5ZTk0NDJjOGQ1ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpSXqWF/GgRk3z0Qv/3spnVVXwTW
Em39wuU2AWX0eNt6k+QvYbtcptYFxMdYhDTWmgN+WLUOqu6bv5S5K5n8uKwnxMj4
tNH+XauSLRSdYEiIeZWMPjoRSyT0CCrP4eKb2tHCtrLUwhFiB4Aaz7zjn81CYZiS
1G3pNNYTS92fXduFvQ+SFbx/etn9dP9Vh8xaYq7wrjHOqAWZraR5Mjg3MuCJSxZx
+XX0pcH4J6MxPvpYq0bqN8P1m3sJA08L3N/Lr+0XQNpGsjdXjiKl56mHF+4DVbAR
L1f86/9eBlUhDk0dVb5m8vvjx2+hE23uwtADuANlvgjhN6USe8QkEXANNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJLa+aLEkRgHj5YRvNy56UQsjV6RMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEva3RyNW9zU1JHQWVQbGhHODNMbnBSQ3lOWHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBZ0CAwQB
JUi4MA0GCSqGSIb3DQEBCwUAA4IBAQBFfcoV1VUeO3cwlphwfz5eIYBq8iNAvP60
Hoy9y7lTj6U7miJe/DT4bGM2I2iWAk0Py8+E5h1utDG1S6zwhMeWY+hxQZV+9n2U
HwCevsYeS7I/Dp5d/U9VZb/v8C0cvNExkzng4ozV8Fx9wjdPbeJTK+cC2rBK3Ag0
Ddetu1Or7kF8ky8O4xzDKEQSrRqQMiIAo3+TyQ7CmTbMWWrpX8VhIDjhJioBl8BD
e4t2LnutPYgkwgiHc1CfPwbCXg1B3hhPqNdH7k0LWGEM6T14cGIU4s2blVOx+l0a
cAThI+cBaz/uTfkoS0At3P0EutYAFLGsvwExTqZ5YNTAHVq5w/aW
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:53 2025 by rpki-client