Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/kZvGRiIF5icqo7CipfC4BJ_vcMw.roa
File: kZvGRiIF5icqo7CipfC4BJ_vcMw.roa (raw, json)
Hash identifier: 1vKUGtyOTGzTVDrFlNivq5j8MhQY1IP2GshFqLo8PEc=
Subject key identifier: 91:9B:C6:46:22:05:E6:27:2A:A3:B0:A2:A5:F0:B8:04:9F:EF:70:CC
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194274835E63592ADAABE9D7AE78890E759
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/kZvGRiIF5icqo7CipfC4BJ_vcMw.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28546
IP address blocks: 85.92.124.0/22 maxlen: 22
85.92.124.0/24 maxlen: 24
85.92.125.0/24 maxlen: 24
85.92.126.0/23 maxlen: 23
85.92.126.0/24 maxlen: 24
85.92.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Feb 2025 08:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:35:e6:35:92:ad:aa:be:9d:7a:e7:88:90:e7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=919bc6462205e6272aa3b0a2a5f0b8049fef70cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2a:d9:6e:0c:0f:98:e6:6b:23:3e:14:1d:e1:
e4:21:b8:45:e8:8a:70:ef:31:e7:db:75:83:cf:96:
95:66:4d:77:01:65:c7:62:ee:ec:09:65:c5:96:e5:
1b:b4:94:b1:b0:a1:d4:40:b9:4f:0a:4f:10:c5:f0:
9b:7e:54:c8:64:10:35:c8:ea:43:13:2c:73:5c:44:
9b:45:ae:4d:82:9d:5e:62:7b:46:c4:d1:84:88:bb:
3c:31:3a:af:9f:fb:9a:dd:6a:b8:54:82:1a:10:e7:
48:79:4e:4f:f3:3a:a4:40:14:10:8e:41:df:0f:e2:
dc:e6:5a:70:fb:60:c0:f3:d0:50:cf:b7:19:57:3c:
ae:64:cc:79:83:0a:c8:9b:24:71:e1:6d:37:d7:0f:
30:7f:7b:9e:64:76:a1:86:58:e7:f8:3e:5a:ab:9f:
85:21:f7:41:1e:47:cb:ba:f3:b8:c6:42:e7:f1:7c:
de:44:e7:bf:9b:aa:6d:12:3c:9f:ec:47:f9:1f:42:
4b:18:a8:b9:4d:9d:4f:9b:98:78:d9:93:c0:21:43:
39:e7:b4:15:78:e4:01:bc:96:53:d9:81:7e:a8:b3:
b1:33:a2:27:39:29:96:51:71:c6:26:f6:4c:d5:f1:
72:cd:ce:33:8b:e5:ba:5e:b4:1a:5a:7d:fb:a5:60:
1c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9B:C6:46:22:05:E6:27:2A:A3:B0:A2:A5:F0:B8:04:9F:EF:70:CC
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/kZvGRiIF5icqo7CipfC4BJ_vcMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.124.0/22
Signature Algorithm: sha256WithRSAEncryption
68:22:04:e2:f9:d8:11:b1:86:9d:e2:7d:74:7d:3b:f9:9f:52:
4f:ef:20:83:b9:91:84:16:0c:0c:5b:e8:b5:62:87:d2:b9:90:
39:e6:50:69:31:2c:01:83:50:4d:38:d2:93:5e:96:01:15:d0:
49:4b:29:26:23:79:e8:71:ae:4c:9d:1f:06:bc:04:61:13:45:
3b:3d:49:91:e8:7c:1c:01:f0:5e:b9:be:c3:86:aa:62:4a:27:
9e:3b:fb:be:c1:5c:e4:f1:5f:2f:2b:46:3f:c4:09:5a:49:de:
50:e3:11:16:0d:d4:5b:95:ef:10:95:1c:cc:60:0a:ec:19:e1:
36:7d:66:f5:32:5e:35:a1:9a:d8:26:44:19:2b:94:e3:fb:22:
87:0a:af:0e:ed:0c:9d:2a:0e:27:e7:58:55:2c:ab:2f:ed:7a:
37:14:48:82:31:1a:67:96:d9:a5:fa:ea:1b:93:55:f2:2f:99:
66:1e:25:24:0a:cc:0e:61:8a:1b:ed:59:09:98:24:74:21:6d:
bd:1e:e6:17:82:94:da:df:d3:ee:92:49:8a:87:87:30:eb:b6:
86:20:86:a3:6d:ae:c8:d9:ae:46:34:eb:55:98:53:2c:ae:77:
9a:53:8b:64:91:77:bc:43:0f:06:42:8a:75:c1:c9:f1:da:3a:
58:33:ba:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDXmNZKtqr6deueIkOdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTliYzY0NjIyMDVlNjI3MmFhM2IwYTJhNWYwYjgwNDlmZWY3MGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyrZbgwPmOZrIz4UHeHkIbhF6Ipw
7zHn23WDz5aVZk13AWXHYu7sCWXFluUbtJSxsKHUQLlPCk8QxfCbflTIZBA1yOpD
EyxzXESbRa5Ngp1eYntGxNGEiLs8MTqvn/ua3Wq4VIIaEOdIeU5P8zqkQBQQjkHf
D+Lc5lpw+2DA89BQz7cZVzyuZMx5gwrImyRx4W031w8wf3ueZHahhljn+D5aq5+F
IfdBHkfLuvO4xkLn8XzeROe/m6ptEjyf7Ef5H0JLGKi5TZ1Pm5h42ZPAIUM557QV
eOQBvJZT2YF+qLOxM6InOSmWUXHGJvZM1fFyzc4zi+W6XrQaWn37pWAc1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGbxkYiBeYnKqOwoqXwuASf73DMMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEva1p2R1JpSUY1aWNxbzdDaXBmQzRCSl92Y013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVVx8MA0G
CSqGSIb3DQEBCwUAA4IBAQBoIgTi+dgRsYad4n10fTv5n1JP7yCDuZGEFgwMW+i1
YofSuZA55lBpMSwBg1BNONKTXpYBFdBJSykmI3noca5MnR8GvARhE0U7PUmR6Hwc
AfBeub7DhqpiSieeO/u+wVzk8V8vK0Y/xAlaSd5Q4xEWDdRble8QlRzMYArsGeE2
fWb1Ml41oZrYJkQZK5Tj+yKHCq8O7QydKg4n51hVLKsv7Xo3FEiCMRpnltml+uob
k1XyL5lmHiUkCswOYYob7VkJmCR0IW29HuYXgpTa39PukkmKh4cw67aGIIajba7I
2a5GNOtVmFMsrneaU4tkkXe8Qw8GQop1wcnx2jpYM7rH
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:31:17 2025 by rpki-client