Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kPIv2ytofwBKevSCCVnCrbn_Trc.roa
File: kPIv2ytofwBKevSCCVnCrbn_Trc.roa (raw, json)
Hash identifier: sQ6ZnW5oDXZLLsDZejttAA56RhxDFlQin2KxAo7zIJY=
Subject key identifier: 90:F2:2F:DB:2B:68:7F:00:4A:7A:F4:82:09:59:C2:AD:B9:FF:4E:B7
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 01942521801289872CB5DA948653621BA8F9
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kPIv2ytofwBKevSCCVnCrbn_Trc.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214729
IP address blocks: 85.198.127.0/24 maxlen: 32
213.108.20.0/24 maxlen: 32
2a00:8740:f002::/48 maxlen: 128
2a00:8740:ff10::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 07 Jan 2025 17:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:80:12:89:87:2c:b5:da:94:86:53:62:1b:a8:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90f22fdb2b687f004a7af4820959c2adb9ff4eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:dd:bc:52:d5:79:3b:e7:ed:92:e2:a8:d7:1b:
9d:3f:9e:b3:46:a3:8d:f4:60:1a:19:87:58:54:cd:
57:a3:fe:39:d8:d3:41:d4:36:56:95:f8:b6:21:04:
50:e3:50:9e:4c:92:82:13:84:46:f2:a1:53:b7:2c:
d7:c2:8a:9e:ac:a5:2c:15:30:9a:93:d0:44:65:a2:
91:2c:94:3c:3d:1d:96:1e:7e:25:aa:18:90:66:70:
bf:33:0d:65:34:8c:ec:94:9d:5b:ae:fe:bd:17:99:
6e:a5:d0:29:f5:02:26:3d:e5:54:14:d5:18:78:e8:
86:0a:c6:63:6a:b5:20:4c:ab:89:cd:c0:52:ea:9a:
f9:e0:4f:c9:b1:a5:42:fd:27:56:6f:f9:f4:4c:63:
aa:d8:9e:68:6d:d2:b2:3a:4a:bd:5d:02:51:c5:c5:
c5:05:19:de:95:29:e7:c9:e0:cc:e2:e3:15:0f:4e:
1e:71:7d:fa:2f:5c:5c:20:e1:2a:1b:08:dc:34:72:
1f:ef:62:f6:0d:21:79:e6:ed:08:74:d2:77:9b:c9:
98:91:8c:66:f0:97:8e:35:e1:99:98:42:78:97:d6:
3b:e5:fb:4c:96:19:15:5a:1e:8c:25:f9:d2:20:02:
ed:d3:7f:7e:b1:c9:62:68:45:6b:5a:ec:29:6d:39:
e7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F2:2F:DB:2B:68:7F:00:4A:7A:F4:82:09:59:C2:AD:B9:FF:4E:B7
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kPIv2ytofwBKevSCCVnCrbn_Trc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.127.0/24
213.108.20.0/24
IPv6:
2a00:8740:f002::/48
2a00:8740:ff10::/48
Signature Algorithm: sha256WithRSAEncryption
00:fc:05:41:ca:3d:6b:60:af:ed:c3:2e:dc:82:12:83:08:73:
32:65:fd:e9:9e:4a:8c:42:bd:26:68:ea:18:ed:c7:0f:04:b8:
d9:18:1c:20:e1:0b:01:d5:90:df:93:61:16:39:74:20:95:a3:
4d:8d:bc:99:8b:57:8a:6d:fb:32:7c:a4:c2:d3:3b:db:5f:5d:
e8:34:42:0b:0f:79:b9:36:58:55:15:1f:38:a0:32:02:fa:d5:
e2:86:8a:82:60:68:c3:1b:d7:6f:00:e1:f7:00:e3:20:38:d9:
e8:05:d8:3c:83:99:7c:c8:6d:6c:e9:db:35:dd:7f:71:6f:21:
cb:ed:4a:3a:7e:e0:1d:27:fa:c7:69:4c:4e:72:6c:35:63:c5:
be:d0:77:a1:19:81:23:1b:5f:5c:ea:83:fb:43:15:11:91:01:
c9:ad:c1:18:7a:70:5f:c5:79:85:f2:b9:16:03:ab:2b:c1:b4:
fa:45:f3:b4:64:c0:e1:40:4a:a2:cb:71:a7:df:b2:fd:cb:b7:
c2:d4:eb:e2:00:21:59:a5:c0:ac:2a:0f:68:d7:a3:c6:7c:f5:
3d:19:7f:29:79:b5:f0:36:06:c4:0b:53:a1:bc:ed:b8:cc:09:
70:7a:19:7a:21:7e:22:b2:be:49:aa:af:bc:14:07:ee:e4:62:
90:fa:ad:3a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQlIYASiYcstdqUhlNiG6j5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGYyMmZkYjJiNjg3ZjAwNGE3YWY0ODIwOTU5YzJhZGI5ZmY0ZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t28UtV5O+ftkuKo1xudP56zRqON
9GAaGYdYVM1Xo/452NNB1DZWlfi2IQRQ41CeTJKCE4RG8qFTtyzXwoqerKUsFTCa
k9BEZaKRLJQ8PR2WHn4lqhiQZnC/Mw1lNIzslJ1brv69F5lupdAp9QImPeVUFNUY
eOiGCsZjarUgTKuJzcBS6pr54E/JsaVC/SdWb/n0TGOq2J5obdKyOkq9XQJRxcXF
BRnelSnnyeDM4uMVD04ecX36L1xcIOEqGwjcNHIf72L2DSF55u0IdNJ3m8mYkYxm
8JeONeGZmEJ4l9Y75ftMlhkVWh6MJfnSIALt039+scliaEVrWuwpbTnnFwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJDyL9sraH8ASnr0gglZwq25/063MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEva1BJdjJ5dG9md0JLZXZTQ0NWbkNyYm5fVHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAVcZ/AwQA
1WwUMBgEAgACMBIDBwAqAIdA8AIDBwAqAIdA/xAwDQYJKoZIhvcNAQELBQADggEB
AAD8BUHKPWtgr+3DLtyCEoMIczJl/emeSoxCvSZo6hjtxw8EuNkYHCDhCwHVkN+T
YRY5dCCVo02NvJmLV4pt+zJ8pMLTO9tfXeg0QgsPebk2WFUVHzigMgL61eKGioJg
aMMb128A4fcA4yA42egF2DyDmXzIbWzp2zXdf3FvIcvtSjp+4B0n+sdpTE5ybDVj
xb7Qd6EZgSMbX1zqg/tDFRGRAcmtwRh6cF/FeYXyuRYDqyvBtPpF87RkwOFASqLL
caffsv3Lt8LU6+IAIVmlwKwqD2jXo8Z89T0Zfyl5tfA2BsQLU6G87bjMCXB6GXoh
fiKyvkmqr7wUB+7kYpD6rTo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:09 2025 by rpki-client