Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/kf_mPJg-A4Jn8G7dtD2XePNlFdA.roa
File: kf_mPJg-A4Jn8G7dtD2XePNlFdA.roa (raw, json)
Hash identifier: sfrf+wZaBJptiEQ2i5oON4B1q3u+xwy5P2fuZR3x/bw=
Subject key identifier: 91:FF:E6:3C:98:3E:03:82:67:F0:6E:DD:B4:3D:97:78:F3:65:15:D0
Certificate issuer: /CN=f9503c075a690556bd462122b24699e1b6b19278
Certificate serial: 018CC9BC90025B8146C8AC7529C727A5C857
Authority key identifier: F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/kf_mPJg-A4Jn8G7dtD2XePNlFdA.roa
Signing time: Tue 02 Jan 2024 10:33:47 +0000
ROA not before: Tue 02 Jan 2024 10:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60350
IP address blocks: 195.189.178.0/23 maxlen: 24
193.164.2.0/23 maxlen: 24
185.45.180.0/22 maxlen: 24
193.148.6.0/23 maxlen: 24
185.183.112.0/22 maxlen: 24
193.161.254.0/23 maxlen: 24
193.105.151.0/24 maxlen: 24
45.137.176.0/22 maxlen: 24
91.221.146.0/23 maxlen: 24
2a0b:c80::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Mar 2024 10:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:90:02:5b:81:46:c8:ac:75:29:c7:27:a5:c8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9503c075a690556bd462122b24699e1b6b19278
Validity
Not Before: Jan 2 10:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91ffe63c983e038267f06eddb43d9778f36515d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:09:3a:cc:73:c6:35:76:a2:99:80:c9:2b:fb:
ed:a1:25:48:c5:68:53:bb:d0:29:77:5a:4d:28:54:
c7:6e:a7:d9:19:c4:6c:ca:4e:71:74:64:ec:78:66:
2e:2e:f3:b0:22:01:c0:12:26:5a:99:3b:7f:6d:c6:
b6:07:05:f4:84:ee:c9:c1:9f:38:44:b3:47:8a:6a:
f1:9a:89:a2:fc:04:2d:df:5a:4c:63:fb:66:da:69:
4a:64:a7:0a:27:68:01:4a:98:f7:32:12:19:d5:f1:
44:10:b7:5f:f0:dd:d3:ce:91:5d:a7:25:68:e1:45:
7d:44:4f:dc:6d:22:ea:39:53:87:47:e0:ab:0a:c5:
98:b8:61:15:94:ac:e5:ea:ea:cb:53:be:f2:e4:9a:
cc:72:6f:33:b5:5b:d5:f8:fc:48:da:b0:4c:c1:3a:
47:8a:df:54:55:ea:ca:66:ef:62:df:04:a3:54:0a:
a1:d7:ac:de:26:09:43:b5:32:d9:21:f3:75:df:d1:
68:67:18:18:77:bd:22:9c:c9:fd:e5:4c:35:1d:82:
22:de:60:a0:5c:9a:a8:85:e3:f8:01:24:d4:0e:e9:
8c:e4:da:cb:ec:b6:3f:2f:09:c7:00:1e:73:30:2b:
67:75:cf:80:84:c0:13:dd:2d:7d:72:f6:05:e4:c2:
ba:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FF:E6:3C:98:3E:03:82:67:F0:6E:DD:B4:3D:97:78:F3:65:15:D0
X509v3 Authority Key Identifier:
keyid:F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/kf_mPJg-A4Jn8G7dtD2XePNlFdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.176.0/22
91.221.146.0/23
185.45.180.0/22
185.183.112.0/22
193.105.151.0/24
193.148.6.0/23
193.161.254.0/23
193.164.2.0/23
195.189.178.0/23
IPv6:
2a0b:c80::/29
Signature Algorithm: sha256WithRSAEncryption
52:9a:28:e1:50:ba:3e:04:2e:36:f8:b0:73:73:b5:4a:0e:5d:
a5:73:3c:c0:b5:b4:b4:4f:ce:b8:90:39:c3:36:5e:e1:9e:5e:
6a:b3:42:54:6f:a6:c5:1b:50:c1:0d:de:dd:b8:be:ad:9f:08:
6c:5f:d1:d6:1a:cd:ad:5f:09:a1:cb:ad:97:8f:fe:ff:4e:2d:
8c:1c:77:ee:3f:6f:ca:f6:fb:ca:ad:11:04:12:8c:68:3b:e3:
2d:c8:df:c1:17:dc:66:c9:0f:ce:8c:d3:75:8f:34:e2:80:ae:
43:5c:b5:6e:e7:46:29:1b:f1:cc:0a:6a:b9:b2:f3:36:4a:c6:
22:8c:63:ad:83:b9:68:2f:16:6d:48:23:54:5d:ce:63:c9:ff:
64:30:40:fb:53:3f:89:0e:ad:08:7c:ad:04:51:d1:f8:c8:60:
4f:c0:d1:f4:b7:d6:b8:fa:c8:36:c4:96:d2:90:33:b7:1e:82:
5b:ad:10:6a:69:5b:d0:7d:73:9c:a3:dc:23:ee:0a:b5:c0:80:
a3:62:41:8c:6d:59:7f:23:2a:d1:17:09:98:d9:b3:34:9a:ae:
f1:61:b4:3c:e5:fc:c0:b4:8f:6d:88:99:74:6a:45:b2:0a:65:
65:0d:26:6a:70:5a:67:a1:83:22:83:be:ad:58:22:98:4a:75:
f2:8f:ab:c1
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzJvJACW4FGyKx1KccnpchXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTAzYzA3NWE2OTA1NTZiZDQ2MjEyMmIyNDY5OWUxYjZi
MTkyNzgwHhcNMjQwMTAyMTAzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZmZTYzYzk4M2UwMzgyNjdmMDZlZGRiNDNkOTc3OGYzNjUxNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgk6zHPGNXaimYDJK/vtoSVIxWhT
u9Apd1pNKFTHbqfZGcRsyk5xdGTseGYuLvOwIgHAEiZamTt/bca2BwX0hO7JwZ84
RLNHimrxmomi/AQt31pMY/tm2mlKZKcKJ2gBSpj3MhIZ1fFEELdf8N3TzpFdpyVo
4UV9RE/cbSLqOVOHR+CrCsWYuGEVlKzl6urLU77y5JrMcm8ztVvV+PxI2rBMwTpH
it9UVerKZu9i3wSjVAqh16zeJglDtTLZIfN139FoZxgYd70inMn95Uw1HYIi3mCg
XJqoheP4ASTUDumM5NrL7LY/LwnHAB5zMCtndc+AhMAT3S19cvYF5MK6OwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJH/5jyYPgOCZ/Bu3bQ9l3jzZRXQMB8GA1UdIwQY
MBaAFPlQPAdaaQVWvUYhIrJGmeG2sZJ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WQThCMXBwQlZhOVJpRWlza2FaNGJheGtuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQw
LTNmMjMxNmI1NTNmNS8xL2tmX21QSmctQTRKbjhHN2R0RDJYZVBObEZkQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQwLTNmMjMxNmI1NTNm
NS8xLzEtVkE4QjFwcEJWYTlSaUVpc2thWjRiYXhrbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXgYIKwYBBQUHAQcBAf8ETzBNMDwEAgABMDYDBAItibAD
BAFb3ZIDBAK5LbQDBAK5t3ADBADBaZcDBAHBlAYDBAHBof4DBAHBpAIDBAHDvbIw
DQQCAAIwBwMFAyoLDIAwDQYJKoZIhvcNAQELBQADggEBAFKaKOFQuj4ELjb4sHNz
tUoOXaVzPMC1tLRPzriQOcM2XuGeXmqzQlRvpsUbUMEN3t24vq2fCGxf0dYaza1f
CaHLrZeP/v9OLYwcd+4/b8r2+8qtEQQSjGg74y3I38EX3GbJD86M03WPNOKArkNc
tW7nRikb8cwKarmy8zZKxiKMY62DuWgvFm1II1RdzmPJ/2QwQPtTP4kOrQh8rQRR
0fjIYE/A0fS31rj6yDbEltKQM7ceglutEGppW9B9c5yj3CPuCrXAgKNiQYxtWX8j
KtEXCZjZszSarvFhtDzl/MC0j22ImXRqRbIKZWUNJmpwWmehgyKDvq1YIphKdfKP
q8E=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:10 2025 by rpki-client