Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/RKMnsBh-4put8CYQQZTi97USkG4.roa
File: RKMnsBh-4put8CYQQZTi97USkG4.roa (raw, json)
Hash identifier: wO9DPGkGRSrC88wpgVtY03a6gormtMYZIYA4y3KWEyQ=
Subject key identifier: 44:A3:27:B0:18:7E:E2:9B:AD:F0:26:10:41:94:E2:F7:B5:12:90:6E
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 019423D6DA8E52C01396B225B1B167B5A82A
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/RKMnsBh-4put8CYQQZTi97USkG4.roa
Signing time: Wed 01 Jan 2025 21:47:50 +0000
ROA not before: Wed 01 Jan 2025 21:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/23 maxlen: 23
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d20::/34 maxlen: 34
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: Failed, certificate revoked on Mon 03 Mar 2025 13:18:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:da:8e:52:c0:13:96:b2:25:b1:b1:67:b5:a8:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Jan 1 21:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44a327b0187ee29badf026104194e2f7b512906e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:09:10:18:65:4c:0b:fc:8c:36:fc:45:cf:fb:
c9:e4:20:e5:70:2e:3c:8d:e2:62:ea:1f:c6:d7:03:
18:7d:f0:09:28:d2:29:47:51:40:b1:6c:47:fb:5c:
82:b3:e0:45:e1:09:bd:be:bf:a4:a7:9b:e0:0b:c3:
e8:12:c2:d9:65:cc:4a:e3:a4:35:35:00:48:cd:1c:
96:e6:a1:e4:0b:9e:17:a8:1c:b3:aa:59:c8:22:d2:
5e:e0:eb:aa:b3:8d:17:58:a5:84:f5:ed:ef:22:d9:
d4:1d:2c:54:8f:44:35:0b:51:b1:8d:95:4f:41:b8:
12:1f:6e:cf:11:04:75:43:79:02:69:ac:b1:71:87:
99:a7:7e:e2:2b:a3:69:57:fb:2b:0b:28:95:c6:24:
71:ca:4b:19:92:56:b7:7a:98:b8:6e:1c:2d:f3:f1:
90:4f:9c:56:d8:d5:cf:f9:4d:57:17:15:f1:fe:4c:
1b:93:43:9b:45:c3:6c:fa:15:ac:14:28:3f:72:76:
04:e2:0c:39:f7:f9:42:73:fa:dd:a4:db:58:a2:1e:
b2:ad:6f:4d:37:db:14:68:2c:da:33:b1:34:23:29:
a0:d7:9a:d7:02:bf:a0:45:52:c9:9b:1b:ab:e2:b3:
c8:4f:fa:ec:7b:ad:d0:00:95:17:e0:f1:bb:2b:f1:
7e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A3:27:B0:18:7E:E2:9B:AD:F0:26:10:41:94:E2:F7:B5:12:90:6E
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/RKMnsBh-4put8CYQQZTi97USkG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0/22
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
58:74:cb:28:e5:72:5c:82:ae:f1:a0:68:41:b3:16:ed:55:f3:
a6:a6:b9:55:4c:0e:81:f1:81:8d:f2:be:03:1c:c1:15:2e:e9:
56:c0:51:4e:8a:c9:6f:a5:39:90:e9:fe:5f:21:6f:4d:87:86:
09:d5:e1:93:ee:1a:bb:80:71:44:92:f3:d9:3f:20:47:25:25:
ac:1f:20:8e:69:1c:17:b6:38:eb:9c:db:8d:51:45:3d:c2:0b:
f5:39:6d:1a:fd:d1:36:cc:e9:99:08:26:9c:b7:56:88:81:43:
45:49:a5:6a:f7:d7:7b:ba:79:44:bb:48:c6:89:75:4f:36:41:
70:82:6d:1a:67:fe:ab:c2:f9:f8:90:f3:71:da:f7:ea:f5:d6:
da:cd:96:e0:2b:1e:61:21:7d:d3:47:cb:52:25:c3:8d:8a:0c:
a1:80:f6:68:2c:52:2a:63:0e:21:95:86:10:cf:ec:ad:09:1a:
f7:4a:91:99:5f:6e:b2:00:03:82:a2:de:06:d0:21:23:7e:24:
63:70:98:4e:bf:38:62:f4:15:36:37:39:3c:db:ba:fb:6d:9d:
e3:60:4f:e8:26:b3:50:ad:c5:bd:a7:85:06:16:62:45:15:2e:
1f:86:da:e6:a2:fa:ea:7d:99:7a:32:65:11:02:d5:ad:2f:a7:
99:29:d6:ea
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZQj1tqOUsATlrIlsbFntagqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjUwMTAxMjE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGEzMjdiMDE4N2VlMjliYWRmMDI2MTA0MTk0ZTJmN2I1MTI5MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgkQGGVMC/yMNvxFz/vJ5CDlcC48
jeJi6h/G1wMYffAJKNIpR1FAsWxH+1yCs+BF4Qm9vr+kp5vgC8PoEsLZZcxK46Q1
NQBIzRyW5qHkC54XqByzqlnIItJe4Ouqs40XWKWE9e3vItnUHSxUj0Q1C1GxjZVP
QbgSH27PEQR1Q3kCaayxcYeZp37iK6NpV/srCyiVxiRxyksZkla3epi4bhwt8/GQ
T5xW2NXP+U1XFxXx/kwbk0ObRcNs+hWsFCg/cnYE4gw59/lCc/rdpNtYoh6yrW9N
N9sUaCzaM7E0Iymg15rXAr+gRVLJmxur4rPIT/rse63QAJUX4PG7K/F+nwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFESjJ7AYfuKbrfAmEEGU4ve1EpBuMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvUktNbnNCaC00cHV0OENZUVFaVGk5N1VTa0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAIF
tNgDBAUFyAADBAUfzIADBAJZaKgDBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVt
yMADBAOKgIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5
s8gDBAK5xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMF
AyoAFjADBQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBAFh0
yyjlclyCrvGgaEGzFu1V86amuVVMDoHxgY3yvgMcwRUu6VbAUU6KyW+lOZDp/l8h
b02HhgnV4ZPuGruAcUSS89k/IEclJawfII5pHBe2OOuc241RRT3CC/U5bRr90TbM
6ZkIJpy3VoiBQ0VJpWr313u6eUS7SMaJdU82QXCCbRpn/qvC+fiQ83Ha9+r11trN
luArHmEhfdNHy1Ilw42KDKGA9mgsUipjDiGVhhDP7K0JGvdKkZlfbrIAA4Ki3gbQ
ISN+JGNwmE6/OGL0FTY3OTzbuvttneNgT+gms1Ctxb2nhQYWYkUVLh+G2uai+up9
mXoyZREC1a0vp5kp1uo=
-----END CERTIFICATE-----
Generated at Sat Apr 12 12:56:39 2025 by rpki-client