Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Kye5fPQvchDOn79T4fK7mghnS48.roa
File: Kye5fPQvchDOn79T4fK7mghnS48.roa (raw, json)
Hash identifier: Hi6EKnH5HjIIsL81dP9lsugMRvFhnu/fR7IXZYCvkQ8=
Subject key identifier: 2B:27:B9:7C:F4:2F:72:10:CE:9F:BF:53:E1:F2:BB:9A:08:67:4B:8F
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019599E2C29DA7623B4E29212C8FB540478F
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Kye5fPQvchDOn79T4fK7mghnS48.roa
Signing time: Sat 15 Mar 2025 12:58:49 +0000
ROA not before: Sat 15 Mar 2025 12:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 213.18.224.0/20 maxlen: 24
217.181.72.0/22 maxlen: 24
217.181.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 18:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:e2:c2:9d:a7:62:3b:4e:29:21:2c:8f:b5:40:47:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Mar 15 12:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b27b97cf42f7210ce9fbf53e1f2bb9a08674b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:29:aa:b9:63:e9:74:4f:92:37:44:4b:35:
5a:f1:fe:5a:74:21:71:5c:49:7b:4a:6b:b1:96:7d:
b6:b7:69:aa:83:f2:90:4c:b5:a2:e3:ff:4a:47:73:
8f:5a:79:90:92:88:80:3e:fa:f0:db:4e:26:99:a5:
93:fa:81:13:de:2b:5c:8f:e3:bf:ff:04:1b:fa:ea:
4c:b5:23:50:f7:0a:33:f3:0a:67:76:18:b1:e5:1c:
3a:03:33:9e:af:4b:30:a7:24:a4:60:b5:36:ff:b3:
19:ae:c1:b2:6a:7d:4c:01:68:5c:de:73:29:2a:0d:
39:36:dd:e1:1e:60:8b:ba:e8:6b:0e:d3:ab:7e:1a:
46:ef:fb:1a:c3:e1:4c:c4:86:1a:a3:2b:0e:d0:f7:
0d:ee:e7:bf:f9:8e:4d:8d:9f:0a:67:b9:c2:83:2e:
b2:7b:f0:02:e2:a4:87:a7:0a:d9:4d:26:a2:91:d7:
eb:09:48:1c:b6:fd:01:8a:04:91:59:26:24:c0:0c:
f4:d7:9e:23:44:e2:62:c9:d7:b7:d3:06:7b:a3:63:
24:4e:a4:2d:eb:bc:93:a2:f9:35:91:84:9a:8e:68:
68:08:cf:5a:26:c9:b7:4a:28:75:67:d2:ee:3d:7d:
1b:35:bf:d8:09:bb:be:0e:6f:b0:2f:6a:f5:f5:0f:
46:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:27:B9:7C:F4:2F:72:10:CE:9F:BF:53:E1:F2:BB:9A:08:67:4B:8F
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Kye5fPQvchDOn79T4fK7mghnS48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.224.0/20
217.181.72.0/22
217.181.80.0/22
Signature Algorithm: sha256WithRSAEncryption
37:12:1e:86:29:2b:26:ac:d1:24:d6:31:fc:3d:f6:c1:52:93:
71:13:1a:88:e4:a0:23:ca:89:f0:88:b9:b5:fc:0d:e8:a4:a7:
92:c6:55:58:bd:4a:b8:70:fc:7e:42:06:a2:9a:97:a7:c4:35:
71:c8:9e:cc:39:40:4d:d7:4b:71:cc:07:48:b2:16:ad:b6:f6:
6f:37:1c:54:31:ba:bc:06:6d:53:a3:9c:30:44:af:e9:76:e1:
21:ae:91:07:6f:f5:09:d2:08:65:97:a2:3c:7d:6f:77:ef:94:
d4:76:87:c9:d6:46:4d:66:87:d6:28:37:e9:59:89:1f:03:a0:
10:11:c8:f3:65:a3:5e:69:70:6b:b9:47:15:b0:13:aa:56:92:
80:2f:bf:49:55:bf:11:6c:eb:64:e6:a2:e8:28:a4:84:3b:a2:
53:ad:13:f5:7b:c4:d3:ad:7d:87:b3:8f:bb:fa:20:52:89:a2:
69:97:15:a4:95:87:d6:ea:7f:8a:7c:0d:0c:dc:3c:0b:c3:e7:
04:ba:f8:a7:06:15:fa:96:4f:b7:23:fa:69:9a:3e:57:d8:04:
7b:22:be:83:15:04:a7:be:36:ff:f0:14:55:42:54:01:90:73:
16:30:8b:03:45:80:bf:62:0a:23:4d:80:31:b3:cb:f9:6a:f0:
cc:1e:b1:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWZ4sKdp2I7TikhLI+1QEePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMzE1MTI1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI3Yjk3Y2Y0MmY3MjEwY2U5ZmJmNTNlMWYyYmI5YTA4Njc0YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB4pqrlj6XRPkjdESzVa8f5adCFx
XEl7Smuxln22t2mqg/KQTLWi4/9KR3OPWnmQkoiAPvrw204mmaWT+oET3itcj+O/
/wQb+upMtSNQ9woz8wpndhix5Rw6AzOer0swpySkYLU2/7MZrsGyan1MAWhc3nMp
Kg05Nt3hHmCLuuhrDtOrfhpG7/saw+FMxIYaoysO0PcN7ue/+Y5NjZ8KZ7nCgy6y
e/AC4qSHpwrZTSaikdfrCUgctv0BigSRWSYkwAz0154jROJiyde30wZ7o2MkTqQt
67yTovk1kYSajmhoCM9aJsm3Sih1Z9LuPX0bNb/YCbu+Dm+wL2r19Q9GywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCsnuXz0L3IQzp+/U+Hyu5oIZ0uPMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvS3llNWZQUXZjaERPbjc5VDRmSzdtZ2huUzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQE1RLgAwQC
2bVIAwQC2bVQMA0GCSqGSIb3DQEBCwUAA4IBAQA3Eh6GKSsmrNEk1jH8PfbBUpNx
ExqI5KAjyonwiLm1/A3opKeSxlVYvUq4cPx+QgaimpenxDVxyJ7MOUBN10txzAdI
shattvZvNxxUMbq8Bm1To5wwRK/pduEhrpEHb/UJ0ghll6I8fW9375TUdofJ1kZN
ZofWKDfpWYkfA6AQEcjzZaNeaXBruUcVsBOqVpKAL79JVb8RbOtk5qLoKKSEO6JT
rRP1e8TTrX2Hs4+7+iBSiaJplxWklYfW6n+KfA0M3DwLw+cEuvinBhX6lk+3I/pp
mj5X2AR7Ir6DFQSnvjb/8BRVQlQBkHMWMIsDRYC/YgojTYAxs8v5avDMHrGS
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:18:30 2025 by rpki-client