Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/kpsvPeeIv0pKU9PhBPmCul4H77I.roa
File: kpsvPeeIv0pKU9PhBPmCul4H77I.roa (raw, json)
Hash identifier: ldsB6oaUmsnMWxylJabDMSh13fcwi9Gxz4FcJGTY/Bc=
Subject key identifier: 92:9B:2F:3D:E7:88:BF:4A:4A:53:D3:E1:04:F9:82:BA:5E:07:EF:B2
Certificate issuer: /CN=44a88637498b188fc0bceae0bbf0681761a49d4b
Certificate serial: 018CC8010FEEF63B3C6C168A15FFC0970EA8
Authority key identifier: 44:A8:86:37:49:8B:18:8F:C0:BC:EA:E0:BB:F0:68:17:61:A4:9D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKiGN0mLGI_AvOrgu_BoF2GknUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/kpsvPeeIv0pKU9PhBPmCul4H77I.roa
Signing time: Tue 02 Jan 2024 02:29:21 +0000
ROA not before: Tue 02 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 5.133.166.0/24 maxlen: 24
5.133.163.0/24 maxlen: 24
5.133.165.0/24 maxlen: 24
5.133.162.0/24 maxlen: 24
5.133.164.0/24 maxlen: 24
5.133.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0f:ee:f6:3b:3c:6c:16:8a:15:ff:c0:97:0e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a88637498b188fc0bceae0bbf0681761a49d4b
Validity
Not Before: Jan 2 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=929b2f3de788bf4a4a53d3e104f982ba5e07efb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cf:f7:3b:ea:e9:f6:97:c6:3b:5d:3e:42:eb:
8e:81:73:c5:45:96:e2:21:b2:5a:de:0f:03:d7:90:
7b:2d:31:7e:e3:92:d4:8f:e8:1e:34:b9:d2:7e:64:
83:50:2e:ca:a9:ed:5e:bd:58:5d:50:f1:af:a6:4d:
ad:68:82:fa:f9:a2:19:00:08:0c:a2:86:01:60:0e:
f1:3c:22:0a:03:36:89:da:a8:e0:65:b9:00:c1:be:
fd:ca:13:29:4c:01:03:ba:68:6d:9a:c9:2b:10:ee:
f1:ce:59:eb:0c:3b:7f:fe:cf:ab:87:65:ea:b9:df:
eb:b6:f1:28:45:5c:2e:3e:10:61:ca:c9:d0:b9:19:
8b:06:98:83:10:e9:f3:31:9c:8c:90:d4:b9:03:13:
27:b3:bd:e4:9e:22:7d:a0:d6:82:a8:7a:1d:f9:fd:
d1:91:1f:ca:fc:b7:4f:1c:71:35:3d:87:07:8c:a9:
35:bc:5e:8a:ae:b1:93:26:7c:fe:ce:6d:55:42:2c:
9d:e6:68:6b:57:44:ac:2b:85:68:e6:8d:dd:73:c1:
57:24:89:a8:72:7a:11:2a:3d:5b:71:7c:c0:8e:9f:
14:63:84:f1:58:93:c9:03:97:df:60:05:8f:1f:9b:
7d:0f:52:79:90:6f:2a:cc:d9:5c:a5:33:8b:51:49:
79:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9B:2F:3D:E7:88:BF:4A:4A:53:D3:E1:04:F9:82:BA:5E:07:EF:B2
X509v3 Authority Key Identifier:
keyid:44:A8:86:37:49:8B:18:8F:C0:BC:EA:E0:BB:F0:68:17:61:A4:9D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKiGN0mLGI_AvOrgu_BoF2GknUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/kpsvPeeIv0pKU9PhBPmCul4H77I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/RKiGN0mLGI_AvOrgu_BoF2GknUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.162.0-5.133.167.255
Signature Algorithm: sha256WithRSAEncryption
35:c5:2d:99:46:91:39:66:36:fd:37:33:12:a3:23:dc:61:01:
3b:be:17:07:ef:07:fb:a0:db:49:69:4a:a7:8d:64:d5:bb:03:
27:39:bb:fa:d7:12:2b:43:a8:f4:62:30:6d:e5:9a:d0:50:60:
98:ae:4f:ad:88:56:ba:61:ae:13:21:9d:37:fe:63:bc:df:b7:
69:aa:f5:4f:ac:67:e1:e0:2a:20:33:53:59:49:5d:2a:d7:ee:
2c:40:e7:a0:27:47:92:7a:be:96:e6:95:8c:a7:e2:81:27:b8:
c5:f3:e7:84:6e:1e:15:26:1b:92:52:4f:13:fe:36:a6:93:44:
0f:87:6d:06:ed:a9:9a:cb:4e:cd:a5:02:e7:91:92:46:73:40:
b0:50:e5:3e:eb:ec:bc:21:de:bc:c6:82:9a:61:f4:8a:93:2a:
a4:1d:49:64:ef:e7:43:4c:8c:67:ac:2d:47:f6:0b:f5:49:48:
99:0c:95:0b:67:e6:16:e0:32:71:42:e9:d2:11:09:32:ea:25:
50:5e:55:89:b4:03:24:a2:25:11:6a:0c:6a:f1:3b:eb:90:0a:
cc:41:65:e1:e7:28:1c:f0:1d:06:58:69:30:dd:0f:29:0f:98:
6d:90:f4:60:84:55:a4:de:a4:ce:a2:fa:1e:6f:d1:a3:69:90:
f0:75:9e:46
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIAQ/u9js8bBaKFf/Alw6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTg4NjM3NDk4YjE4OGZjMGJjZWFlMGJiZjA2ODE3NjFh
NDlkNGIwHhcNMjQwMTAyMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjliMmYzZGU3ODhiZjRhNGE1M2QzZTEwNGY5ODJiYTVlMDdlZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM/3O+rp9pfGO10+QuuOgXPFRZbi
IbJa3g8D15B7LTF+45LUj+geNLnSfmSDUC7Kqe1evVhdUPGvpk2taIL6+aIZAAgM
ooYBYA7xPCIKAzaJ2qjgZbkAwb79yhMpTAEDumhtmskrEO7xzlnrDDt//s+rh2Xq
ud/rtvEoRVwuPhBhysnQuRmLBpiDEOnzMZyMkNS5AxMns73kniJ9oNaCqHod+f3R
kR/K/LdPHHE1PYcHjKk1vF6KrrGTJnz+zm1VQiyd5mhrV0SsK4Vo5o3dc8FXJImo
cnoRKj1bcXzAjp8UY4TxWJPJA5ffYAWPH5t9D1J5kG8qzNlcpTOLUUl5LwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJKbLz3niL9KSlPT4QT5grpeB++yMB8GA1UdIwQY
MBaAFESohjdJixiPwLzq4LvwaBdhpJ1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktpR04wbUxHSV9Bdk9yZ3VfQm9GMkdrblVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS81YmU4MGItMzM4Mi00NDQ4LWExY2Mt
ZGNhMDQyNzBiOWQ1LzEva3BzdlBlZUl2MHBLVTlQaEJQbUN1bDRINzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS81YmU4MGItMzM4Mi00NDQ4LWExY2MtZGNhMDQyNzBiOWQ1
LzEvUktpR04wbUxHSV9Bdk9yZ3VfQm9GMkdrblVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEFhaID
BAMFhaAwDQYJKoZIhvcNAQELBQADggEBADXFLZlGkTlmNv03MxKjI9xhATu+Fwfv
B/ug20lpSqeNZNW7Ayc5u/rXEitDqPRiMG3lmtBQYJiuT62IVrphrhMhnTf+Y7zf
t2mq9U+sZ+HgKiAzU1lJXSrX7ixA56AnR5J6vpbmlYyn4oEnuMXz54RuHhUmG5JS
TxP+NqaTRA+HbQbtqZrLTs2lAueRkkZzQLBQ5T7r7Lwh3rzGgpph9IqTKqQdSWTv
50NMjGesLUf2C/VJSJkMlQtn5hbgMnFC6dIRCTLqJVBeVYm0AySiJRFqDGrxO+uQ
CsxBZeHnKBzwHQZYaTDdDykPmG2Q9GCEVaTepM6i+h5v0aNpkPB1nkY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:34:03 2025 by rpki-client