Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XKBTZE6x22GJbmCjTlbiH-6xgWQ.roa
File: XKBTZE6x22GJbmCjTlbiH-6xgWQ.roa (raw, json)
Hash identifier: //2cS+vKQ+DNMw6uYrl0cu2OFwUOhGh4Xr4SkZgj4vU=
Subject key identifier: 5C:A0:53:64:4E:B1:DB:61:89:6E:60:A3:4E:56:E2:1F:EE:B1:81:64
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 019687808B2BDF919C9C92AD28B0856B92D5
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XKBTZE6x22GJbmCjTlbiH-6xgWQ.roa
Signing time: Wed 30 Apr 2025 16:21:10 +0000
ROA not before: Wed 30 Apr 2025 16:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.132.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 20:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:80:8b:2b:df:91:9c:9c:92:ad:28:b0:85:6b:92:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Apr 30 16:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ca053644eb1db61896e60a34e56e21feeb18164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e5:f3:f3:3c:3b:39:cb:b8:86:2b:96:0e:14:
e7:03:69:04:c4:d3:36:7f:c1:41:39:0b:e3:be:e0:
ff:ac:4e:cd:02:31:19:d0:45:38:75:75:41:1d:b8:
ef:c9:bd:ea:c5:0c:5c:3f:aa:f5:6f:ac:f6:9d:47:
4d:8e:e5:7f:ec:cc:32:d4:b5:55:bf:75:7c:76:d2:
22:aa:f6:70:74:dc:17:d3:ee:4c:72:44:57:f5:6c:
cb:df:08:35:1b:20:c7:79:df:bc:39:13:ff:7b:e2:
2f:bf:c3:cf:14:4f:99:a5:ef:94:f6:21:62:59:4b:
a1:fe:e1:c5:de:39:c1:61:ac:42:03:52:3f:a6:ac:
ae:3b:78:25:7b:0c:70:80:0e:da:28:33:9a:0d:30:
8f:b5:e6:59:2d:00:6f:ab:91:6b:c8:1a:63:18:56:
0a:86:6d:05:2a:d8:d5:bd:d2:db:52:0f:01:ba:2a:
4b:35:ad:52:10:56:3e:2e:83:49:7a:82:61:cc:6b:
08:ba:41:bc:4a:33:3c:2f:48:c4:f1:28:fc:ba:37:
6f:dc:16:4b:40:4b:09:b8:82:e3:c4:01:18:bb:78:
24:cc:75:e4:3b:da:19:5a:0f:f5:69:ce:fb:e4:f7:
e7:12:b8:92:61:fc:d3:c5:a9:36:e4:eb:9b:07:5e:
11:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A0:53:64:4E:B1:DB:61:89:6E:60:A3:4E:56:E2:1F:EE:B1:81:64
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XKBTZE6x22GJbmCjTlbiH-6xgWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.132.0/24
45.82.165.0/24
45.144.242.0/23
91.220.202.0/23
185.126.137.0/24
Signature Algorithm: sha256WithRSAEncryption
33:d0:9c:50:52:99:b2:2a:5d:5d:2e:28:8f:24:29:7e:c9:71:
00:ff:2f:df:84:3c:7d:1d:91:5e:f1:69:32:8c:a9:ee:c3:1e:
5e:3d:e6:fd:45:e4:24:4e:62:bb:ee:d0:4f:5d:40:d1:b3:7d:
7e:c6:e1:06:a6:aa:2c:3d:6b:44:b1:b1:ac:18:13:f5:58:c8:
60:f5:e0:91:7d:cb:f6:ff:e8:ea:04:b0:26:66:ab:d6:6a:56:
0e:c2:fa:a2:b1:25:33:4f:9e:6a:5b:ef:5b:f8:e2:4a:9c:93:
48:a7:a3:13:90:72:56:b8:a1:ec:53:15:08:9d:fd:2f:85:f1:
1d:e5:47:97:34:19:5d:77:0c:81:75:9f:cf:f1:7a:e2:1c:4d:
7a:84:c5:81:48:86:14:2b:47:43:da:f1:81:26:98:af:e0:9b:
b7:d5:67:1c:a9:b0:7b:19:4b:98:dd:e3:20:8d:d6:d5:89:89:
87:42:16:c4:f9:9d:5f:2d:dd:8c:5c:5b:ec:27:6d:ab:56:5d:
f9:6b:e6:21:6c:54:ae:3b:3f:92:e2:06:60:2e:e6:73:47:01:
59:12:86:40:b5:9e:67:68:d1:ad:c5:29:d0:10:64:ce:30:67:
b2:06:2a:1e:f9:17:e6:c6:3c:f0:b3:a9:82:1c:b8:e0:dd:ad:
45:b9:a3:13
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaHgIsr35GcnJKtKLCFa5LVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNDMwMTYyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2EwNTM2NDRlYjFkYjYxODk2ZTYwYTM0ZTU2ZTIxZmVlYjE4MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteXz8zw7Ocu4hiuWDhTnA2kExNM2
f8FBOQvjvuD/rE7NAjEZ0EU4dXVBHbjvyb3qxQxcP6r1b6z2nUdNjuV/7Mwy1LVV
v3V8dtIiqvZwdNwX0+5MckRX9WzL3wg1GyDHed+8ORP/e+Ivv8PPFE+Zpe+U9iFi
WUuh/uHF3jnBYaxCA1I/pqyuO3glewxwgA7aKDOaDTCPteZZLQBvq5FryBpjGFYK
hm0FKtjVvdLbUg8BuipLNa1SEFY+LoNJeoJhzGsIukG8SjM8L0jE8Sj8ujdv3BZL
QEsJuILjxAEYu3gkzHXkO9oZWg/1ac775PfnEriSYfzTxak25OubB14RsQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFygU2ROsdthiW5go05W4h/usYFkMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvWEtCVFpFNngyMkdKYm1DalRsYmlILTZ4Z1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALUKEAwQA
LVKlAwQBLZDyAwQBW9zKAwQAuX6JMA0GCSqGSIb3DQEBCwUAA4IBAQAz0JxQUpmy
Kl1dLiiPJCl+yXEA/y/fhDx9HZFe8WkyjKnuwx5ePeb9ReQkTmK77tBPXUDRs31+
xuEGpqosPWtEsbGsGBP1WMhg9eCRfcv2/+jqBLAmZqvWalYOwvqisSUzT55qW+9b
+OJKnJNIp6MTkHJWuKHsUxUInf0vhfEd5UeXNBlddwyBdZ/P8XriHE16hMWBSIYU
K0dD2vGBJpiv4Ju31WccqbB7GUuY3eMgjdbViYmHQhbE+Z1fLd2MXFvsJ22rVl35
a+YhbFSuOz+S4gZgLuZzRwFZEoZAtZ5naNGtxSnQEGTOMGeyBioe+Rfmxjzws6mC
HLjg3a1FuaMT
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:36:26 2025 by rpki-client