Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/KMVsnQKqVUNL9XICZkhdNnJ13MM.roa
File: KMVsnQKqVUNL9XICZkhdNnJ13MM.roa (raw, json)
Hash identifier: 5anm061W7Wx9IwoLbP71CuCVy1+LTW3TZGfC2uCxoRc=
Subject key identifier: 28:C5:6C:9D:02:AA:55:43:4B:F5:72:02:66:48:5D:36:72:75:DC:C3
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 019420684E8CC5DCDA8F432304EF694C455C
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/KMVsnQKqVUNL9XICZkhdNnJ13MM.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62000
IP address blocks: 45.147.96.0/23 maxlen: 24
45.147.98.0/24 maxlen: 24
45.147.99.0/24 maxlen: 24
45.155.168.0/22 maxlen: 24
45.155.168.0/24 maxlen: 24
185.157.244.0/24 maxlen: 24
185.157.245.0/24 maxlen: 24
185.216.24.0/24 maxlen: 24
185.216.25.0/24 maxlen: 24
185.216.26.0/24 maxlen: 24
185.216.27.0/24 maxlen: 24
193.168.144.0/24 maxlen: 24
193.168.145.0/24 maxlen: 24
193.168.146.0/24 maxlen: 24
193.168.147.0/24 maxlen: 24
2a07:abc0::/29 maxlen: 64
2a09:6382::/32 maxlen: 64
2a09:6383::/32 maxlen: 64
2a09:6384::/32 maxlen: 64
2a09:6385::/32 maxlen: 64
2a0b:b140::/29 maxlen: 64
Validation: Failed, certificate revoked on Fri 07 Mar 2025 09:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4e:8c:c5:dc:da:8f:43:23:04:ef:69:4c:45:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28c56c9d02aa55434bf5720266485d367275dcc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:77:4e:5e:09:93:3b:c1:57:48:7c:08:f8:8e:
71:38:dc:60:14:41:77:f8:35:84:89:0a:bf:03:e8:
bd:d5:f5:48:89:62:60:ef:ef:30:5a:ba:63:0d:20:
03:0c:bd:95:a7:df:15:c0:39:d6:1d:f1:e6:c0:f0:
3a:80:4e:2e:01:52:02:1b:ad:cf:f7:98:5b:34:3b:
b1:4a:73:63:27:90:f9:23:25:30:de:6b:6f:99:a3:
e4:7a:a4:82:f0:b3:0d:ff:0c:ed:2b:94:c0:c6:ad:
c4:fd:8e:55:3f:7b:99:2c:a2:09:de:42:8a:8e:b3:
24:e9:f9:b8:7d:2c:e1:7d:8e:7b:d4:12:dc:1e:6f:
53:40:09:97:14:4e:28:24:3f:ce:df:b6:2e:8e:9f:
81:bb:b7:16:8d:73:a8:34:6a:8f:37:6e:de:e4:e0:
ce:0e:54:0e:3d:73:59:3e:17:8f:ae:86:c3:4c:b9:
1a:df:8f:90:5f:df:a7:c3:ae:27:9b:6b:c8:af:16:
44:97:9f:91:5d:e2:5b:00:dc:16:3a:44:3e:a0:1f:
7d:9d:a4:e9:b8:de:ff:50:cf:fd:32:53:b0:95:3f:
05:69:46:d4:f4:9c:25:72:e1:ff:4a:1a:cf:17:d7:
86:6e:74:3f:28:86:29:ad:46:be:b3:41:69:9d:5f:
49:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C5:6C:9D:02:AA:55:43:4B:F5:72:02:66:48:5D:36:72:75:DC:C3
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/KMVsnQKqVUNL9XICZkhdNnJ13MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.96.0/22
45.155.168.0/22
185.157.244.0/23
185.216.24.0/22
193.168.144.0/22
IPv6:
2a07:abc0::/29
2a09:6382::-2a09:6385:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:b140::/29
Signature Algorithm: sha256WithRSAEncryption
a0:e6:b1:91:39:94:8c:02:f8:1e:b9:fc:4b:6d:d4:e6:62:f6:
6f:72:d8:fe:30:6f:52:58:f1:10:5b:6d:f8:c0:b3:e8:b0:0b:
47:49:ff:de:6c:1f:70:7d:70:58:3d:97:d3:15:23:bf:17:6e:
07:22:ae:0b:06:23:e7:7e:ba:73:e3:f1:40:e7:a3:7a:97:43:
6d:42:ab:06:08:30:33:3f:43:19:a4:48:8a:57:f8:5f:45:97:
56:b8:50:33:4f:a4:1f:f5:db:1c:7e:50:bc:73:20:4a:01:9d:
8d:ed:d7:61:25:10:84:20:2d:89:5b:c4:46:fa:76:39:96:6b:
be:42:9d:13:8f:62:90:93:48:31:3c:ec:96:b5:8c:26:56:2a:
53:e1:4b:a8:ec:25:9a:1d:e2:84:dc:0e:79:7a:1c:e6:d4:62:
34:cd:12:f8:26:a0:18:1f:6c:e2:b6:ca:43:14:74:c7:49:41:
68:52:0b:22:8d:d5:8b:a5:4a:c5:2f:03:42:c0:57:28:42:fe:
25:1d:6f:f4:7a:8e:b5:d6:76:3c:da:c0:60:ab:e1:45:ed:03:
8c:d3:0a:e5:ef:b4:4e:d5:76:15:78:7c:bd:4c:20:56:d0:61:
8b:9f:ca:e0:92:30:90:a7:50:21:54:33:fb:2d:dd:e2:0b:d9:
41:86:6d:3c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQgaE6Mxdzaj0MjBO9pTEVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl
YmQwYjgwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM1NmM5ZDAyYWE1NTQzNGJmNTcyMDI2NjQ4NWQzNjcyNzVkY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3dOXgmTO8FXSHwI+I5xONxgFEF3
+DWEiQq/A+i91fVIiWJg7+8wWrpjDSADDL2Vp98VwDnWHfHmwPA6gE4uAVICG63P
95hbNDuxSnNjJ5D5IyUw3mtvmaPkeqSC8LMN/wztK5TAxq3E/Y5VP3uZLKIJ3kKK
jrMk6fm4fSzhfY571BLcHm9TQAmXFE4oJD/O37Yujp+Bu7cWjXOoNGqPN27e5ODO
DlQOPXNZPheProbDTLka34+QX9+nw64nm2vIrxZEl5+RXeJbANwWOkQ+oB99naTp
uN7/UM/9MlOwlT8FaUbU9JwlcuH/ShrPF9eGbnQ/KIYprUa+s0FpnV9JlQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCjFbJ0CqlVDS/VyAmZIXTZyddzDMB8GA1UdIwQY
MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt
YzQxZGNjYThiNzc1LzEvS01Wc25RS3FWVU5MOVhJQ1praGRObkoxM01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1
LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQCLZNgAwQC
LZuoAwQBuZ30AwQCudgYAwQCwaiQMCQEAgACMB4DBQMqB6vAMA4DBQEqCWOCAwUB
KgljhAMFAyoLsUAwDQYJKoZIhvcNAQELBQADggEBAKDmsZE5lIwC+B65/Ett1OZi
9m9y2P4wb1JY8RBbbfjAs+iwC0dJ/95sH3B9cFg9l9MVI78XbgcirgsGI+d+unPj
8UDno3qXQ21CqwYIMDM/QxmkSIpX+F9Fl1a4UDNPpB/12xx+ULxzIEoBnY3t12El
EIQgLYlbxEb6djmWa75CnROPYpCTSDE87Ja1jCZWKlPhS6jsJZod4oTcDnl6HObU
YjTNEvgmoBgfbOK2ykMUdMdJQWhSCyKN1YulSsUvA0LAVyhC/iUdb/R6jrXWdjza
wGCr4UXtA4zTCuXvtE7VdhV4fL1MIFbQYYufyuCSMJCnUCFUM/st3eIL2UGGbTw=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:02:40 2025 by rpki-client