Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/KQWydS2BMZztEZS7l6-zP5muY-I.roa
File: KQWydS2BMZztEZS7l6-zP5muY-I.roa (raw, json)
Hash identifier: 1g0YQz0E3jriZZF1rYdMbeipeXnDCZdtTGJvck8KnBI=
Subject key identifier: 29:05:B2:75:2D:81:31:9C:ED:11:94:BB:97:AF:B3:3F:99:AE:63:E2
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B23FA62CC7B007B7635F9BFECEDE66
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/KQWydS2BMZztEZS7l6-zP5muY-I.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138156
IP address blocks: 45.8.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 09:43:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3f:a6:2c:c7:b0:07:b7:63:5f:9b:fe:ce:de:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2905b2752d81319ced1194bb97afb33f99ae63e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:79:f0:cf:7c:57:e1:9d:be:54:f9:20:d2:e8:
a5:03:76:32:95:15:0a:6b:e6:f6:62:bb:bc:b5:74:
21:4c:fd:37:f7:e4:44:4a:31:21:e2:dc:67:c2:25:
9d:c1:9b:b7:ce:68:f2:f5:35:01:2f:e0:69:d3:2e:
3e:d2:94:69:77:28:48:e9:ed:b2:61:61:07:fc:fd:
ab:03:04:d1:35:7f:3d:d4:4c:98:5c:96:79:c1:e7:
6d:69:ba:8d:44:15:f4:23:34:52:b8:0a:b8:49:65:
71:9d:7f:9b:69:4f:81:12:62:98:82:1a:3b:89:c9:
e4:f9:2a:36:e5:5f:cb:b8:10:cc:9d:7c:5f:64:79:
8e:93:c1:78:17:85:16:dd:75:1d:a0:bc:85:07:01:
83:26:f1:dd:11:79:22:f7:30:1c:74:af:88:ce:dc:
b5:d6:09:32:3e:56:5a:17:13:60:0b:cd:34:d1:8a:
45:92:e9:bc:8c:7d:19:9b:a7:c1:ab:28:3b:bf:d7:
88:83:d1:06:be:f9:9a:01:78:04:35:54:d9:58:c8:
9f:96:36:7f:1d:ce:46:0d:37:f1:f2:ff:77:0b:5d:
67:ba:fc:89:00:37:b8:0c:2f:2a:f2:5f:1c:2b:01:
ee:27:6c:50:95:e7:3d:d9:8c:55:72:42:be:a9:75:
3b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:05:B2:75:2D:81:31:9C:ED:11:94:BB:97:AF:B3:3F:99:AE:63:E2
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/KQWydS2BMZztEZS7l6-zP5muY-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.252.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:68:49:07:1d:00:06:45:57:44:88:78:9e:c5:af:78:b2:e9:
5b:eb:f8:f1:2d:86:da:a6:52:e5:c6:d1:02:67:92:de:6f:87:
33:4a:8f:a5:dd:9b:1b:ec:bb:07:29:58:1d:e5:b8:2a:17:cb:
21:ba:98:25:0f:4c:cb:a5:d5:06:ef:8c:be:e4:38:e1:18:3d:
b8:f1:e2:e2:c9:39:0d:fb:a6:79:ab:99:b3:e4:29:58:54:2b:
ce:7f:c9:8b:ab:1d:74:71:4d:4b:25:49:08:bd:4c:15:ee:51:
52:c4:a5:9c:d3:97:14:dc:6a:55:9f:76:fa:d1:fb:d1:5d:d7:
4e:c9:52:74:6e:69:f0:90:fa:b6:cf:a9:0e:46:16:3c:ff:6f:
5a:cd:c8:ea:11:3d:11:45:8d:85:ad:4b:8c:6d:49:a2:69:77:
3e:60:14:8f:f4:de:e4:fc:90:93:64:c2:ea:bd:fa:03:10:3d:
cd:59:de:64:76:53:04:4c:9d:2a:9d:a4:4b:ed:6d:95:20:66:
72:54:20:0a:d5:be:2e:a7:52:db:86:01:24:00:aa:39:ca:12:
46:20:d6:44:f6:0d:45:65:0d:17:49:e2:01:f0:1b:b7:0b:e7:
fa:ed:95:a8:a3:03:40:36:0c:3e:f1:3e:03:7f:fc:87:5a:f2:
e6:cd:6b:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsj+mLMewB7djX5v+zt5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA1YjI3NTJkODEzMTljZWQxMTk0YmI5N2FmYjMzZjk5YWU2M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3nwz3xX4Z2+VPkg0uilA3YylRUK
a+b2Yru8tXQhTP039+RESjEh4txnwiWdwZu3zmjy9TUBL+Bp0y4+0pRpdyhI6e2y
YWEH/P2rAwTRNX891EyYXJZ5wedtabqNRBX0IzRSuAq4SWVxnX+baU+BEmKYgho7
icnk+So25V/LuBDMnXxfZHmOk8F4F4UW3XUdoLyFBwGDJvHdEXki9zAcdK+Izty1
1gkyPlZaFxNgC8000YpFkum8jH0Zm6fBqyg7v9eIg9EGvvmaAXgENVTZWMifljZ/
Hc5GDTfx8v93C11nuvyJADe4DC8q8l8cKwHuJ2xQlec92YxVckK+qXU7HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkFsnUtgTGc7RGUu5evsz+ZrmPiMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvS1FXeWRTMkJNWnp0RVpTN2w2LXpQNW11WS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQj8MA0G
CSqGSIb3DQEBCwUAA4IBAQA8aEkHHQAGRVdEiHiexa94sulb6/jxLYbaplLlxtEC
Z5Leb4czSo+l3Zsb7LsHKVgd5bgqF8shupglD0zLpdUG74y+5DjhGD248eLiyTkN
+6Z5q5mz5ClYVCvOf8mLqx10cU1LJUkIvUwV7lFSxKWc05cU3GpVn3b60fvRXddO
yVJ0bmnwkPq2z6kORhY8/29azcjqET0RRY2FrUuMbUmiaXc+YBSP9N7k/JCTZMLq
vfoDED3NWd5kdlMETJ0qnaRL7W2VIGZyVCAK1b4up1LbhgEkAKo5yhJGINZE9g1F
ZQ0XSeIB8Bu3C+f67ZWoowNANgw+8T4Df/yHWvLmzWvg
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:02:02 2025 by rpki-client