Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KgCwRwixtiSwcqDX9g6xYU0j0TI.roa
File: KgCwRwixtiSwcqDX9g6xYU0j0TI.roa (raw, json)
Hash identifier: RelpD0roJo/xNBoO7/OFyJD9s3QFGmvZYlM0zJBLPIk=
Subject key identifier: 2A:00:B0:47:08:B1:B6:24:B0:72:A0:D7:F6:0E:B1:61:4D:23:D1:32
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196ED2CFC1BD65D1608F9C9FC62F16ED067
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KgCwRwixtiSwcqDX9g6xYU0j0TI.roa
Signing time: Tue 20 May 2025 10:11:10 +0000
ROA not before: Tue 20 May 2025 10:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.145.56.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
192.153.171.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.23.253.0/24 maxlen: 24
193.27.10.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
193.27.21.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
194.33.61.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 May 2025 11:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:2c:fc:1b:d6:5d:16:08:f9:c9:fc:62:f1:6e:d0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 20 10:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a00b04708b1b624b072a0d7f60eb1614d23d132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1a:32:d1:1f:92:10:79:32:32:b6:ec:cb:b8:
1a:63:5c:58:2e:66:ca:b8:ed:56:c6:bf:43:12:cc:
1f:4e:00:97:6d:c7:56:e2:1a:5c:9f:5c:1b:9e:b2:
99:6e:eb:2d:68:4f:12:ae:43:c9:17:53:9b:82:ee:
80:9f:db:2b:9c:6b:41:ee:0f:d8:d4:0d:a5:2d:3f:
22:f5:bc:bb:61:cb:85:f1:92:16:a9:c7:1d:b4:1b:
29:ba:51:fa:f6:a7:40:3a:0b:7c:e8:10:d4:47:a0:
ad:c8:28:c2:ea:5e:67:16:ae:45:ed:1e:d1:ec:04:
cf:7e:0d:c1:df:74:ab:b0:88:ae:14:1a:ba:cc:00:
6b:97:15:37:f1:8e:b3:72:e4:1b:e3:b9:db:7e:25:
7f:ed:60:67:e0:d2:2c:c5:ff:8c:9d:8f:4b:03:9d:
08:cb:b8:98:0e:af:6e:fb:a3:65:78:a2:d4:65:53:
4f:9f:f0:3a:79:d3:8a:d5:be:97:aa:be:c0:61:66:
98:c7:a5:ac:e5:e4:ac:43:47:1a:1c:75:6c:2d:f5:
91:7e:73:59:be:de:d8:e3:0d:2a:ea:6d:09:cd:a5:
03:6a:27:57:fe:2c:9d:e3:68:93:31:03:ac:02:d9:
81:ec:bc:fe:19:13:90:bf:72:23:ae:3f:2d:12:ed:
c8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:00:B0:47:08:B1:B6:24:B0:72:A0:D7:F6:0E:B1:61:4D:23:D1:32
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KgCwRwixtiSwcqDX9g6xYU0j0TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.145.56.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
185.242.244.0/23
192.153.171.0/24
193.8.215.0/24
193.23.245.0/24
193.23.253.0/24
193.27.10.0/24
193.27.19.0/24
193.27.21.0/24
194.33.29.0/24
194.33.61.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
c8:98:69:85:69:02:ae:c9:b6:44:ff:18:6b:46:91:b5:1b:40:
5d:c0:a1:55:ff:ee:92:de:06:28:3c:ab:9e:d4:13:5c:0c:19:
cd:05:d6:f6:68:9f:ef:1b:2c:b9:39:e2:3b:0b:e1:08:13:12:
26:48:2d:55:34:18:2d:f3:db:49:81:f1:86:9f:54:ec:31:6e:
e9:30:30:0d:4c:d4:d2:53:c5:e8:f9:39:a2:f0:b9:47:f0:4f:
18:c2:fb:67:ce:65:46:50:9f:96:a8:25:dd:d3:f8:d0:53:41:
f7:ea:bf:46:c1:c5:34:9f:23:57:41:bb:35:0c:dc:f9:75:45:
de:1f:2d:43:43:72:24:aa:66:de:4f:20:44:b6:40:67:64:ee:
b9:f8:f5:ca:3e:52:ab:9c:cc:09:93:a6:62:df:44:de:ad:06:
c5:10:06:0b:b1:62:19:13:4b:be:c3:4d:58:24:4b:15:3c:0f:
fc:84:72:a7:eb:33:47:6d:ca:1b:d5:07:49:46:0a:4a:7e:e9:
4a:ae:ba:f6:ab:6a:26:bf:36:ca:c8:c5:00:28:2e:2c:0a:79:
51:65:be:e6:0b:25:12:f6:37:a1:5b:15:95:02:09:4d:b2:4a:
6e:84:24:d3:d1:88:f1:76:52:35:da:c1:32:ca:bd:1d:50:7a:
88:14:fa:eb
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZbtLPwb1l0WCPnJ/GLxbtBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTIwMTAxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTAwYjA0NzA4YjFiNjI0YjA3MmEwZDdmNjBlYjE2MTRkMjNkMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Roy0R+SEHkyMrbsy7gaY1xYLmbK
uO1Wxr9DEswfTgCXbcdW4hpcn1wbnrKZbustaE8SrkPJF1Obgu6An9srnGtB7g/Y
1A2lLT8i9by7YcuF8ZIWqccdtBspulH69qdAOgt86BDUR6CtyCjC6l5nFq5F7R7R
7ATPfg3B33SrsIiuFBq6zABrlxU38Y6zcuQb47nbfiV/7WBn4NIsxf+MnY9LA50I
y7iYDq9u+6NleKLUZVNPn/A6edOK1b6Xqr7AYWaYx6Ws5eSsQ0caHHVsLfWRfnNZ
vt7Y4w0q6m0JzaUDaidX/iyd42iTMQOsAtmB7Lz+GROQv3Ijrj8tEu3I7QIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFCoAsEcIsbYksHKg1/YOsWFNI9EyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvS2dDd1J3aXh0aVN3Y3FEWDlnNnhZVTBqMFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwgdMEAgABMIHMAwQA
LQl1AwQALV9gAwQALXb4AwQALYI8AwQBLYPUAwQALYPXAwQALYcnAwQALYlRAwQA
LYwNAwQALY2xAwQALZE4AwQALZKDAwQALZjQAwQALZkWAwQALZtFAwQALZ65AwQA
VdGAAwQAZ3IrAwQAcR6aAwQAuXqrAwQAuX5AAwQAuX5CAwQAuZvIAwQBufL0AwQA
wJmrAwQAwQjXAwQAwRf1AwQAwRf9AwQAwRsKAwQAwRsTAwQAwRsVAwQAwiEdAwQA
wiE9AwQAw57AMBgEAgACMBIDBwAqDHiGAQUDBwAqD+fGEAAwDQYJKoZIhvcNAQEL
BQADggEBAMiYaYVpAq7JtkT/GGtGkbUbQF3AoVX/7pLeBig8q57UE1wMGc0F1vZo
n+8bLLk54jsL4QgTEiZILVU0GC3z20mB8YafVOwxbukwMA1M1NJTxej5OaLwuUfw
TxjC+2fOZUZQn5aoJd3T+NBTQffqv0bBxTSfI1dBuzUM3Pl1Rd4fLUNDciSqZt5P
IES2QGdk7rn49co+UquczAmTpmLfRN6tBsUQBguxYhkTS77DTVgkSxU8D/yEcqfr
M0dtyhvVB0lGCkp+6Uquuvaraia/NsrIxQAoLiwKeVFlvuYLJRL2N6FbFZUCCU2y
Sm6EJNPRiPF2UjXawTLKvR1QeogU+us=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:42:49 2025 by rpki-client