Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Kz-rnHAtvwyoqsCF2OFr_voWqwY.roa
File: Kz-rnHAtvwyoqsCF2OFr_voWqwY.roa (raw, json)
Hash identifier: Ap31JRyGjhrKghX39hrCpI3sllQScdzY3CVG6dECg5Y=
Subject key identifier: 2B:3F:AB:9C:70:2D:BF:0C:A8:AA:C0:85:D8:E1:6B:FE:FA:16:AB:06
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019081A4C9A82FEE9DDA95D23CFC7E176650
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Kz-rnHAtvwyoqsCF2OFr_voWqwY.roa
Signing time: Fri 05 Jul 2024 06:46:18 +0000
ROA not before: Fri 05 Jul 2024 06:46:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a0e:1a80::/32 maxlen: 32
2a0e:1a80:2541::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:3d83::/32 maxlen: 32
2a0f:3d87::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a0f:e1c7:1::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 12:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:a4:c9:a8:2f:ee:9d:da:95:d2:3c:fc:7e:17:66:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 5 06:46:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3fab9c702dbf0ca8aac085d8e16bfefa16ab06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:49:10:9c:ed:79:51:4f:e3:ed:ae:10:fc:9a:
8a:ed:d7:14:ea:53:b6:8e:46:57:03:fd:92:4f:d5:
e7:6b:de:71:33:91:e9:6b:25:c0:04:e2:38:f5:54:
ba:9a:be:7c:17:22:f3:af:4e:1c:f4:14:6f:3d:18:
45:4a:ea:19:4a:5d:fa:0e:36:3f:f4:9e:eb:71:26:
4a:02:e1:95:84:d4:79:81:ae:4c:fe:57:d3:ae:ae:
56:c2:d2:5b:e5:84:95:1f:a2:a5:38:f8:53:37:e8:
d9:dc:3b:62:b0:f9:01:99:39:9f:da:b7:90:ec:32:
ef:83:30:c5:9b:34:55:48:fb:dd:64:b5:b8:37:6e:
f0:95:7b:a4:2b:c8:ee:cf:bd:ce:40:bc:40:19:4b:
95:55:bb:0f:9b:3a:7a:eb:1d:c4:ed:e0:34:80:1e:
b8:6d:c3:69:d9:7a:12:e0:ad:8a:d5:00:2d:c1:f0:
4c:da:e9:4d:68:08:9c:d1:fd:94:9c:b6:fb:ba:cf:
2c:3f:9d:7b:40:31:48:ac:34:ab:59:04:a0:e0:0d:
ba:f8:f9:f8:6e:56:48:b6:ba:9a:ad:bf:7a:e5:5b:
8f:3d:69:95:e8:e1:62:88:e3:0d:08:cc:b7:93:50:
99:8a:45:2a:af:ff:2d:d9:8a:fb:ee:95:18:e3:d5:
43:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3F:AB:9C:70:2D:BF:0C:A8:AA:C0:85:D8:E1:6B:FE:FA:16:AB:06
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Kz-rnHAtvwyoqsCF2OFr_voWqwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
103.139.50.0/24
193.164.199.0/24
IPv6:
2a0e:1a80::/32
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:3d83::/32
2a0f:3d87::/32
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a0f:e1c7:1::/48
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:f540::/29
2a13:18c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
26:f1:b0:6a:2b:50:d7:b1:54:44:b7:6e:1f:0a:e7:ce:3f:28:
00:f0:43:43:19:b4:81:ce:02:d6:5e:19:08:f8:ea:23:75:21:
24:3e:9c:c3:6f:f1:57:16:75:e1:52:20:18:b0:e8:5a:94:d5:
25:3f:1d:43:f5:aa:49:67:6f:3b:4e:0b:ef:70:74:89:eb:71:
76:93:31:45:3d:f7:47:83:83:05:b9:8b:19:df:ca:cc:f3:22:
0d:91:ef:7d:23:17:cd:48:a5:f9:c4:a4:06:f5:0b:b0:dd:79:
08:93:b7:e0:9e:67:cc:42:d2:e3:d8:a6:4a:62:85:65:18:ce:
9c:b5:bc:a0:41:63:91:0a:cc:cf:5d:0a:ca:42:fa:eb:1b:55:
21:47:c1:28:34:f0:4a:58:41:94:36:a9:09:c8:8e:ff:8f:67:
1d:22:9f:1f:a6:a5:27:5d:69:9a:16:35:48:d4:1a:83:a3:b2:
62:29:0a:4b:94:72:fe:15:02:1e:7c:9c:56:e4:74:b4:63:26:
2b:ec:a5:fb:e0:c7:33:3d:01:13:5d:20:b4:77:b9:80:57:92:
12:22:58:23:ee:1a:51:83:c8:73:4d:66:8a:0d:97:7e:09:a7:
14:a7:c5:4a:50:6d:89:31:32:c4:7d:74:ec:0c:92:9f:34:9f:
d0:13:99:4d
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZCBpMmoL+6d2pXSPPx+F2ZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzA1MDY0NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNmYWI5YzcwMmRiZjBjYThhYWMwODVkOGUxNmJmZWZhMTZhYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kkQnO15UU/j7a4Q/JqK7dcU6lO2
jkZXA/2ST9Xna95xM5HpayXABOI49VS6mr58FyLzr04c9BRvPRhFSuoZSl36DjY/
9J7rcSZKAuGVhNR5ga5M/lfTrq5WwtJb5YSVH6KlOPhTN+jZ3DtisPkBmTmf2reQ
7DLvgzDFmzRVSPvdZLW4N27wlXukK8juz73OQLxAGUuVVbsPmzp66x3E7eA0gB64
bcNp2XoS4K2K1QAtwfBM2ulNaAic0f2UnLb7us8sP517QDFIrDSrWQSg4A26+Pn4
blZItrqarb965VuPPWmV6OFiiOMNCMy3k1CZikUqr/8t2Yr77pUY49VDrwIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFCs/q5xwLb8MqKrAhdjha/76FqsGMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvS3otcm5IQXR2d3lvcXNDRjJPRnJfdm9XcXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADAeBAIAATAYAwQA
LYF/AwQALYclAwQAZ4syAwQAwaTHMIHdBAIAAjCB1gMFACoOGoADBQAqDseAAwcA
Kg7yAQABAwcAKg8eAAEjAwcAKg8eAARWAwcAKg8eAAmHAwcAKg8eAAq8AwcAKg8e
AN75AwcAKg8eAQABAwcAKg8egQACAwcAKg8egRKTAwcAKg8egUMZAwcAKg8egZLo
AwcAKg8egaPQAwcAKg8egc2uAwUDKg8ugAMFACoPPYMDBQAqDz2HAwcAKg99AgAB
AwUAKg/hxgMHACoP4ccAAQMFAyoQbUADBQMqEf2AAwUBKhKsQAMFAyoS9UADBwAq
ExjAAAEwDQYJKoZIhvcNAQELBQADggEBACbxsGorUNexVES3bh8K584/KADwQ0MZ
tIHOAtZeGQj46iN1ISQ+nMNv8VcWdeFSIBiw6FqU1SU/HUP1qklnbztOC+9wdInr
cXaTMUU990eDgwW5ixnfyszzIg2R730jF81IpfnEpAb1C7DdeQiTt+CeZ8xC0uPY
pkpihWUYzpy1vKBBY5EKzM9dCspC+usbVSFHwSg08EpYQZQ2qQnIjv+PZx0inx+m
pSddaZoWNUjUGoOjsmIpCkuUcv4VAh58nFbkdLRjJivspfvgxzM9ARNdILR3uYBX
khIiWCPuGlGDyHNNZooNl34JpxSnxUpQbYkxMsR9dOwMkp80n9ATmU0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:28:48 2025 by rpki-client