Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KCFIWwFp2dDWBHabiMXrpnS563E.roa
File: KCFIWwFp2dDWBHabiMXrpnS563E.roa (raw, json)
Hash identifier: DdTZavm1OXjyUyIV0r2lsJ05ktp/4/DrjOIcw3g0F44=
Subject key identifier: 28:21:48:5B:01:69:D9:D0:D6:04:76:9B:88:C5:EB:A6:74:B9:EB:71
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0196A11BB893B46CE53A26A8B9DD9171C31A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KCFIWwFp2dDWBHabiMXrpnS563E.roa
Signing time: Mon 05 May 2025 15:41:10 +0000
ROA not before: Mon 05 May 2025 15:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 185.214.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 17:10:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:1b:b8:93:b4:6c:e5:3a:26:a8:b9:dd:91:71:c3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 5 15:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2821485b0169d9d0d604769b88c5eba674b9eb71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:60:fa:cd:80:0e:62:75:34:db:1f:5a:db:
9b:22:93:fb:03:23:18:69:2d:ab:9c:13:57:f7:86:
67:47:a3:2f:42:4d:94:2a:59:fb:b9:5b:cd:3e:98:
1d:32:9a:ae:e3:56:f9:d9:65:2c:de:fa:26:ac:e6:
14:a7:a1:b3:99:e4:da:f7:ac:0b:40:ea:8a:34:d1:
66:cc:a2:1e:11:24:fe:b0:ed:61:76:d3:40:ea:c9:
e8:23:04:82:0b:51:c3:30:d0:ac:eb:70:e6:e5:d0:
41:6c:e6:3a:de:a9:8a:19:d7:0e:15:7d:bd:df:86:
eb:79:50:a1:d3:66:86:da:b6:e4:b4:5f:b8:16:5b:
4f:e2:2a:b2:8f:6b:34:17:ff:4e:06:c3:dd:2b:6f:
dc:88:f8:a5:ee:f6:ac:30:b8:c4:44:c0:76:81:8a:
01:72:97:39:67:62:b9:b8:9f:8f:ec:4e:31:3f:ad:
2a:66:7a:ab:6b:94:6e:8c:d5:ee:56:b5:db:f0:e3:
b0:43:58:7b:48:03:2a:61:cb:4b:af:f1:0a:d7:3b:
8f:d7:0f:82:d1:2e:6e:e0:2b:52:b7:43:e9:c2:69:
79:d6:e1:ad:6e:cf:e5:47:07:39:96:13:c0:a5:5d:
39:63:0e:bc:2b:11:8a:19:7d:cb:ca:07:46:47:ff:
68:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:21:48:5B:01:69:D9:D0:D6:04:76:9B:88:C5:EB:A6:74:B9:EB:71
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KCFIWwFp2dDWBHabiMXrpnS563E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.108.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:4c:7b:1b:c3:9f:10:4a:a0:28:37:27:63:12:b6:2a:6e:1f:
5e:c5:20:07:99:cd:05:c4:c2:7d:bb:5a:e9:cc:51:66:79:7b:
62:50:b4:ce:60:67:3e:3d:51:c5:33:2d:60:31:02:e0:12:28:
cc:23:be:3c:ed:71:13:2d:7e:85:79:e7:f1:48:51:d7:b0:96:
f8:a5:e5:f4:26:70:11:25:90:d2:60:75:69:44:7b:88:04:10:
9b:76:a5:e9:57:8f:b9:41:7e:1d:ed:a5:50:ca:24:c8:38:56:
c8:6e:3c:77:d3:c9:3e:04:a5:d0:9e:08:5e:64:3d:a7:df:38:
be:9b:82:bb:35:fc:87:f3:eb:c5:ba:eb:e1:79:63:46:1e:54:
e0:96:66:09:9b:ac:65:65:2d:f5:86:80:18:a9:fd:3f:36:2c:
53:4e:b9:2f:61:ae:62:b4:58:58:29:59:3a:b5:a1:0f:a3:65:
a6:59:20:90:a8:31:97:f3:c5:e0:2b:6a:49:8b:47:c9:57:76:
c6:d1:ce:72:ba:54:35:e0:3f:81:9c:3b:13:1f:88:97:03:7f:
ba:e3:a1:8d:c5:1c:91:85:d9:1e:ba:1b:6d:a6:4f:e9:5c:88:
3f:8f:55:17:69:3e:f2:58:7a:e1:75:89:5a:9e:fa:d7:ec:23:
51:c7:08:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZahG7iTtGzlOiaoud2RccMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNTA1MTU0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODIxNDg1YjAxNjlkOWQwZDYwNDc2OWI4OGM1ZWJhNjc0YjllYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDFg+s2ADmJ1NNsfWtubIpP7AyMY
aS2rnBNX94ZnR6MvQk2UKln7uVvNPpgdMpqu41b52WUs3vomrOYUp6GzmeTa96wL
QOqKNNFmzKIeEST+sO1hdtNA6snoIwSCC1HDMNCs63Dm5dBBbOY63qmKGdcOFX29
34breVCh02aG2rbktF+4FltP4iqyj2s0F/9OBsPdK2/ciPil7vasMLjERMB2gYoB
cpc5Z2K5uJ+P7E4xP60qZnqra5RujNXuVrXb8OOwQ1h7SAMqYctLr/EK1zuP1w+C
0S5u4CtSt0Ppwml51uGtbs/lRwc5lhPApV05Yw68KxGKGX3LygdGR/9oBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCghSFsBadnQ1gR2m4jF66Z0uetxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS0NGSVd3RnAyZERXQkhhYmlNWHJwblM1NjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudZsMA0G
CSqGSIb3DQEBCwUAA4IBAQC2THsbw58QSqAoNydjErYqbh9exSAHmc0FxMJ9u1rp
zFFmeXtiULTOYGc+PVHFMy1gMQLgEijMI7487XETLX6FeefxSFHXsJb4peX0JnAR
JZDSYHVpRHuIBBCbdqXpV4+5QX4d7aVQyiTIOFbIbjx308k+BKXQngheZD2n3zi+
m4K7NfyH8+vFuuvheWNGHlTglmYJm6xlZS31hoAYqf0/NixTTrkvYa5itFhYKVk6
taEPo2WmWSCQqDGX88XgK2pJi0fJV3bG0c5yulQ14D+BnDsTH4iXA3+646GNxRyR
hdkeuhttpk/pXIg/j1UXaT7yWHrhdYlanvrX7CNRxwgp
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:41:50 2025 by rpki-client