Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kf1sUp40sRgmup4HgtLIKBctDbE.roa
File: kf1sUp40sRgmup4HgtLIKBctDbE.roa (raw, json)
Hash identifier: EdSNx1LrlwPyHP/lJvKUVKIPtbsHfS/9vv/LABS73u8=
Subject key identifier: 91:FD:6C:52:9E:34:B1:18:26:BA:9E:07:82:D2:C8:28:17:2D:0D:B1
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194510160711B9AF42D651508205D34DB07
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kf1sUp40sRgmup4HgtLIKBctDbE.roa
Signing time: Fri 10 Jan 2025 16:17:12 +0000
ROA not before: Fri 10 Jan 2025 16:17:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sat 11 Jan 2025 19:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:51:01:60:71:1b:9a:f4:2d:65:15:08:20:5d:34:db:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 10 16:17:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91fd6c529e34b11826ba9e0782d2c828172d0db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7a:0a:70:bb:b7:c9:c1:32:cf:70:b5:3d:d2:
41:48:da:a5:d3:0d:45:0f:53:54:a7:d0:12:0d:20:
73:a4:81:55:1c:24:7c:fd:ce:ae:cc:3c:40:1e:73:
7a:cd:fd:d6:64:67:fc:22:6e:bb:b5:a8:52:02:1e:
b3:c7:ab:cd:c3:7e:79:8d:2c:43:34:a6:81:81:43:
6c:a2:56:bd:ac:57:61:a1:dd:bd:8c:43:52:d1:39:
73:9b:c6:84:1b:52:ca:69:0a:a2:ab:b0:a0:d4:e4:
5d:6b:ee:54:94:1c:30:33:1e:7c:9d:7e:41:ea:ce:
82:d0:78:3d:99:ca:05:a1:ac:3f:f6:f0:b2:a9:74:
f1:0d:69:da:e2:c4:06:8b:e1:23:ea:a1:6a:cb:ca:
7f:c9:8a:d4:e0:df:08:d3:ab:3a:50:ae:6b:34:cd:
2b:be:06:56:66:6d:15:2d:1d:ef:47:af:14:46:e0:
dc:69:65:e1:23:71:b4:e7:f8:16:23:90:37:d3:05:
ee:eb:9f:cd:30:87:f0:34:db:72:66:35:9c:37:bb:
12:fb:db:a0:a9:d9:f5:de:6e:ab:75:5d:4f:20:26:
82:b4:6e:ff:34:e1:1e:15:f3:72:e7:aa:c1:42:c7:
54:d2:f0:b0:4a:d3:e6:29:5e:55:e1:08:e5:73:86:
b6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FD:6C:52:9E:34:B1:18:26:BA:9E:07:82:D2:C8:28:17:2D:0D:B1
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kf1sUp40sRgmup4HgtLIKBctDbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
185.211.48.0-185.211.50.255
Signature Algorithm: sha256WithRSAEncryption
ca:c7:95:24:5f:96:19:36:17:bc:3c:a0:5d:72:3c:cd:8e:00:
4d:dd:97:d7:4c:37:40:20:ba:ef:24:11:b4:3e:17:a2:08:b9:
45:d7:24:1d:4b:0a:49:ce:0e:b0:68:a0:9d:77:d3:2d:5f:2d:
0c:45:e0:3e:41:86:28:d0:cc:fb:4e:52:f8:77:47:20:ba:1b:
1d:c2:76:b9:07:e3:89:31:1a:cb:42:3a:a7:66:10:fc:e5:eb:
a6:1b:06:19:20:3d:bc:3a:ec:26:7c:c8:3a:fc:31:3b:14:6b:
3f:76:6e:6e:fb:10:da:1e:3e:be:ac:81:16:0d:cc:dc:14:08:
d1:49:fd:34:65:fe:c8:ee:c1:b8:a8:e8:1c:5b:4c:70:df:d7:
89:2c:0e:9d:75:b0:c6:26:14:bc:89:9e:83:11:be:61:f0:b2:
43:76:94:00:59:13:df:f5:44:bb:67:42:59:cf:37:e6:12:73:
63:2c:05:be:41:80:e1:d6:d8:54:82:05:b4:77:01:2f:fa:14:
a9:94:f1:e3:22:3c:71:2f:ac:4c:a0:c9:37:2b:48:7e:d4:e6:
f5:94:e3:68:8c:03:97:a4:df:d4:ed:23:10:7b:19:1b:05:a1:
1b:fe:45:dc:5f:4b:91:ca:34:2b:3c:7c:01:a2:4f:cd:2d:6e:
13:c2:f9:3a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZRRAWBxG5r0LWUVCCBdNNsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTEwMTYxNzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZkNmM1MjllMzRiMTE4MjZiYTllMDc4MmQyYzgyODE3MmQwZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3oKcLu3ycEyz3C1PdJBSNql0w1F
D1NUp9ASDSBzpIFVHCR8/c6uzDxAHnN6zf3WZGf8Im67tahSAh6zx6vNw355jSxD
NKaBgUNsola9rFdhod29jENS0Tlzm8aEG1LKaQqiq7Cg1ORda+5UlBwwMx58nX5B
6s6C0Hg9mcoFoaw/9vCyqXTxDWna4sQGi+Ej6qFqy8p/yYrU4N8I06s6UK5rNM0r
vgZWZm0VLR3vR68URuDcaWXhI3G05/gWI5A30wXu65/NMIfwNNtyZjWcN7sS+9ug
qdn13m6rdV1PICaCtG7/NOEeFfNy56rBQsdU0vCwStPmKV5V4Qjlc4a2RwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJH9bFKeNLEYJrqeB4LSyCgXLQ2xMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEva2Yxc1VwNDBzUmdtdXA0SGd0TElLQmN0RGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALYgAMAwD
BAS50zADBAC50zIwDQYJKoZIhvcNAQELBQADggEBAMrHlSRflhk2F7w8oF1yPM2O
AE3dl9dMN0Aguu8kEbQ+F6IIuUXXJB1LCknODrBooJ130y1fLQxF4D5BhijQzPtO
Uvh3RyC6Gx3CdrkH44kxGstCOqdmEPzl66YbBhkgPbw67CZ8yDr8MTsUaz92bm77
ENoePr6sgRYNzNwUCNFJ/TRl/sjuwbio6BxbTHDf14ksDp11sMYmFLyJnoMRvmHw
skN2lABZE9/1RLtnQlnPN+YSc2MsBb5BgOHW2FSCBbR3AS/6FKmU8eMiPHEvrEyg
yTcrSH7U5vWU42iMA5ek39TtIxB7GRsFoRv+RdxfS5HKNCs8fAGiT80tbhPC+To=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:29:22 2025 by rpki-client