Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/KLwEcaWbga8Uwwt_rmTCnqy87Dw.roa
File: KLwEcaWbga8Uwwt_rmTCnqy87Dw.roa (raw, json)
Hash identifier: nN85IYUXDMTkLkYHKi25DWwreVBtA+jq8b+31nDn3GE=
Subject key identifier: 28:BC:04:71:A5:9B:81:AF:14:C3:0B:7F:AE:64:C2:9E:AC:BC:EC:3C
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 0194CDFEF7BA4AD8EE707224CCC66BEE12BA
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/KLwEcaWbga8Uwwt_rmTCnqy87Dw.roa
Signing time: Mon 03 Feb 2025 22:47:06 +0000
ROA not before: Mon 03 Feb 2025 22:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 195.226.82.0/24 maxlen: 24
195.226.83.0/24 maxlen: 24
195.226.84.0/24 maxlen: 24
195.226.85.0/24 maxlen: 24
195.226.86.0/24 maxlen: 24
195.226.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 15:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cd:fe:f7:ba:4a:d8:ee:70:72:24:cc:c6:6b:ee:12:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Feb 3 22:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28bc0471a59b81af14c30b7fae64c29eacbcec3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:fc:5a:10:0c:83:40:21:3f:66:cd:b6:2c:
03:b2:5f:16:8f:a1:87:55:6c:91:70:ed:36:d8:17:
fa:31:32:3e:90:21:06:46:f8:f9:c5:72:1b:8e:63:
75:a1:55:32:a6:56:30:68:5f:1c:44:27:8f:f3:3e:
44:07:1b:de:8c:72:fd:b1:12:bd:28:b5:fa:93:bf:
d6:3b:4b:1d:3e:41:4b:1c:be:74:c1:82:90:fe:6a:
98:d8:6f:a1:05:7a:f2:00:72:1b:08:05:85:b6:46:
28:6d:e6:33:6e:d9:48:20:ed:88:c7:85:81:58:8e:
0e:f5:58:ee:39:5b:b8:05:f6:7f:60:f3:fe:78:06:
79:8d:fb:2e:ea:87:84:f5:91:f6:b8:af:eb:e9:30:
94:75:9c:e9:85:81:62:01:f0:57:44:29:2e:5a:1c:
6f:2a:19:f8:14:23:eb:0e:1d:75:77:65:24:d5:b3:
2f:16:01:ff:80:de:26:a5:81:53:e4:00:fa:5c:52:
0e:fc:ea:93:62:da:33:41:35:60:62:7b:0d:1e:7c:
41:b5:b9:b3:50:5d:7e:c5:56:c2:f6:48:3b:87:24:
e0:73:70:e9:2b:b3:8d:68:96:30:60:aa:69:9e:f3:
49:8d:45:d3:3b:9d:be:ad:34:30:fc:ac:95:2f:3b:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BC:04:71:A5:9B:81:AF:14:C3:0B:7F:AE:64:C2:9E:AC:BC:EC:3C
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/KLwEcaWbga8Uwwt_rmTCnqy87Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.82.0-195.226.87.255
Signature Algorithm: sha256WithRSAEncryption
79:51:12:2a:91:69:b0:be:17:92:18:84:8a:ce:f7:e0:b5:48:
51:d8:2e:4d:ad:90:38:c8:d9:a6:a1:32:12:21:2e:f2:a0:61:
0e:0e:af:e4:46:57:33:70:35:fb:a0:86:51:13:ad:67:2a:21:
0f:83:3e:87:20:2c:f3:31:2a:15:bc:b8:35:b4:db:a0:28:23:
a5:a2:40:25:70:3b:fc:8b:e2:99:f6:01:5e:bf:0d:4e:69:da:
5d:65:8a:15:ad:4e:58:28:48:02:6c:e0:b6:bc:b5:53:cf:b1:
eb:db:97:fa:b5:e1:6c:48:23:5b:4b:51:a7:fc:62:8c:72:19:
9a:40:0b:5d:ff:66:38:19:67:34:f1:39:d3:a2:4c:d3:d3:33:
66:26:4e:25:7e:46:d8:11:ef:17:2a:89:30:bd:af:dd:9e:5c:
c1:ce:23:12:14:86:d9:52:0b:7c:1b:e2:b3:ec:9f:28:ff:00:
bb:0b:b5:22:c4:35:bf:e6:17:4c:0e:65:0d:b6:15:54:95:c6:
e6:f1:7d:1d:e2:a6:a9:95:94:3a:54:0b:9b:15:cf:fe:55:39:
9e:35:28:24:6f:e0:9b:6c:19:67:07:fe:f1:7e:b1:02:8a:cf:
84:49:03:d4:00:aa:95:99:51:1c:2e:c7:aa:f5:32:bc:6d:6d:
1c:14:e3:8b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTN/ve6StjucHIkzMZr7hK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjUwMjAzMjI0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJjMDQ3MWE1OWI4MWFmMTRjMzBiN2ZhZTY0YzI5ZWFjYmNlYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMj8WhAMg0AhP2bNtiwDsl8Wj6GH
VWyRcO022Bf6MTI+kCEGRvj5xXIbjmN1oVUyplYwaF8cRCeP8z5EBxvejHL9sRK9
KLX6k7/WO0sdPkFLHL50wYKQ/mqY2G+hBXryAHIbCAWFtkYobeYzbtlIIO2Ix4WB
WI4O9VjuOVu4BfZ/YPP+eAZ5jfsu6oeE9ZH2uK/r6TCUdZzphYFiAfBXRCkuWhxv
Khn4FCPrDh11d2Uk1bMvFgH/gN4mpYFT5AD6XFIO/OqTYtozQTVgYnsNHnxBtbmz
UF1+xVbC9kg7hyTgc3DpK7ONaJYwYKppnvNJjUXTO52+rTQw/KyVLzujCQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCi8BHGlm4GvFMMLf65kwp6svOw8MB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvS0x3RWNhV2JnYThVd3d0X3JtVENucXk4N0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHD4lID
BAPD4lAwDQYJKoZIhvcNAQELBQADggEBAHlREiqRabC+F5IYhIrO9+C1SFHYLk2t
kDjI2aahMhIhLvKgYQ4Or+RGVzNwNfughlETrWcqIQ+DPocgLPMxKhW8uDW026Ao
I6WiQCVwO/yL4pn2AV6/DU5p2l1lihWtTlgoSAJs4La8tVPPsevbl/q14WxII1tL
Uaf8YoxyGZpAC13/ZjgZZzTxOdOiTNPTM2YmTiV+RtgR7xcqiTC9r92eXMHOIxIU
htlSC3wb4rPsnyj/ALsLtSLENb/mF0wOZQ22FVSVxubxfR3ipqmVlDpUC5sVz/5V
OZ41KCRv4JtsGWcH/vF+sQKKz4RJA9QAqpWZURwux6r1MrxtbRwU44s=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:02 2025 by rpki-client