Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Kw7BLgaGGkiMyvZkKsXFZYtGnaA.roa
File: Kw7BLgaGGkiMyvZkKsXFZYtGnaA.roa (raw, json)
Hash identifier: j84bGqjxd4CF+VhBuW8vVLq5H5uK/SA6lrIK/c6Stik=
Subject key identifier: 2B:0E:C1:2E:06:86:1A:48:8C:CA:F6:64:2A:C5:C5:65:8B:46:9D:A0
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 019427B63A1A86B318E62BF3061FCD62F218
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Kw7BLgaGGkiMyvZkKsXFZYtGnaA.roa
Signing time: Thu 02 Jan 2025 15:50:41 +0000
ROA not before: Thu 02 Jan 2025 15:50:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
185.139.228.0/24 maxlen: 24
185.144.156.0/22 maxlen: 22
193.168.172.0/24 maxlen: 24
193.168.175.0/24 maxlen: 24
2a06:c5c0:1500::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1700::/48 maxlen: 48
2a07:3b80::/48 maxlen: 48
2a07:3b80:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Mar 2025 16:52:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:3a:1a:86:b3:18:e6:2b:f3:06:1f:cd:62:f2:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Jan 2 15:50:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b0ec12e06861a488ccaf6642ac5c5658b469da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:33:94:92:15:65:bf:cc:9f:a0:3a:5d:e1:6d:
d4:13:67:41:8f:24:db:4d:5c:40:db:a9:24:bd:49:
94:1a:8f:6f:4b:cb:c9:6e:81:55:57:bc:53:68:39:
f5:d4:05:34:6a:86:3d:84:8e:d6:14:3b:d4:fe:8b:
33:b2:15:1c:fb:1b:1c:4c:49:14:11:38:3c:f2:d8:
02:b4:30:ef:b4:4a:4a:f4:af:6b:a0:3e:9b:8f:d1:
b4:b2:0e:eb:aa:23:0c:9c:07:0e:60:63:ba:33:85:
4f:e3:5c:b1:40:3d:c9:26:d7:86:8c:31:70:d7:c6:
c1:43:10:a8:d4:26:2a:c2:34:64:96:6a:25:5c:74:
47:22:94:81:71:e7:ae:63:80:f7:4f:ba:2b:20:ea:
d6:62:c3:fd:c7:07:57:a9:91:04:ba:cd:a8:b0:58:
28:90:c1:2b:0f:50:0d:7f:9f:1d:94:e7:4f:32:d1:
44:e4:5a:50:fc:60:d0:f4:80:52:ff:96:8a:95:9f:
a9:c6:7e:1a:91:29:e0:62:e1:77:7d:ff:70:fb:24:
74:ff:32:27:f9:f0:16:5d:97:d9:88:3b:3d:31:a7:
3a:a8:d1:e6:e0:84:c0:f0:a9:5e:cb:a8:6b:fa:bb:
e2:ce:1b:99:59:17:97:a8:b0:19:55:14:1d:37:1e:
43:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0E:C1:2E:06:86:1A:48:8C:CA:F6:64:2A:C5:C5:65:8B:46:9D:A0
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/Kw7BLgaGGkiMyvZkKsXFZYtGnaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.45.245.0-103.45.246.255
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
185.139.228.0/24
185.144.156.0/22
193.168.172.0/24
193.168.175.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
2a07:3b80::/48
2a07:3b80:8::/48
Signature Algorithm: sha256WithRSAEncryption
d0:e3:24:9d:0e:2d:8a:55:1a:89:d3:2d:f2:e7:e6:f2:b6:1e:
3a:6c:e7:cb:5a:b8:e5:0c:b2:0e:02:4f:d8:7a:84:6f:60:6b:
80:25:ae:38:8b:40:12:d6:df:5a:b1:74:1d:5b:d1:19:7f:80:
a3:8d:0f:a5:34:a9:bc:2e:b8:08:51:f6:22:b9:c2:cc:b3:b8:
54:31:c5:96:7b:cc:ba:5a:12:c6:83:62:5f:0c:7c:3f:e5:38:
ed:6f:37:46:5f:1f:8b:cd:79:07:7b:56:d7:1a:99:8d:48:ed:
4a:bb:76:bf:a4:a0:c6:60:da:3c:1a:5c:a0:4a:06:9e:8e:4b:
34:85:02:86:99:85:af:0a:23:97:04:02:5c:04:5c:33:3d:a1:
51:50:7c:b3:b4:75:bb:b2:f6:ab:9c:41:b5:77:6f:4b:35:23:
21:0c:50:87:d8:03:7b:1b:df:ac:1c:d4:d1:c0:63:6b:84:3b:
3c:7c:03:01:24:89:95:66:2e:21:c9:94:ac:0d:c2:a2:ff:59:
40:84:0b:43:f3:92:d8:5d:92:d0:ef:8f:11:fe:23:92:03:b5:
ae:ab:ce:40:f7:d7:28:b7:37:2f:20:91:0b:a5:9d:28:55:f8:
3d:44:0c:62:17:a8:cb:3c:3b:f1:fc:ab:0b:60:c1:70:cd:c7:
3d:e2:b2:41
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQntjoahrMY5ivzBh/NYvIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjUwMTAyMTU1MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBlYzEyZTA2ODYxYTQ4OGNjYWY2NjQyYWM1YzU2NThiNDY5ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zOUkhVlv8yfoDpd4W3UE2dBjyTb
TVxA26kkvUmUGo9vS8vJboFVV7xTaDn11AU0aoY9hI7WFDvU/oszshUc+xscTEkU
ETg88tgCtDDvtEpK9K9roD6bj9G0sg7rqiMMnAcOYGO6M4VP41yxQD3JJteGjDFw
18bBQxCo1CYqwjRklmolXHRHIpSBceeuY4D3T7orIOrWYsP9xwdXqZEEus2osFgo
kMErD1ANf58dlOdPMtFE5FpQ/GDQ9IBS/5aKlZ+pxn4akSngYuF3ff9w+yR0/zIn
+fAWXZfZiDs9Mac6qNHm4ITA8Kley6hr+rvizhuZWReXqLAZVRQdNx5DzwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCsOwS4GhhpIjMr2ZCrFxWWLRp2gMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvS3c3QkxnYUdHa2lNeXZaa0tzWEZaWXRHbmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBQBAIAATBKAwQALVur
AwQAW8qqAwQAW9+pMAwDBABnLfUDBABnLfYDBAFn8UIDBAC5L6wDBAC5NdEDBAC5
i+QDBAK5kJwDBADBqKwDBADBqK8wMwQCAAIwLQMHACoGxcAVAAMHACoGxcAWAAMH
ACoGxcAXAAMHACoHO4AAAAMHACoHO4AACDANBgkqhkiG9w0BAQsFAAOCAQEA0OMk
nQ4tilUaidMt8ufm8rYeOmzny1q45QyyDgJP2HqEb2BrgCWuOItAEtbfWrF0HVvR
GX+Ao40PpTSpvC64CFH2IrnCzLO4VDHFlnvMuloSxoNiXwx8P+U47W83Rl8fi815
B3tW1xqZjUjtSrt2v6SgxmDaPBpcoEoGno5LNIUChpmFrwojlwQCXARcMz2hUVB8
s7R1u7L2q5xBtXdvSzUjIQxQh9gDexvfrBzU0cBja4Q7PHwDASSJlWYuIcmUrA3C
ov9ZQIQLQ/OS2F2S0O+PEf4jkgO1rqvOQPfXKLc3LyCRC6WdKFX4PUQMYheoyzw7
8fyrC2DBcM3HPeKyQQ==
-----END CERTIFICATE-----
Generated at Wed May 14 02:43:09 2025 by rpki-client