Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/KXZngrbWDQljvVxTeX2w356Rt6s.roa
File: KXZngrbWDQljvVxTeX2w356Rt6s.roa (raw, json)
Hash identifier: c5OmB80c6ikvSmlTZ8SqDENO6BFdTU275vqs4tYiMwc=
Subject key identifier: 29:76:67:82:B6:D6:0D:09:63:BD:5C:53:79:7D:B0:DF:9E:91:B7:AB
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 0194ACEC2C87C519F04D7FD656D25BBF68F0
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/KXZngrbWDQljvVxTeX2w356Rt6s.roa
Signing time: Tue 28 Jan 2025 12:39:06 +0000
ROA not before: Tue 28 Jan 2025 12:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 5.250.176.0/20 maxlen: 24
46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
85.184.248.0/22 maxlen: 24
87.106.0.0/16 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.104.0/24 maxlen: 32
157.97.105.0/24 maxlen: 32
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
194.164.4.0/22 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.164.88.0/21 maxlen: 24
194.164.120.0/21 maxlen: 24
194.164.160.0/20 maxlen: 24
194.164.192.0/20 maxlen: 24
195.20.224.0/19 maxlen: 24
212.132.64.0/18 maxlen: 24
212.227.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
213.244.192.0/24 maxlen: 24
217.72.192.0/20 maxlen: 24
217.154.64.0/21 maxlen: 24
217.154.74.0/23 maxlen: 24
217.154.76.0/22 maxlen: 24
217.154.80.0/21 maxlen: 24
217.154.88.0/23 maxlen: 24
217.154.91.0/24 maxlen: 24
217.160.0.0/16 maxlen: 24
217.160.124.0/23 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Jan 2025 14:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:ec:2c:87:c5:19:f0:4d:7f:d6:56:d2:5b:bf:68:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Jan 28 12:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29766782b6d60d0963bd5c53797db0df9e91b7ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c6:3c:3f:40:ef:25:af:c9:36:df:15:95:ae:
22:dc:2b:13:37:2d:e2:47:6d:e0:4c:b7:bf:ae:cc:
26:7b:0c:f2:d1:2d:d0:3f:30:32:17:b2:d1:55:e6:
40:b8:ab:0a:21:a7:e4:24:41:41:36:55:f1:f6:c5:
c0:21:09:8f:38:fd:94:03:f6:5b:ce:ee:81:37:90:
ce:bb:fc:1c:74:b5:a5:b8:bd:cd:f1:28:d9:d3:4f:
28:bd:e4:1c:36:42:c1:44:13:3e:e6:64:55:30:29:
e2:30:96:d5:77:74:2d:41:57:68:3f:3d:dc:90:72:
f4:03:46:00:42:4d:82:e8:38:c0:90:00:12:ba:05:
18:c4:98:01:b8:6c:24:27:31:e2:e4:cb:7d:f9:da:
fc:7c:3c:d6:b1:af:89:bf:6a:d4:40:2d:ef:65:39:
3d:11:cd:28:de:53:cd:24:ae:6a:8e:f8:a1:b3:44:
a3:5a:db:eb:11:25:e8:ad:b5:94:44:5e:f9:e8:11:
9f:0f:1b:2c:23:df:3f:00:f8:e8:70:71:0e:d7:18:
4a:1b:16:43:95:8d:67:53:b0:b6:30:6c:6d:26:34:
32:a6:a6:a9:fc:4c:7a:2a:c9:3a:55:97:c4:e3:60:
a7:fb:5d:e8:86:6d:e6:47:e3:22:91:6e:d7:0c:5c:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:76:67:82:B6:D6:0D:09:63:BD:5C:53:79:7D:B0:DF:9E:91:B7:AB
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/KXZngrbWDQljvVxTeX2w356Rt6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.154.64.0/21
217.154.74.0-217.154.89.255
217.154.91.0/24
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
b2:c4:5e:85:ae:ea:da:32:a5:14:7a:81:5d:c5:54:88:63:56:
5d:d6:fe:82:6c:5d:e7:70:a9:c1:a0:47:86:b1:dc:84:0f:d6:
5b:00:79:cc:42:ea:bf:62:ac:75:89:52:07:9d:7d:af:43:44:
54:02:17:aa:ca:b9:32:61:1f:1c:b7:84:ae:d1:b5:59:d0:41:
81:25:73:d6:59:de:4a:5d:0a:51:3b:66:f9:83:65:ee:8a:e8:
f2:11:77:c4:41:66:13:8f:e8:af:a5:75:77:75:ac:60:20:e8:
2d:50:74:f8:10:39:dd:5a:34:d1:62:0b:d9:b3:1e:e9:04:5a:
39:e6:51:bc:5d:a6:8c:af:95:ed:b1:7f:27:47:f9:bd:9e:26:
f1:c2:9a:7e:fa:8f:d0:46:9e:1c:d4:20:7a:d1:cc:33:8c:6f:
eb:22:40:db:8a:0e:18:29:ad:b4:b4:f1:50:5b:d2:ff:5e:b7:
2d:b8:99:5c:dd:31:cc:ee:57:18:83:13:97:30:64:01:25:0a:
b5:3a:16:42:47:c5:fc:10:73:d2:03:5d:e8:3b:b6:c7:e7:14:
ba:88:2c:6c:79:14:35:81:d2:db:fd:eb:34:83:0d:95:c4:c8:
e0:de:01:3c:82:76:39:36:af:8e:b3:5d:db:aa:7f:a5:1f:13:
5d:25:a6:f4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZSs7CyHxRnwTX/WVtJbv2jwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjUwMTI4MTIzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc2Njc4MmI2ZDYwZDA5NjNiZDVjNTM3OTdkYjBkZjllOTFiN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcY8P0DvJa/JNt8Vla4i3CsTNy3i
R23gTLe/rswmewzy0S3QPzAyF7LRVeZAuKsKIafkJEFBNlXx9sXAIQmPOP2UA/Zb
zu6BN5DOu/wcdLWluL3N8SjZ008oveQcNkLBRBM+5mRVMCniMJbVd3QtQVdoPz3c
kHL0A0YAQk2C6DjAkAASugUYxJgBuGwkJzHi5Mt9+dr8fDzWsa+Jv2rUQC3vZTk9
Ec0o3lPNJK5qjvihs0SjWtvrESXorbWURF756BGfDxssI98/APjocHEO1xhKGxZD
lY1nU7C2MGxtJjQypqap/Ex6Ksk6VZfE42Cn+13ohm3mR+MikW7XDFxS9QIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFCl2Z4K21g0JY71cU3l9sN+ekberMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvS1habmdyYldEUWxqdlZ4VGVYMnczNTZSdDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBtQQCAAEwga4DBAQF
+rADBAMuEEgDBANOiWADBAJRrXADAwBSpQMEAlW4+AMDAFdqAwQDnWFoAwQCuTB0
AwQAwn7OMAwDBALCpAQDBALCpAgDBATCpBADBATCpDADBAPCpFgDBAPCpHgDBATC
pKADBATCpMADBAXDFOADBAbUhEADAwDU4wMEBdWlQAMEANX0wAMEBNlIwAMEA9ma
QDAMAwQB2ZpKAwQB2ZpYAwQA2ZpbAwMA2aAwFAQCAAIwDgMFACABCNgDBQMqAiR4
MA0GCSqGSIb3DQEBCwUAA4IBAQCyxF6FruraMqUUeoFdxVSIY1Zd1v6CbF3ncKnB
oEeGsdyED9ZbAHnMQuq/Yqx1iVIHnX2vQ0RUAheqyrkyYR8ct4Su0bVZ0EGBJXPW
Wd5KXQpRO2b5g2XuiujyEXfEQWYTj+ivpXV3daxgIOgtUHT4EDndWjTRYgvZsx7p
BFo55lG8XaaMr5XtsX8nR/m9nibxwpp++o/QRp4c1CB60cwzjG/rIkDbig4YKa20
tPFQW9L/XrctuJlc3THM7lcYgxOXMGQBJQq1OhZCR8X8EHPSA13oO7bH5xS6iCxs
eRQ1gdLb/es0gw2VxMjg3gE8gnY5Nq+Os13bqn+lHxNdJab0
-----END CERTIFICATE-----
Generated at Tue May 6 08:28:59 2025 by rpki-client