Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/KGTKMfZhM9KUO6K4Z_lXoh7-hbs.roa
File: KGTKMfZhM9KUO6K4Z_lXoh7-hbs.roa (raw, json)
Hash identifier: rqAFRGwdWQVhCtrehwgpK1I73TPYxs81YSgqa69cuWE=
Subject key identifier: 28:64:CA:31:F6:61:33:D2:94:3B:A2:B8:67:F9:57:A2:1E:FE:85:BB
Certificate issuer: /CN=58e02f2ca81ab802939530156e9631b18f515840
Certificate serial: 0196014214A7E27F50394E1E88352500DE00
Authority key identifier: 58:E0:2F:2C:A8:1A:B8:02:93:95:30:15:6E:96:31:B1:8F:51:58:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WOAvLKgauAKTlTAVbpYxsY9RWEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/KGTKMfZhM9KUO6K4Z_lXoh7-hbs.roa
Signing time: Fri 04 Apr 2025 14:43:50 +0000
ROA not before: Fri 04 Apr 2025 14:43:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44925
IP address blocks: 195.246.230.0/23 maxlen: 23
2a00:5ee0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 04 Apr 2025 15:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:01:42:14:a7:e2:7f:50:39:4e:1e:88:35:25:00:de:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58e02f2ca81ab802939530156e9631b18f515840
Validity
Not Before: Apr 4 14:43:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2864ca31f66133d2943ba2b867f957a21efe85bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:15:d5:8c:fa:3e:43:34:bc:e9:3c:ab:0e:72:
35:7d:27:75:ae:4c:cd:59:94:64:8b:66:a2:f7:c8:
13:5c:48:dd:18:f3:b0:da:57:b7:cd:22:8d:ff:aa:
eb:d7:a9:58:b3:57:b5:9a:a7:f7:54:4c:5e:e6:51:
66:c7:c8:1c:4c:2c:65:24:fd:c4:06:5c:05:3a:b6:
09:f1:80:70:40:94:e3:58:46:3f:82:8c:6d:c8:f1:
37:12:61:59:a7:16:9f:76:4b:9d:f9:d0:aa:08:aa:
d0:39:d6:2b:90:2b:35:5a:ae:4e:42:e4:7e:df:fc:
de:6a:03:43:3f:bf:96:c3:1d:cf:30:71:51:a9:d4:
66:2f:7d:a3:ab:7f:36:34:39:c1:74:ee:73:b8:cf:
36:12:86:b1:2f:89:89:2b:6e:21:7f:82:7a:c1:6b:
c5:d0:fb:4f:7c:78:31:bb:74:c1:cb:0e:40:76:c7:
87:1f:f4:1a:40:7c:1d:6c:f3:90:cf:96:87:24:c5:
1a:7b:64:99:57:52:4a:73:ca:2d:5a:9d:9e:7a:dd:
5a:98:3a:6e:b9:71:48:43:70:4b:f1:88:38:7a:9b:
8b:66:e0:67:2c:07:33:f3:6e:57:cd:ae:00:ed:cb:
f5:ec:c4:ee:2e:52:9b:3d:78:f2:84:8c:fc:65:54:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:64:CA:31:F6:61:33:D2:94:3B:A2:B8:67:F9:57:A2:1E:FE:85:BB
X509v3 Authority Key Identifier:
keyid:58:E0:2F:2C:A8:1A:B8:02:93:95:30:15:6E:96:31:B1:8F:51:58:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WOAvLKgauAKTlTAVbpYxsY9RWEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/KGTKMfZhM9KUO6K4Z_lXoh7-hbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9f8728-335e-4f7b-a1dc-d48d13a4de38/1/WOAvLKgauAKTlTAVbpYxsY9RWEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.230.0/23
IPv6:
2a00:5ee0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:59:c5:92:08:89:cd:62:17:d8:df:3c:1f:a5:13:98:ae:db:
4f:71:11:1e:ac:5a:04:ac:77:27:86:76:77:05:77:d7:5b:aa:
b2:86:fe:75:34:e7:db:b8:d0:a3:a5:85:cc:da:22:8b:7e:4c:
55:bb:3c:17:71:35:98:56:69:04:1f:1e:3b:c4:ab:84:dd:28:
31:32:d6:95:b7:37:0c:50:29:7b:65:d5:9a:84:60:b8:93:8d:
3d:2d:d8:8d:fb:49:49:48:2f:6d:9f:fe:d7:cf:7f:e0:17:1d:
3c:22:4d:2e:80:13:a4:8b:ab:a9:b1:c1:d7:0e:3f:a2:06:e4:
e9:e1:84:91:e0:6d:e6:90:42:c5:d1:a9:22:2a:65:a1:10:c6:
f6:5c:17:47:7c:9b:28:cc:b9:7b:ea:81:83:a6:19:2d:32:01:
d3:86:17:f6:59:b3:7d:70:88:ad:a3:93:65:c6:86:a9:54:2e:
0b:94:dd:69:07:94:d1:53:81:1a:56:15:46:53:a7:a2:e8:74:
9d:e6:54:da:ad:62:c1:f5:53:e1:5c:d5:39:5b:82:62:5d:3c:
63:d7:aa:6d:a7:91:7d:10:d5:fc:d7:a1:7b:c7:0a:14:7d:a6:
60:1f:4e:35:d1:e1:8a:72:c1:20:1d:38:76:d6:01:bd:7b:6c:
f2:8a:7c:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZYBQhSn4n9QOU4eiDUlAN4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZTAyZjJjYTgxYWI4MDI5Mzk1MzAxNTZlOTYzMWIxOGY1
MTU4NDAwHhcNMjUwNDA0MTQ0MzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY0Y2EzMWY2NjEzM2QyOTQzYmEyYjg2N2Y5NTdhMjFlZmU4NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBXVjPo+QzS86TyrDnI1fSd1rkzN
WZRki2ai98gTXEjdGPOw2le3zSKN/6rr16lYs1e1mqf3VExe5lFmx8gcTCxlJP3E
BlwFOrYJ8YBwQJTjWEY/goxtyPE3EmFZpxafdkud+dCqCKrQOdYrkCs1Wq5OQuR+
3/zeagNDP7+Wwx3PMHFRqdRmL32jq382NDnBdO5zuM82EoaxL4mJK24hf4J6wWvF
0PtPfHgxu3TByw5AdseHH/QaQHwdbPOQz5aHJMUae2SZV1JKc8otWp2eet1amDpu
uXFIQ3BL8Yg4epuLZuBnLAcz825Xza4A7cv17MTuLlKbPXjyhIz8ZVT/3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFChkyjH2YTPSlDuiuGf5V6Ie/oW7MB8GA1UdIwQY
MBaAFFjgLyyoGrgCk5UwFW6WMbGPUVhAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV09BdkxLZ2F1QUtUbFRBVmJwWXhzWTlSV0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85Zjg3MjgtMzM1ZS00ZjdiLWExZGMt
ZDQ4ZDEzYTRkZTM4LzEvS0dUS01mWmhNOUtVTzZLNFpfbFhvaDctaGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85Zjg3MjgtMzM1ZS00ZjdiLWExZGMtZDQ4ZDEzYTRkZTM4
LzEvV09BdkxLZ2F1QUtUbFRBVmJwWXhzWTlSV0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw/bmMA0E
AgACMAcDBQAqAF7gMA0GCSqGSIb3DQEBCwUAA4IBAQAeWcWSCInNYhfY3zwfpROY
rttPcREerFoErHcnhnZ3BXfXW6qyhv51NOfbuNCjpYXM2iKLfkxVuzwXcTWYVmkE
Hx47xKuE3SgxMtaVtzcMUCl7ZdWahGC4k409LdiN+0lJSC9tn/7Xz3/gFx08Ik0u
gBOki6upscHXDj+iBuTp4YSR4G3mkELF0akiKmWhEMb2XBdHfJsozLl76oGDphkt
MgHThhf2WbN9cIito5NlxoapVC4LlN1pB5TRU4EaVhVGU6ei6HSd5lTarWLB9VPh
XNU5W4JiXTxj16ptp5F9ENX816F7xwoUfaZgH0410eGKcsEgHTh21gG9e2zyinzL
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:02:16 2025 by rpki-client