Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kBaRe7JjLw9wBvZw33KWaYpibk8.roa
File: kBaRe7JjLw9wBvZw33KWaYpibk8.roa (raw, json)
Hash identifier: 1uSQkdPBqs6CTPG39iAcotNEQR+taFSClOR1dfKEk90=
Subject key identifier: 90:16:91:7B:B2:63:2F:0F:70:06:F6:70:DF:72:96:69:8A:62:6E:4F
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 01969FA803A20B6F939CE8CF126E17C233D3
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kBaRe7JjLw9wBvZw33KWaYpibk8.roa
Signing time: Mon 05 May 2025 08:55:10 +0000
ROA not before: Mon 05 May 2025 08:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212520
IP address blocks: 217.154.247.0/24 maxlen: 24
217.154.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 09:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:a8:03:a2:0b:6f:93:9c:e8:cf:12:6e:17:c2:33:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: May 5 08:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9016917bb2632f0f7006f670df7296698a626e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b8:68:50:58:ad:5f:9c:b6:87:42:b6:6f:cb:
39:ef:3d:4b:88:cc:33:82:be:97:ee:24:82:c3:2b:
ba:4b:8d:db:17:23:4c:c5:e0:74:89:3b:64:55:1c:
14:de:07:5e:6b:8e:81:50:eb:84:58:22:37:4a:43:
d1:e5:c1:cd:25:15:82:7e:bf:9e:fc:e9:06:a2:47:
cf:8a:75:44:65:b3:fd:33:61:bf:9b:39:69:d9:94:
46:43:43:9f:e7:de:52:36:86:0f:98:9c:c7:23:7b:
8d:3e:f1:87:68:96:08:92:9c:89:d5:a9:2d:31:f4:
72:81:80:7f:06:c3:ef:01:87:95:5f:b5:c4:0e:1a:
c3:f3:19:69:0a:f6:00:73:37:28:d2:c9:13:b1:97:
3d:ef:bc:a9:42:ba:62:e9:f9:72:25:8f:b0:27:64:
83:96:fa:04:3a:8a:57:04:cd:51:ee:35:36:d9:84:
3b:d6:35:46:00:1d:61:b7:3d:65:da:25:6d:a4:9f:
fb:d4:b3:8d:75:10:91:fd:ee:21:d4:93:8a:4e:ae:
9e:01:1e:ae:46:05:6b:a7:a4:49:bd:d1:87:36:65:
04:a6:5e:5b:a5:2d:50:24:f9:3e:fe:3b:95:98:1f:
87:44:64:58:ed:04:67:dd:57:15:4b:1d:e4:e6:36:
33:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:16:91:7B:B2:63:2F:0F:70:06:F6:70:DF:72:96:69:8A:62:6E:4F
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kBaRe7JjLw9wBvZw33KWaYpibk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.154.247.0-217.154.248.255
Signature Algorithm: sha256WithRSAEncryption
79:5c:69:2c:52:b2:e7:1c:51:c1:da:25:10:82:91:c0:65:a5:
ae:da:0e:b0:11:68:fb:78:f7:e4:d6:e4:57:34:38:bc:bd:00:
85:65:d9:7b:ac:e1:d6:bd:46:6a:1b:52:63:0f:53:44:2c:bc:
f2:c7:81:9b:7b:9c:26:0f:55:b8:4f:6a:af:4b:af:e1:34:5d:
27:2b:dc:9a:d2:ae:7b:d8:9a:85:bd:b0:33:dc:07:b5:80:89:
fd:f1:2a:ec:62:47:a5:1f:79:25:ae:57:b2:72:4c:ab:b9:08:
d5:2a:41:fc:32:20:3a:31:a0:cb:4f:ed:9e:da:a9:73:a0:36:
01:19:fd:47:9d:b3:1b:55:63:38:c9:95:6b:3c:5c:0a:f2:54:
28:b1:b1:d5:48:4e:98:71:7a:1e:96:b8:38:bf:2c:5f:04:a3:
b2:4e:e7:5b:00:96:d1:9c:ef:d0:a0:bd:16:42:02:53:66:4e:
31:58:4b:0b:00:56:df:1e:bd:b0:fb:76:58:29:e0:a6:f9:71:
a9:bd:6a:96:6e:84:46:4f:98:5d:ac:47:53:06:71:17:e6:c3:
71:27:c8:37:ac:46:a3:fc:78:45:9a:ef:c9:20:bf:ad:d7:87:
fb:43:b3:70:a2:87:ca:82:f3:6e:58:a3:02:01:26:e9:ac:25:
13:57:c9:fb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZafqAOiC2+TnOjPEm4XwjPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjUwNTA1MDg1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDE2OTE3YmIyNjMyZjBmNzAwNmY2NzBkZjcyOTY2OThhNjI2ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbhoUFitX5y2h0K2b8s57z1LiMwz
gr6X7iSCwyu6S43bFyNMxeB0iTtkVRwU3gdea46BUOuEWCI3SkPR5cHNJRWCfr+e
/OkGokfPinVEZbP9M2G/mzlp2ZRGQ0Of595SNoYPmJzHI3uNPvGHaJYIkpyJ1akt
MfRygYB/BsPvAYeVX7XEDhrD8xlpCvYAczco0skTsZc977ypQrpi6flyJY+wJ2SD
lvoEOopXBM1R7jU22YQ71jVGAB1htz1l2iVtpJ/71LONdRCR/e4h1JOKTq6eAR6u
RgVrp6RJvdGHNmUEpl5bpS1QJPk+/juVmB+HRGRY7QRn3VcVSx3k5jYzCQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJAWkXuyYy8PcAb2cN9ylmmKYm5PMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEva0JhUmU3SmpMdzl3QnZadzMzS1dhWXBpYms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADZmvcD
BADZmvgwDQYJKoZIhvcNAQELBQADggEBAHlcaSxSsuccUcHaJRCCkcBlpa7aDrAR
aPt49+TW5Fc0OLy9AIVl2Xus4da9RmobUmMPU0QsvPLHgZt7nCYPVbhPaq9Lr+E0
XScr3JrSrnvYmoW9sDPcB7WAif3xKuxiR6UfeSWuV7JyTKu5CNUqQfwyIDoxoMtP
7Z7aqXOgNgEZ/UedsxtVYzjJlWs8XAryVCixsdVITphxeh6WuDi/LF8Eo7JO51sA
ltGc79CgvRZCAlNmTjFYSwsAVt8evbD7dlgp4Kb5cam9apZuhEZPmF2sR1MGcRfm
w3EnyDesRqP8eEWa78kgv63Xh/tDs3Cih8qC825YowIBJumsJRNXyfs=
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:05:06 2025 by rpki-client