Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/Kthya2AiyIXRcrpYXWtYy3bdy08.roa
File: Kthya2AiyIXRcrpYXWtYy3bdy08.roa (raw, json)
Hash identifier: YmUqtZY+mAJUhhj7UCXIclNQfm+6jSTzzKwKW7E7Lek=
Subject key identifier: 2A:D8:72:6B:60:22:C8:85:D1:72:BA:58:5D:6B:58:CB:76:DD:CB:4F
Certificate issuer: /CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Certificate serial: 0197A67E3CCEF25B048411BEBF906D279D34
Authority key identifier: B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/Kthya2AiyIXRcrpYXWtYy3bdy08.roa
Signing time: Wed 25 Jun 2025 09:49:40 +0000
ROA not before: Wed 25 Jun 2025 09:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31277
IP address blocks: 91.215.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Jun 2025 06:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:7e:3c:ce:f2:5b:04:84:11:be:bf:90:6d:27:9d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Validity
Not Before: Jun 25 09:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ad8726b6022c885d172ba585d6b58cb76ddcb4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:35:d5:1a:64:48:7f:7d:c1:f8:ad:f5:1e:1f:
78:82:27:57:4b:a0:ba:2a:ed:f2:5b:8a:40:ae:c8:
75:56:cf:ec:49:6e:14:f7:6c:34:32:46:8c:20:74:
8a:24:1a:99:fd:9d:17:1e:58:67:34:f8:7c:24:2f:
1f:03:c6:0b:5f:a0:6a:b2:00:a1:6f:a5:b8:9f:86:
39:95:ac:d0:ce:95:b1:24:27:21:71:a4:a2:e9:ad:
30:1e:f7:fe:32:a7:d8:e9:aa:ad:c3:77:ab:74:cd:
1d:f4:0f:d9:f6:07:7b:af:cd:0b:5f:3d:c7:0d:72:
4c:d5:ad:77:48:27:e4:62:5c:5b:db:55:25:ea:db:
34:13:8e:85:aa:86:52:ba:6a:c1:16:cb:24:59:f8:
b4:e9:ff:74:e7:d7:88:95:d7:76:4b:6e:0f:d4:4c:
0f:90:ac:b0:f4:68:63:db:07:9b:1c:dc:66:1d:e2:
a1:b9:41:10:b6:a9:52:eb:20:c6:00:0d:0f:c3:a6:
b1:0b:d1:12:60:c5:f3:40:45:d1:da:4d:73:dc:99:
31:71:81:01:88:26:f8:c8:9e:c9:97:51:7c:c7:eb:
95:6a:d3:3c:aa:ee:9f:10:27:17:f9:20:0a:fd:17:
2e:79:a6:f8:7c:b7:a0:eb:05:c8:14:8f:a7:81:4a:
2a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D8:72:6B:60:22:C8:85:D1:72:BA:58:5D:6B:58:CB:76:DD:CB:4F
X509v3 Authority Key Identifier:
keyid:B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/Kthya2AiyIXRcrpYXWtYy3bdy08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/uO0-vNIVX5oXihA62rSP2osidaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.200.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:34:94:85:bb:17:b8:24:e2:b4:fa:fa:11:84:b1:37:60:23:
d4:a7:35:01:b0:1a:6b:39:45:f8:b7:63:de:0f:17:d1:81:1d:
02:aa:fa:c4:3c:2f:e9:86:08:fb:50:bb:5c:6a:0c:2a:ed:b9:
ca:ca:27:d8:48:05:bb:a1:2e:00:ca:2c:45:94:15:e1:a2:c7:
ae:66:70:17:be:50:96:ee:b8:18:2e:c9:78:68:13:ad:b2:52:
da:dd:db:9b:71:e6:9c:ec:d6:b6:8a:cd:c0:07:c7:c3:5b:82:
9d:5d:3f:49:83:07:65:6d:50:c9:42:c7:04:04:dc:e4:7e:2b:
44:1d:1a:aa:cf:12:90:eb:7d:ea:a9:0e:3d:98:d5:1f:90:f0:
7a:5a:84:16:9e:fe:35:20:41:a7:ae:a9:13:5a:54:12:eb:f6:
6d:9c:79:45:2d:29:d0:f0:5a:df:20:26:fc:9d:18:48:04:ce:
a3:8f:d0:d4:1f:e1:b5:09:cd:19:4b:f8:45:65:f7:3d:de:2c:
af:38:73:cb:b0:cd:66:b6:80:c9:80:ea:ba:59:ed:85:46:03:
2e:67:fd:87:0f:16:51:cf:b2:08:40:6b:ac:39:3c:08:a3:40:
f0:63:2d:71:c6:42:f5:6d:ec:32:2a:07:52:20:27:51:10:43:
1d:1c:22:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZemfjzO8lsEhBG+v5BtJ500MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZWQzZWJjZDIxNTVmOWExNzhhMTAzYWRhYjQ4ZmRhOGIy
Mjc1YTUwHhcNMjUwNjI1MDk0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQ4NzI2YjYwMjJjODg1ZDE3MmJhNTg1ZDZiNThjYjc2ZGRjYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TXVGmRIf33B+K31Hh94gidXS6C6
Ku3yW4pArsh1Vs/sSW4U92w0MkaMIHSKJBqZ/Z0XHlhnNPh8JC8fA8YLX6BqsgCh
b6W4n4Y5lazQzpWxJCchcaSi6a0wHvf+MqfY6aqtw3erdM0d9A/Z9gd7r80LXz3H
DXJM1a13SCfkYlxb21Ul6ts0E46FqoZSumrBFsskWfi06f9059eIldd2S24P1EwP
kKyw9Ghj2webHNxmHeKhuUEQtqlS6yDGAA0Pw6axC9ESYMXzQEXR2k1z3JkxcYEB
iCb4yJ7Jl1F8x+uVatM8qu6fECcX+SAK/Rcueab4fLeg6wXIFI+ngUoqwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrYcmtgIsiF0XK6WF1rWMt23ctPMB8GA1UdIwQY
MBaAFLjtPrzSFV+aF4oQOtq0j9qLInWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMt
ZGVhMTJkZDhjN2Y0LzEvS3RoeWEyQWl5SVhSY3JwWVhXdFl5M2JkeTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMtZGVhMTJkZDhjN2Y0
LzEvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9fIMA0G
CSqGSIb3DQEBCwUAA4IBAQAMNJSFuxe4JOK0+voRhLE3YCPUpzUBsBprOUX4t2Pe
DxfRgR0CqvrEPC/phgj7ULtcagwq7bnKyifYSAW7oS4AyixFlBXhoseuZnAXvlCW
7rgYLsl4aBOtslLa3dubceac7Na2is3AB8fDW4KdXT9JgwdlbVDJQscEBNzkfitE
HRqqzxKQ633qqQ49mNUfkPB6WoQWnv41IEGnrqkTWlQS6/ZtnHlFLSnQ8FrfICb8
nRhIBM6jj9DUH+G1Cc0ZS/hFZfc93iyvOHPLsM1mtoDJgOq6We2FRgMuZ/2HDxZR
z7IIQGusOTwIo0DwYy1xxkL1bewyKgdSICdREEMdHCKa
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:44:38 2025 by rpki-client