Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/KUK81I1y7LqEecJut97eGKzP4zA.roa
File: KUK81I1y7LqEecJut97eGKzP4zA.roa (raw, json)
Hash identifier: ZuVYwtahjlI06yc3ZITkhOwtNXd5C44eiPqRsVjzCLA=
Subject key identifier: 29:42:BC:D4:8D:72:EC:BA:84:79:C2:6E:B7:DE:DE:18:AC:CF:E3:30
Certificate issuer: /CN=768feeb6a90a86acf11871e4e578a2ea7ec281d9
Certificate serial: 0196485594846BD75254600D5B278FD170C0
Authority key identifier: 76:8F:EE:B6:A9:0A:86:AC:F1:18:71:E4:E5:78:A2:EA:7E:C2:81:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/KUK81I1y7LqEecJut97eGKzP4zA.roa
Signing time: Fri 18 Apr 2025 09:58:10 +0000
ROA not before: Fri 18 Apr 2025 09:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8893
IP address blocks: 2a02:d6a0::/30 maxlen: 30
Validation: Failed, certificate revoked on Fri 18 Apr 2025 13:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:55:94:84:6b:d7:52:54:60:0d:5b:27:8f:d1:70:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=768feeb6a90a86acf11871e4e578a2ea7ec281d9
Validity
Not Before: Apr 18 09:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2942bcd48d72ecba8479c26eb7dede18accfe330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:83:58:89:85:9d:0f:a3:98:11:11:1b:9a:6c:
38:40:4f:8c:17:d0:1f:00:a0:6a:6d:eb:8f:ce:98:
09:f4:9a:96:9f:9e:d1:6e:61:be:be:e7:b7:81:ac:
bf:ae:28:16:fb:fa:b9:34:df:6f:3b:16:e8:14:25:
34:96:e0:c2:1a:6e:fa:bc:5b:47:a2:9d:56:81:03:
19:2f:0b:d1:fb:58:ba:2d:f7:87:a3:0d:14:a6:da:
2d:b1:2b:e3:d1:5c:6b:94:90:0a:56:ab:73:36:4b:
c2:af:f9:65:1e:0c:b0:ef:bb:ae:83:81:0e:8e:12:
8e:0b:ca:f8:bf:d4:15:08:c3:26:ec:0a:71:d9:5a:
79:3b:ab:12:71:86:ec:89:9f:da:47:9f:fe:e6:ab:
6c:bd:ce:eb:a9:17:54:c8:04:5b:dd:46:f5:39:72:
8a:5b:1d:9b:2b:ab:b8:4c:26:90:9f:93:ef:df:ce:
b6:83:69:d5:ff:73:03:31:1e:57:c7:b2:e4:fb:4b:
e3:f5:b8:b7:dc:be:8a:75:29:df:e2:f6:0a:c3:f2:
94:f8:2a:4b:21:26:1e:57:94:b8:36:2c:c9:4e:f6:
5f:1b:36:c3:80:09:f4:d2:d3:84:ec:a7:a1:c1:f5:
c3:fa:a5:e5:65:de:53:2f:88:9c:b4:ef:8c:ee:63:
11:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:42:BC:D4:8D:72:EC:BA:84:79:C2:6E:B7:DE:DE:18:AC:CF:E3:30
X509v3 Authority Key Identifier:
keyid:76:8F:EE:B6:A9:0A:86:AC:F1:18:71:E4:E5:78:A2:EA:7E:C2:81:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/KUK81I1y7LqEecJut97eGKzP4zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d6a0::/30
Signature Algorithm: sha256WithRSAEncryption
b3:14:99:6e:ab:c6:82:10:95:d8:38:4d:04:5a:0e:54:fe:c9:
f1:62:38:0a:f0:54:d0:a4:67:81:bf:e3:1f:ba:3b:f6:ed:2f:
6d:fe:19:74:61:e3:36:ab:97:64:84:e9:c1:b6:8f:7a:2f:4e:
c9:55:10:29:d9:92:4e:0d:3b:0c:d1:b5:40:d6:34:fb:d1:fe:
d9:a1:98:a0:c3:8c:c5:88:85:89:12:91:d7:a0:78:1a:0c:57:
60:60:7c:4c:6b:00:0c:ef:84:ef:85:2c:d2:28:61:84:76:e3:
6b:55:82:df:0d:92:f8:19:37:69:ae:aa:5f:9b:21:a0:28:ec:
f8:bb:5e:ba:f2:2c:ce:d6:04:12:aa:25:ea:0f:d0:34:0a:34:
62:4e:f0:0e:cc:fd:ba:f2:48:72:ad:82:d3:b0:df:26:b6:b5:
0e:2a:1f:b6:a0:4a:f5:a7:e7:a9:49:ac:e2:06:08:50:c8:17:
35:21:91:b6:1b:bb:df:c3:06:bb:da:52:cf:7c:35:b7:f7:a6:
29:e6:ba:c4:80:ce:b8:21:83:22:d5:4e:38:82:22:31:de:ce:
10:fe:b6:1c:90:e1:5f:17:29:e6:2d:bf:4e:dd:d1:80:1e:2e:
32:02:bd:71:cc:45:70:4a:c0:7a:af:ea:01:c3:a3:3b:c0:e0:
be:3b:c4:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZIVZSEa9dSVGANWyeP0XDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGZlZWI2YTkwYTg2YWNmMTE4NzFlNGU1NzhhMmVhN2Vj
MjgxZDkwHhcNMjUwNDE4MDk1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQyYmNkNDhkNzJlY2JhODQ3OWMyNmViN2RlZGUxOGFjY2ZlMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroNYiYWdD6OYEREbmmw4QE+MF9Af
AKBqbeuPzpgJ9JqWn57RbmG+vue3gay/rigW+/q5NN9vOxboFCU0luDCGm76vFtH
op1WgQMZLwvR+1i6LfeHow0UptotsSvj0VxrlJAKVqtzNkvCr/llHgyw77uug4EO
jhKOC8r4v9QVCMMm7Apx2Vp5O6sScYbsiZ/aR5/+5qtsvc7rqRdUyARb3Ub1OXKK
Wx2bK6u4TCaQn5Pv3862g2nV/3MDMR5Xx7Lk+0vj9bi33L6KdSnf4vYKw/KU+CpL
ISYeV5S4NizJTvZfGzbDgAn00tOE7KehwfXD+qXlZd5TL4ictO+M7mMR+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFClCvNSNcuy6hHnCbrfe3hisz+MwMB8GA1UdIwQY
MBaAFHaP7rapCoas8Rhx5OV4oup+woHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG9fdXRxa0tocXp4R0hIazVYaWk2bjdDZ2RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY2M2EtZWFmMS00YTg5LTgwNGMt
MGMxZjRkMzM3ODNlLzEvS1VLODFJMXk3THFFZWNKdXQ5N2VHS3pQNHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY2M2EtZWFmMS00YTg5LTgwNGMtMGMxZjRkMzM3ODNl
LzEvZG9fdXRxa0tocXp4R0hIazVYaWk2bjdDZ2RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgLWoDAN
BgkqhkiG9w0BAQsFAAOCAQEAsxSZbqvGghCV2DhNBFoOVP7J8WI4CvBU0KRngb/j
H7o79u0vbf4ZdGHjNquXZITpwbaPei9OyVUQKdmSTg07DNG1QNY0+9H+2aGYoMOM
xYiFiRKR16B4GgxXYGB8TGsADO+E74Us0ihhhHbja1WC3w2S+Bk3aa6qX5shoCjs
+LteuvIsztYEEqol6g/QNAo0Yk7wDsz9uvJIcq2C07DfJra1DioftqBK9afnqUms
4gYIUMgXNSGRthu738MGu9pSz3w1t/emKea6xIDOuCGDItVOOIIiMd7OEP62HJDh
Xxcp5i2/Tt3RgB4uMgK9ccxFcErAeq/qAcOjO8DgvjvEOw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:42:18 2025 by rpki-client