Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/ltE8ovw8zwcBrqhheVcrkrzFKMA.roa
File: ltE8ovw8zwcBrqhheVcrkrzFKMA.roa (raw, json)
Hash identifier: 6vg7Th1KTk2wz/YAcLwK6X7StT8x+VRseA6zYa8Nlw4=
Subject key identifier: 96:D1:3C:A2:FC:3C:CF:07:01:AE:A8:61:79:57:2B:92:BC:C5:28:C0
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0196119835432947BCD9974A5F7BE31DD3BD
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/ltE8ovw8zwcBrqhheVcrkrzFKMA.roa
Signing time: Mon 07 Apr 2025 18:51:49 +0000
ROA not before: Mon 07 Apr 2025 18:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a0e:13c6::/32 maxlen: 32
2a0e:4346::/32 maxlen: 32
2a0e:67c6::/32 maxlen: 32
2a0f:bb05::/32 maxlen: 32
2a0f:bb06::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Apr 2025 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:98:35:43:29:47:bc:d9:97:4a:5f:7b:e3:1d:d3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 7 18:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96d13ca2fc3ccf0701aea86179572b92bcc528c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cc:21:e5:65:5f:67:5a:d6:d0:a4:44:c5:6e:
13:97:0f:c0:7a:04:01:3d:d4:7c:ae:09:66:eb:9e:
32:e5:73:37:a0:cd:c1:64:6f:a6:d1:61:7f:63:0c:
fd:38:13:5e:f7:bf:a2:ce:9b:ed:ed:c5:38:d7:6a:
e4:25:90:00:5d:87:8f:35:c0:52:90:41:45:65:39:
8b:00:4f:07:93:eb:c4:7e:58:21:6c:06:10:34:01:
00:6f:c5:b1:08:c7:64:0e:3f:bb:9e:93:de:af:33:
8a:3c:f7:1c:cb:ae:71:d2:eb:a1:9d:82:17:f8:34:
df:b3:59:8b:4d:e1:b1:02:09:e0:ee:6f:d1:9f:9a:
f5:c9:05:2d:a2:3f:6b:a1:f4:07:ec:a6:15:45:e6:
29:60:b2:4d:04:bf:5e:96:d6:65:5b:f8:4b:45:ea:
a8:7b:0c:22:40:c5:c3:cc:87:07:15:d0:63:59:8e:
b0:c2:91:9c:95:bd:21:f9:61:da:e7:68:a3:2a:4c:
1f:d9:eb:2b:96:e1:89:f6:21:e3:43:82:59:88:d9:
50:b2:a8:19:5a:23:99:5b:fe:d6:d4:00:96:2c:b1:
fc:51:fc:a5:e8:66:90:e0:f0:8f:61:6d:ad:39:bf:
82:e6:4f:3a:07:7c:a9:60:bd:9c:55:82:68:5e:2d:
43:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D1:3C:A2:FC:3C:CF:07:01:AE:A8:61:79:57:2B:92:BC:C5:28:C0
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/ltE8ovw8zwcBrqhheVcrkrzFKMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c6::/32
2a0e:4346::/32
2a0e:67c6::/32
2a0f:bb05::-2a0f:bb06:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4e:a8:ab:33:5b:73:78:8c:0c:ae:1d:87:5b:b4:91:e8:f2:17:
3a:8b:34:b3:cb:24:22:7b:6c:99:2a:86:b4:ce:c3:a2:3d:c4:
9b:33:5c:5f:45:d3:0d:62:79:f0:4b:dd:e3:55:f5:bc:ed:fb:
a2:5f:c9:a2:1c:6f:cd:15:6e:5e:c4:39:61:dd:88:9b:9a:83:
ee:95:79:72:65:08:6c:08:b4:e7:20:d5:fc:c9:09:cb:98:16:
a9:40:af:e2:4a:42:97:fe:ab:1a:80:d5:7a:4d:bb:e2:6c:e2:
10:88:9c:e0:56:39:28:35:27:82:8c:74:8a:fd:d6:ee:64:7d:
3a:11:d2:9c:28:a2:f5:06:e6:df:2e:dd:99:e6:59:4c:b6:cb:
31:c6:9e:27:1e:cf:28:f2:ce:d1:d9:04:23:7f:81:f9:cf:35:
bf:8a:ab:e0:6c:f3:41:00:a9:e0:65:11:b6:49:3c:44:41:39:
63:39:81:99:8f:af:13:61:b7:ff:8d:b1:0b:8e:08:36:9a:bb:
e2:68:52:c4:29:0c:50:11:2b:7d:b7:81:7b:fc:2f:19:9a:0b:
ab:b0:db:2a:94:ec:8f:a4:ac:ed:6d:f4:a2:19:83:33:09:4a:
33:5d:6d:c1:07:43:3d:db:ee:12:6d:de:2d:1e:bb:32:f6:4e:
f8:a5:e8:44
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZYRmDVDKUe82ZdKX3vjHdO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDA3MTg1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmQxM2NhMmZjM2NjZjA3MDFhZWE4NjE3OTU3MmI5MmJjYzUyOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcwh5WVfZ1rW0KRExW4Tlw/AegQB
PdR8rglm654y5XM3oM3BZG+m0WF/Ywz9OBNe97+izpvt7cU412rkJZAAXYePNcBS
kEFFZTmLAE8Hk+vEflghbAYQNAEAb8WxCMdkDj+7npPerzOKPPccy65x0uuhnYIX
+DTfs1mLTeGxAgng7m/Rn5r1yQUtoj9rofQH7KYVReYpYLJNBL9eltZlW/hLReqo
ewwiQMXDzIcHFdBjWY6wwpGclb0h+WHa52ijKkwf2esrluGJ9iHjQ4JZiNlQsqgZ
WiOZW/7W1ACWLLH8Ufyl6GaQ4PCPYW2tOb+C5k86B3ypYL2cVYJoXi1DhwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJbRPKL8PM8HAa6oYXlXK5K8xSjAMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvbHRFOG92dzh6d2NCcnFoaGVWY3JrcnpGS01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAKg4TxgMF
ACoOQ0YDBQAqDmfGMA4DBQAqD7sFAwUAKg+7BjANBgkqhkiG9w0BAQsFAAOCAQEA
TqirM1tzeIwMrh2HW7SR6PIXOos0s8skIntsmSqGtM7Doj3EmzNcX0XTDWJ58Evd
41X1vO37ol/JohxvzRVuXsQ5Yd2Im5qD7pV5cmUIbAi05yDV/MkJy5gWqUCv4kpC
l/6rGoDVek274mziEIic4FY5KDUngox0iv3W7mR9OhHSnCii9Qbm3y7dmeZZTLbL
McaeJx7PKPLO0dkEI3+B+c81v4qr4GzzQQCp4GURtkk8REE5YzmBmY+vE2G3/42x
C44INpq74mhSxCkMUBErfbeBe/wvGZoLq7DbKpTsj6Ss7W30ohmDMwlKM11twQdD
PdvuEm3eLR67MvZO+KXoRA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:54:38 2025 by rpki-client