Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/kw_IBTR5ukBfIe3q3g_zOwtSHkk.roa
File: kw_IBTR5ukBfIe3q3g_zOwtSHkk.roa (raw, json)
Hash identifier: VBBP9J9E4SigkmWYe3qbCwTGKapxuNFRrQBPtM0+4Ds=
Subject key identifier: 93:0F:C8:05:34:79:BA:40:5F:21:ED:EA:DE:0F:F3:3B:0B:52:1E:49
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01940472C97D60877E5D2BCA0AD80116FBC2
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/kw_IBTR5ukBfIe3q3g_zOwtSHkk.roa
Signing time: Thu 26 Dec 2024 19:30:19 +0000
ROA not before: Thu 26 Dec 2024 19:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202952
IP address blocks: 2a0e:8f02:21e0::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:04:72:c9:7d:60:87:7e:5d:2b:ca:0a:d8:01:16:fb:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Dec 26 19:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=930fc8053479ba405f21edeade0ff33b0b521e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:02:c9:ce:20:f7:cc:f1:95:35:22:f8:b1:38:
a2:f7:e0:a8:88:42:cf:73:07:15:ef:39:fd:a1:a1:
00:f0:e4:b7:4b:dc:57:37:af:7e:8f:7e:d9:06:76:
be:75:50:dc:5a:ca:15:6d:e0:cc:8a:d0:5c:da:61:
01:3b:10:df:4b:8d:e7:5a:d4:7a:21:88:b5:d6:dc:
80:2f:c2:05:3f:3a:b5:a8:a1:3d:0f:58:30:4b:a9:
da:3f:1b:78:b2:93:ed:91:6e:f2:b4:d7:89:3b:0a:
f5:ce:2d:72:4f:bb:38:ea:9d:59:99:ad:87:b7:59:
82:95:43:24:29:a2:53:49:13:26:d3:a1:a5:47:81:
4c:9b:ac:90:bb:f0:6c:35:a0:61:c9:88:6c:3d:60:
db:62:9b:74:16:48:5e:b7:b4:8f:38:80:e2:d0:35:
0f:62:59:dc:eb:2d:0c:c4:8f:f7:90:f1:25:70:da:
cd:15:0d:bd:95:55:d9:10:66:18:2e:ea:01:6c:80:
b1:37:43:4a:19:a3:fe:b8:96:22:b3:1f:04:1b:ff:
18:0c:c3:31:a9:46:e5:70:b0:3e:70:92:7b:3e:8a:
e5:54:7b:fc:e5:5d:64:b5:b4:ef:57:ec:33:e5:20:
5b:b8:2d:bb:5d:a6:de:31:ab:9b:13:c7:48:3e:25:
db:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0F:C8:05:34:79:BA:40:5F:21:ED:EA:DE:0F:F3:3B:0B:52:1E:49
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/kw_IBTR5ukBfIe3q3g_zOwtSHkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:21e0::/44
Signature Algorithm: sha256WithRSAEncryption
0c:e0:07:cd:9d:a7:62:7f:39:3c:00:2c:11:3a:2c:00:94:59:
54:c0:a1:b3:78:9a:33:fd:5c:18:06:f7:1f:aa:76:37:12:7a:
61:59:b9:e5:6d:4c:34:a0:61:c7:28:df:24:b2:a5:db:13:da:
ad:f3:dd:bf:6d:76:73:77:06:e1:24:dd:a6:6d:7a:bf:30:a5:
9c:83:3f:07:96:6d:5c:10:94:24:3e:da:a5:82:bc:ee:d8:14:
a3:07:69:5f:91:bc:c0:68:b4:7d:35:5f:ed:27:20:fd:76:76:
89:ec:59:a4:87:36:11:00:5f:86:cc:75:33:c2:1b:98:56:63:
c4:90:9c:6a:ec:70:56:0c:c3:7b:70:0f:cf:1b:01:39:4e:22:
a0:70:19:16:da:90:54:04:3c:c9:04:08:21:39:57:47:ad:42:
ae:c4:b7:80:cb:46:72:4b:36:72:3f:c3:10:7d:f9:d4:6d:f2:
e9:f8:1c:f0:95:38:42:23:51:1a:6d:4b:2e:d9:e1:69:e0:76:
7e:64:75:4c:2b:2a:d8:c6:d9:7e:07:50:87:26:a8:ba:b1:f7:
3e:87:24:d3:0a:95:fc:2b:8b:c9:77:44:91:e9:74:8f:10:b9:
fe:e1:4c:54:bb:e7:50:d2:2f:ab:e3:6c:6c:c1:17:af:41:15:
95:a6:00:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQEcsl9YId+XSvKCtgBFvvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQxMjI2MTkzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzBmYzgwNTM0NzliYTQwNWYyMWVkZWFkZTBmZjMzYjBiNTIxZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8QLJziD3zPGVNSL4sTii9+CoiELP
cwcV7zn9oaEA8OS3S9xXN69+j37ZBna+dVDcWsoVbeDMitBc2mEBOxDfS43nWtR6
IYi11tyAL8IFPzq1qKE9D1gwS6naPxt4spPtkW7ytNeJOwr1zi1yT7s46p1Zma2H
t1mClUMkKaJTSRMm06GlR4FMm6yQu/BsNaBhyYhsPWDbYpt0Fkhet7SPOIDi0DUP
Ylnc6y0MxI/3kPElcNrNFQ29lVXZEGYYLuoBbICxN0NKGaP+uJYisx8EG/8YDMMx
qUblcLA+cJJ7PorlVHv85V1ktbTvV+wz5SBbuC27XabeMaubE8dIPiXb9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJMPyAU0ebpAXyHt6t4P8zsLUh5JMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEva3dfSUJUUjV1a0JmSWUzcTNnX3pPd3RTSGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiHg
MA0GCSqGSIb3DQEBCwUAA4IBAQAM4AfNnadifzk8ACwROiwAlFlUwKGzeJoz/VwY
BvcfqnY3EnphWbnlbUw0oGHHKN8ksqXbE9qt892/bXZzdwbhJN2mbXq/MKWcgz8H
lm1cEJQkPtqlgrzu2BSjB2lfkbzAaLR9NV/tJyD9dnaJ7FmkhzYRAF+GzHUzwhuY
VmPEkJxq7HBWDMN7cA/PGwE5TiKgcBkW2pBUBDzJBAghOVdHrUKuxLeAy0ZySzZy
P8MQffnUbfLp+BzwlThCI1EabUsu2eFp4HZ+ZHVMKyrYxtl+B1CHJqi6sfc+hyTT
CpX8K4vJd0SR6XSPELn+4UxUu+dQ0i+r42xswRevQRWVpgCm
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:50 2025 by rpki-client