Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/kiqS97KyIaVBU94vA_ohZpYRx2I.roa
File: kiqS97KyIaVBU94vA_ohZpYRx2I.roa (raw, json)
Hash identifier: 8yVO3rfULWPnmtp3E5+ERd/6vE4cxQPiTUpRY+L/9As=
Subject key identifier: 92:2A:92:F7:B2:B2:21:A5:41:53:DE:2F:03:FA:21:66:96:11:C7:62
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 0197404736B840EF3DAD4F0D92179F339248
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/kiqS97KyIaVBU94vA_ohZpYRx2I.roa
Signing time: Thu 05 Jun 2025 13:28:18 +0000
ROA not before: Thu 05 Jun 2025 13:28:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53813
IP address blocks: 147.161.210.0/23 maxlen: 24
164.137.185.0/24 maxlen: 24
2a03:eec0:3211::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 05 Jun 2025 13:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:47:36:b8:40:ef:3d:ad:4f:0d:92:17:9f:33:92:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Jun 5 13:28:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=922a92f7b2b221a54153de2f03fa21669611c762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:95:88:b7:28:c5:b7:75:0a:10:13:b7:1f:22:
61:da:18:8d:5c:25:53:d6:87:7f:25:f3:8e:56:e4:
dd:16:8a:0b:4a:ec:41:8c:8e:37:15:78:67:07:87:
3f:4e:a4:c0:80:7a:c9:02:41:aa:c2:b2:a4:97:d7:
4d:df:9c:8c:38:b3:58:03:a7:0d:54:0a:0e:93:53:
81:5c:4f:fb:80:58:19:82:64:69:1b:86:1d:6f:5f:
01:91:d3:6c:0c:24:8c:7c:b8:ef:fe:2c:69:31:3d:
05:c3:05:c3:38:13:78:ed:34:40:7e:b1:ed:17:57:
4b:1a:14:ae:6f:04:d3:4b:3e:35:d7:f3:15:7c:91:
c4:8d:d5:64:37:f5:59:b9:df:0a:c9:30:ee:2c:f3:
7c:95:8f:33:fe:1c:db:37:c6:6b:10:b1:1e:26:73:
80:1e:d8:2b:3f:5e:01:d8:a3:15:f8:72:57:91:be:
73:87:8b:16:0f:ce:6b:21:b8:74:51:0b:f5:2c:9c:
6c:68:54:f5:05:91:3c:8b:e5:6c:0a:07:66:aa:84:
88:cc:0c:4a:8e:fd:48:db:18:15:9f:77:65:30:5e:
16:78:ee:b6:95:65:67:d7:89:f7:92:58:a4:bb:a5:
a2:c3:f2:87:5f:2b:e1:aa:cf:fd:9a:43:28:16:88:
03:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2A:92:F7:B2:B2:21:A5:41:53:DE:2F:03:FA:21:66:96:11:C7:62
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/kiqS97KyIaVBU94vA_ohZpYRx2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.210.0/23
164.137.185.0/24
IPv6:
2a03:eec0:3211::/48
Signature Algorithm: sha256WithRSAEncryption
31:5c:9c:87:81:c5:db:49:79:34:65:26:e3:3d:ea:ac:e6:96:
17:1f:97:64:cc:2e:de:1f:99:45:f5:3d:54:b2:95:86:2e:69:
5c:97:a7:40:4e:df:c1:59:af:d1:8b:25:75:6f:bc:89:21:b3:
49:04:98:15:0f:3b:49:55:43:6d:93:aa:e0:ad:d9:54:19:21:
cb:02:57:1a:b9:48:dc:db:1f:6f:a7:da:da:fd:42:e0:f9:f9:
a5:b2:de:75:33:3f:d2:1c:ae:ab:69:4f:6d:88:9e:1f:79:11:
84:60:aa:e6:ba:51:34:a1:7a:b2:28:dc:5b:d2:3a:80:1b:6d:
fe:39:c8:30:a4:cb:31:02:de:cf:c1:e5:32:74:5e:39:8f:ec:
c4:11:71:0a:fb:e0:ea:c0:e9:d4:86:65:78:01:8b:c0:4e:d9:
85:5e:aa:f2:c3:88:b7:3c:0b:d7:0d:de:60:91:4a:da:c9:62:
8c:d5:72:71:4b:0a:85:35:8d:a1:64:68:68:df:a4:49:7a:87:
f5:02:09:1a:69:b4:25:fc:57:14:ff:08:c8:e2:e3:1b:d9:ff:
21:e3:1d:74:65:dc:b1:af:8b:21:99:2c:87:ab:ca:24:b5:d2:
84:46:9a:0e:14:bf:60:8b:29:80:ec:0e:e9:dc:78:b9:a2:ba:
00:c4:e7:9f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZdARza4QO89rU8NkhefM5JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwNjA1MTMyODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJhOTJmN2IyYjIyMWE1NDE1M2RlMmYwM2ZhMjE2Njk2MTFjNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5WItyjFt3UKEBO3HyJh2hiNXCVT
1od/JfOOVuTdFooLSuxBjI43FXhnB4c/TqTAgHrJAkGqwrKkl9dN35yMOLNYA6cN
VAoOk1OBXE/7gFgZgmRpG4Ydb18BkdNsDCSMfLjv/ixpMT0FwwXDOBN47TRAfrHt
F1dLGhSubwTTSz411/MVfJHEjdVkN/VZud8KyTDuLPN8lY8z/hzbN8ZrELEeJnOA
HtgrP14B2KMV+HJXkb5zh4sWD85rIbh0UQv1LJxsaFT1BZE8i+VsCgdmqoSIzAxK
jv1I2xgVn3dlMF4WeO62lWVn14n3kliku6Wiw/KHXyvhqs/9mkMoFogDpwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJIqkveysiGlQVPeLwP6IWaWEcdiMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEva2lxUzk3S3lJYVZCVTk0dkFfb2hacFlSeDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBk6HSAwQA
pIm5MA8EAgACMAkDBwAqA+7AMhEwDQYJKoZIhvcNAQELBQADggEBADFcnIeBxdtJ
eTRlJuM96qzmlhcfl2TMLt4fmUX1PVSylYYuaVyXp0BO38FZr9GLJXVvvIkhs0kE
mBUPO0lVQ22TquCt2VQZIcsCVxq5SNzbH2+n2tr9QuD5+aWy3nUzP9IcrqtpT22I
nh95EYRgqua6UTSherIo3FvSOoAbbf45yDCkyzEC3s/B5TJ0XjmP7MQRcQr74OrA
6dSGZXgBi8BO2YVeqvLDiLc8C9cN3mCRStrJYozVcnFLCoU1jaFkaGjfpEl6h/UC
CRpptCX8VxT/CMji4xvZ/yHjHXRl3LGviyGZLIeryiS10oRGmg4Uv2CLKYDsDunc
eLmiugDE558=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:40:40 2025 by rpki-client