Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/P_KYBVjFpmdfefJXCJM7Nt2x5Yc.roa
File: P_KYBVjFpmdfefJXCJM7Nt2x5Yc.roa (raw, json)
Hash identifier: ykA7NYithew4DQ2bpX62G17ZUI5RlB2B1C51KmGbH3c=
Subject key identifier: 3F:F2:98:05:58:C5:A6:67:5F:79:F2:57:08:93:3B:36:DD:B1:E5:87
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01957F72BB7DE55C9C49A8D73CC6C1FD6F0F
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/P_KYBVjFpmdfefJXCJM7Nt2x5Yc.roa
Signing time: Mon 10 Mar 2025 09:46:20 +0000
ROA not before: Mon 10 Mar 2025 09:46:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a0e:4bc4::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 14 Mar 2025 17:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:72:bb:7d:e5:5c:9c:49:a8:d7:3c:c6:c1:fd:6f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Mar 10 09:46:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ff2980558c5a6675f79f25708933b36ddb1e587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:97:c9:ff:53:0b:08:23:e7:f3:89:35:7b:bf:
bd:8f:53:c0:7f:44:ac:4e:ca:6f:10:7d:26:f3:8b:
30:7f:c8:8f:f2:1c:bc:c9:2b:ec:7e:b9:89:7a:83:
80:87:0d:dc:6f:ae:6c:a8:84:15:45:d3:81:53:f6:
a5:6d:04:dc:36:10:7b:7c:94:f6:b2:94:26:32:7e:
ae:4a:f2:de:73:42:17:87:2d:02:46:cb:d0:5c:c2:
35:ba:80:2d:fc:ac:fc:c8:17:16:cc:73:21:44:f4:
d6:d5:50:28:02:24:97:94:f2:4b:81:77:6c:19:31:
82:71:86:61:81:9f:79:60:64:80:6c:6b:ed:ab:c7:
76:51:4a:92:7b:2c:8b:32:dd:63:cf:20:9e:83:fd:
3e:d3:31:b2:b9:58:d1:a0:0b:44:b6:1d:99:d9:59:
9e:e6:2b:29:60:94:3b:2c:e8:21:1c:52:4c:76:d0:
f3:b1:28:a8:dc:51:e0:82:dd:d9:6d:83:15:c1:06:
2a:68:26:6d:18:1b:a2:c3:e9:74:ba:c2:15:3a:66:
ff:0d:63:6f:c2:9b:5b:3b:c9:16:32:ea:92:4a:82:
40:b1:98:ac:6c:0f:ce:db:54:b3:90:07:35:1e:76:
4a:59:cb:ae:f3:00:cf:8e:ba:50:e7:18:88:e3:2e:
b2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F2:98:05:58:C5:A6:67:5F:79:F2:57:08:93:3B:36:DD:B1:E5:87
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/P_KYBVjFpmdfefJXCJM7Nt2x5Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc4::/32
Signature Algorithm: sha256WithRSAEncryption
55:5c:cc:27:21:d9:60:a0:35:c7:5d:a1:a2:e8:e4:bf:c5:36:
7b:bc:54:b3:78:0f:f0:d3:d8:f3:7b:13:a1:db:30:f7:00:92:
9d:de:7f:35:72:0f:27:71:2d:ba:9c:34:6d:e0:ee:d9:ca:5f:
dc:8b:52:30:f5:e3:ca:1b:73:80:5d:e0:67:e6:e6:4e:13:c5:
b4:44:cf:44:84:c5:ab:7c:08:9d:0b:16:1a:8f:d4:7d:c1:7a:
d5:ee:ba:f4:43:2e:74:d7:64:70:ac:55:52:e5:72:37:d8:ec:
d3:df:2d:3a:6e:72:a3:c1:83:35:d6:96:a0:0e:a6:3a:f0:8f:
a2:68:df:73:57:e0:5e:20:e9:2c:ef:b5:bc:de:51:c8:69:b1:
ba:f8:44:56:ce:f1:1b:d1:8b:7d:8c:90:c7:c3:50:65:d1:88:
21:3d:33:98:a1:5e:11:d6:72:98:56:ce:c9:9a:c0:b4:ce:d8:
47:0f:32:dc:b2:80:63:e1:98:5a:68:0f:80:74:5d:74:4f:7f:
c5:20:c1:2c:0c:b7:48:81:f2:f0:88:8a:a7:f8:88:cc:9f:4a:
58:f5:b4:e6:ff:4e:7f:11:77:da:82:b4:a7:ac:5c:24:33:22:
9b:a1:58:76:75:c5:89:2c:13:43:2d:82:d9:0f:18:23:e6:63:
6b:aa:08:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZV/crt95VycSajXPMbB/W8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMzEwMDk0NjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmYyOTgwNTU4YzVhNjY3NWY3OWYyNTcwODkzM2IzNmRkYjFlNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZfJ/1MLCCPn84k1e7+9j1PAf0Ss
TspvEH0m84swf8iP8hy8ySvsfrmJeoOAhw3cb65sqIQVRdOBU/albQTcNhB7fJT2
spQmMn6uSvLec0IXhy0CRsvQXMI1uoAt/Kz8yBcWzHMhRPTW1VAoAiSXlPJLgXds
GTGCcYZhgZ95YGSAbGvtq8d2UUqSeyyLMt1jzyCeg/0+0zGyuVjRoAtEth2Z2Vme
5ispYJQ7LOghHFJMdtDzsSio3FHggt3ZbYMVwQYqaCZtGBuiw+l0usIVOmb/DWNv
wptbO8kWMuqSSoJAsZisbA/O21SzkAc1HnZKWcuu8wDPjrpQ5xiI4y6yJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD/ymAVYxaZnX3nyVwiTOzbdseWHMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvUF9LWUJWakZwbWRmZWZKWENKTTdOdDJ4NVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5LxDAN
BgkqhkiG9w0BAQsFAAOCAQEAVVzMJyHZYKA1x12houjkv8U2e7xUs3gP8NPY83sT
odsw9wCSnd5/NXIPJ3Etupw0beDu2cpf3ItSMPXjyhtzgF3gZ+bmThPFtETPRITF
q3wInQsWGo/UfcF61e669EMudNdkcKxVUuVyN9js098tOm5yo8GDNdaWoA6mOvCP
omjfc1fgXiDpLO+1vN5RyGmxuvhEVs7xG9GLfYyQx8NQZdGIIT0zmKFeEdZymFbO
yZrAtM7YRw8y3LKAY+GYWmgPgHRddE9/xSDBLAy3SIHy8IiKp/iIzJ9KWPW05v9O
fxF32oK0p6xcJDMim6FYdnXFiSwTQy2C2Q8YI+Zja6oILg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:30:33 2025 by rpki-client