Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/KopYMBCLXtRF7kDFMacJDsVdVCc.roa
File: KopYMBCLXtRF7kDFMacJDsVdVCc.roa (raw, json)
Hash identifier: 2TcGbY4Syd0R2Nkv8yIzQ2WuiSyIKbkfrHbmzoilrDY=
Subject key identifier: 2A:8A:58:30:10:8B:5E:D4:45:EE:40:C5:31:A7:09:0E:C5:5D:54:27
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 019707F6D88E895536F0CA81771D64DF7A1C
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/KopYMBCLXtRF7kDFMacJDsVdVCc.roa
Signing time: Sun 25 May 2025 15:01:47 +0000
ROA not before: Sun 25 May 2025 15:01:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20292
IP address blocks: 2a06:6fc1::/32 maxlen: 32
2a06:6fc1:400::/38 maxlen: 38
Validation: Failed, certificate revoked on Sun 25 May 2025 18:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:f6:d8:8e:89:55:36:f0:ca:81:77:1d:64:df:7a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: May 25 15:01:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a8a5830108b5ed445ee40c531a7090ec55d5427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:d4:63:63:12:c7:21:21:01:44:e6:43:93:86:
3a:dd:5b:b9:79:3a:91:06:ca:6a:b3:78:c0:06:b5:
52:20:a8:1c:09:fc:ac:4e:9b:42:dc:e0:95:a8:78:
e1:e9:df:f5:b1:57:f8:8f:0b:e7:f6:13:49:b2:14:
e0:bc:8e:e7:bb:1f:19:ca:ed:cc:b7:48:4d:81:bd:
50:75:bb:3b:1c:20:69:9f:0e:c3:7e:3e:1f:82:bd:
98:53:74:a7:f4:16:8e:0e:ca:54:60:76:21:ea:8f:
e1:d3:78:e4:5c:8e:ea:17:f4:d7:53:84:a9:d3:2a:
49:68:6c:30:d6:31:cf:c5:ee:e5:c4:1c:aa:e4:f3:
d1:41:2e:a4:32:c2:7a:18:9a:90:db:1e:42:4d:85:
d8:d2:d1:9d:de:f8:ad:df:a8:52:b6:31:59:3a:07:
f4:12:37:08:f2:4e:09:d3:c7:76:97:4f:01:e0:18:
5b:5a:34:19:6a:a1:2d:4b:27:36:02:97:46:fa:6c:
ba:81:bf:af:81:d5:14:10:ef:cb:97:06:76:0a:eb:
55:f4:82:0c:ff:4b:88:b4:c8:d9:85:84:4a:2f:e7:
88:fc:73:52:53:28:db:02:e8:42:db:d2:7a:d7:73:
69:1c:a8:af:83:b0:20:91:f0:4c:07:3b:90:b3:ad:
95:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8A:58:30:10:8B:5E:D4:45:EE:40:C5:31:A7:09:0E:C5:5D:54:27
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/KopYMBCLXtRF7kDFMacJDsVdVCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6fc1::/32
Signature Algorithm: sha256WithRSAEncryption
05:88:07:7c:9a:62:69:6f:92:77:c5:fd:24:ad:c8:ea:88:48:
20:c5:1a:ae:15:ae:e7:85:47:2b:50:7f:35:8c:d4:fd:78:79:
db:79:05:98:55:7c:6c:35:7c:3e:20:81:96:f5:a8:c9:ac:5a:
5d:36:b1:d6:93:7f:67:92:b2:29:b3:cc:39:86:c4:e2:a3:ab:
da:f7:f6:c5:31:09:4b:2c:43:d4:5c:37:bd:a3:8b:60:71:d2:
86:72:fb:db:78:ec:28:81:d1:c1:a1:80:89:e2:81:a9:0f:71:
cf:d0:48:c4:d8:a5:1a:3f:22:1f:25:a7:98:c8:06:0a:3a:31:
ed:ca:1e:c4:c5:b7:0f:22:c4:be:8a:cf:55:bc:d8:e2:17:f6:
0d:83:d4:39:8b:d3:cd:5e:f6:5c:0e:70:d5:67:fa:3f:57:56:
84:9d:f3:8e:0d:43:90:c0:6c:94:72:95:8e:21:5e:96:0e:87:
54:0c:e1:d8:65:37:24:e5:dd:11:84:1e:18:a0:14:5a:da:35:
fb:04:02:4f:03:f8:32:b7:b3:d5:9b:f4:29:19:fb:f5:19:4c:
07:91:be:2c:49:12:22:3f:ec:57:7f:d4:26:8a:73:8a:7c:7f:
e5:be:4e:61:87:cb:3c:22:0e:7b:eb:f4:b2:f6:bf:a7:86:90:
70:1d:6f:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcH9tiOiVU28MqBdx1k33ocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUwNTI1MTUwMTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThhNTgzMDEwOGI1ZWQ0NDVlZTQwYzUzMWE3MDkwZWM1NWQ1NDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8dRjYxLHISEBROZDk4Y63Vu5eTqR
Bspqs3jABrVSIKgcCfysTptC3OCVqHjh6d/1sVf4jwvn9hNJshTgvI7nux8Zyu3M
t0hNgb1Qdbs7HCBpnw7Dfj4fgr2YU3Sn9BaODspUYHYh6o/h03jkXI7qF/TXU4Sp
0ypJaGww1jHPxe7lxByq5PPRQS6kMsJ6GJqQ2x5CTYXY0tGd3vit36hStjFZOgf0
EjcI8k4J08d2l08B4BhbWjQZaqEtSyc2ApdG+my6gb+vgdUUEO/LlwZ2CutV9IIM
/0uItMjZhYRKL+eI/HNSUyjbAuhC29J613NpHKivg7AgkfBMBzuQs62VOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCqKWDAQi17URe5AxTGnCQ7FXVQnMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvS29wWU1CQ0xYdFJGN2tERk1hY0pEc1ZkVkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgZvwTAN
BgkqhkiG9w0BAQsFAAOCAQEABYgHfJpiaW+Sd8X9JK3I6ohIIMUarhWu54VHK1B/
NYzU/Xh523kFmFV8bDV8PiCBlvWoyaxaXTax1pN/Z5KyKbPMOYbE4qOr2vf2xTEJ
SyxD1Fw3vaOLYHHShnL723jsKIHRwaGAieKBqQ9xz9BIxNilGj8iHyWnmMgGCjox
7coexMW3DyLEvorPVbzY4hf2DYPUOYvTzV72XA5w1Wf6P1dWhJ3zjg1DkMBslHKV
jiFelg6HVAzh2GU3JOXdEYQeGKAUWto1+wQCTwP4Mrez1Zv0KRn79RlMB5G+LEkS
Ij/sV3/UJopzinx/5b5OYYfLPCIOe+v0sva/p4aQcB1vhg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:55:00 2025 by rpki-client