Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2a714e-c7d3-47b5-8c57-caa7d5b482c5/1/KTc3W-mQPqP3GJ7A-leoaqOhFmA.roa
File: KTc3W-mQPqP3GJ7A-leoaqOhFmA.roa (raw, json)
Hash identifier: jWLCOKJTph3j1hdQBEZ4fXQI6u9PYPrNh8pT4AJS1u0=
Subject key identifier: 29:37:37:5B:E9:90:3E:A3:F7:18:9E:C0:FA:57:A8:6A:A3:A1:16:60
Certificate issuer: /CN=2ca61567cb1099855117008fd1d36aa8ada96faf
Certificate serial: 0196F17B473E4019998962A8787811D80058
Authority key identifier: 2C:A6:15:67:CB:10:99:85:51:17:00:8F:D1:D3:6A:A8:AD:A9:6F:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKYVZ8sQmYVRFwCP0dNqqK2pb68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/2a714e-c7d3-47b5-8c57-caa7d5b482c5/1/KTc3W-mQPqP3GJ7A-leoaqOhFmA.roa
Signing time: Wed 21 May 2025 06:15:10 +0000
ROA not before: Wed 21 May 2025 06:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211931
IP address blocks: 2a01:f100::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 21 May 2025 13:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:7b:47:3e:40:19:99:89:62:a8:78:78:11:d8:00:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ca61567cb1099855117008fd1d36aa8ada96faf
Validity
Not Before: May 21 06:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2937375be9903ea3f7189ec0fa57a86aa3a11660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:5d:98:0a:7d:b6:21:6f:90:bf:22:64:9e:
e9:ff:fe:8e:da:b0:5f:bb:47:cc:fd:22:0f:c1:a7:
12:b3:76:e9:a2:46:5b:a6:06:c8:48:fc:69:96:b5:
ee:32:5e:79:08:c0:76:a9:12:27:3f:47:d0:3d:35:
d0:0f:db:79:bf:95:9e:f7:d8:7a:31:c6:b5:96:22:
3e:df:5e:8b:db:9d:0b:f6:2f:2d:e2:06:2c:6d:97:
ea:01:7d:06:9c:8d:bd:14:dd:46:54:04:5c:4d:90:
a7:7d:05:e4:14:16:c4:98:9a:6e:e6:9c:a8:77:ac:
22:6b:9b:27:fa:e7:bd:9e:02:e1:ca:11:bc:27:67:
36:2f:25:0e:0c:54:91:52:fe:31:13:00:ad:e2:7a:
b7:54:95:3e:9d:5a:82:63:a1:ef:07:05:2d:08:3a:
66:ab:6d:c8:53:0c:70:45:98:e6:86:d9:a7:a8:ee:
b3:99:0d:52:b5:53:ac:ec:10:bc:0e:14:ba:ee:a7:
81:99:ad:c5:84:36:8a:af:59:c6:8c:de:f9:e3:a6:
cb:77:18:c4:dc:d6:fd:6f:26:aa:fc:a5:9e:bd:02:
c7:bc:b8:95:f5:d4:c7:7f:25:3e:a2:45:c5:21:eb:
a1:2d:28:a2:59:4e:6a:8c:8a:84:fa:bb:82:7c:38:
83:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:37:37:5B:E9:90:3E:A3:F7:18:9E:C0:FA:57:A8:6A:A3:A1:16:60
X509v3 Authority Key Identifier:
keyid:2C:A6:15:67:CB:10:99:85:51:17:00:8F:D1:D3:6A:A8:AD:A9:6F:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKYVZ8sQmYVRFwCP0dNqqK2pb68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2a714e-c7d3-47b5-8c57-caa7d5b482c5/1/KTc3W-mQPqP3GJ7A-leoaqOhFmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2a714e-c7d3-47b5-8c57-caa7d5b482c5/1/LKYVZ8sQmYVRFwCP0dNqqK2pb68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f100::/44
Signature Algorithm: sha256WithRSAEncryption
6a:7b:ee:3b:3b:f0:65:92:75:1b:9e:b9:1d:44:d7:09:fc:12:
c5:7c:ce:ef:bf:fc:fd:a4:8c:1c:82:1f:6a:e8:d8:b8:a5:14:
9f:3c:a2:45:ed:3e:0d:5a:2e:69:08:4b:9b:c5:c4:8d:a7:c9:
dd:c8:5f:95:10:54:78:2a:f7:e1:0a:dd:18:2a:55:cf:0d:00:
86:ad:f1:db:78:0e:39:e8:64:64:54:cf:7b:03:94:94:f5:d6:
12:aa:72:35:dd:02:57:16:ce:7b:aa:1a:58:06:d9:b1:81:4e:
2d:5e:17:34:5f:f0:c8:a5:19:5c:38:64:86:0e:b8:ec:c8:cb:
32:41:e2:8a:22:22:26:4f:27:e6:7d:77:aa:b1:53:d2:f8:ce:
62:75:c1:c4:49:e7:0d:e9:f2:03:47:0d:58:91:2a:0b:24:77:
20:7e:31:b2:0a:45:01:4c:2f:d0:13:35:cd:4d:e5:e5:93:3c:
33:87:28:7b:9d:b0:6a:b2:e8:c3:f1:80:d3:b7:2a:c5:85:4a:
0e:68:3e:b2:37:da:e8:d2:77:b7:2f:66:db:ff:63:08:60:f1:
ff:43:c2:ed:1b:29:d6:2a:17:8f:f4:44:3d:f2:c9:1b:3e:fd:
ba:72:17:a2:fe:59:60:30:88:14:48:38:2c:db:ec:f5:13:25:
ce:93:a3:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZbxe0c+QBmZiWKoeHgR2ABYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYTYxNTY3Y2IxMDk5ODU1MTE3MDA4ZmQxZDM2YWE4YWRh
OTZmYWYwHhcNMjUwNTIxMDYxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM3Mzc1YmU5OTAzZWEzZjcxODllYzBmYTU3YTg2YWEzYTExNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8hdmAp9tiFvkL8iZJ7p//6O2rBf
u0fM/SIPwacSs3bpokZbpgbISPxplrXuMl55CMB2qRInP0fQPTXQD9t5v5We99h6
Mca1liI+316L250L9i8t4gYsbZfqAX0GnI29FN1GVARcTZCnfQXkFBbEmJpu5pyo
d6wia5sn+ue9ngLhyhG8J2c2LyUODFSRUv4xEwCt4nq3VJU+nVqCY6HvBwUtCDpm
q23IUwxwRZjmhtmnqO6zmQ1StVOs7BC8DhS67qeBma3FhDaKr1nGjN7546bLdxjE
3Nb9byaq/KWevQLHvLiV9dTHfyU+okXFIeuhLSiiWU5qjIqE+ruCfDiDqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCk3N1vpkD6j9xiewPpXqGqjoRZgMB8GA1UdIwQY
MBaAFCymFWfLEJmFURcAj9HTaqitqW+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEtZVlo4c1FtWVZSRndDUDBkTnFxSzJwYjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yYTcxNGUtYzdkMy00N2I1LThjNTct
Y2FhN2Q1YjQ4MmM1LzEvS1RjM1ctbVFQcVAzR0o3QS1sZW9hcU9oRm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yYTcxNGUtYzdkMy00N2I1LThjNTctY2FhN2Q1YjQ4MmM1
LzEvTEtZVlo4c1FtWVZSRndDUDBkTnFxSzJwYjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgHxAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqe+47O/BlknUbnrkdRNcJ/BLFfM7vv/z9pIwc
gh9q6Ni4pRSfPKJF7T4NWi5pCEubxcSNp8ndyF+VEFR4KvfhCt0YKlXPDQCGrfHb
eA456GRkVM97A5SU9dYSqnI13QJXFs57qhpYBtmxgU4tXhc0X/DIpRlcOGSGDrjs
yMsyQeKKIiImTyfmfXeqsVPS+M5idcHESecN6fIDRw1YkSoLJHcgfjGyCkUBTC/Q
EzXNTeXlkzwzhyh7nbBqsujD8YDTtyrFhUoOaD6yN9ro0ne3L2bb/2MIYPH/Q8Lt
GynWKheP9EQ98skbPv26chei/llgMIgUSDgs2+z1EyXOk6N/
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:02:52 2025 by rpki-client