Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KktnPaxJ7KnKHocRNonRp10cVFs.roa
File: KktnPaxJ7KnKHocRNonRp10cVFs.roa (raw, json)
Hash identifier: 9Dy9BrsXLBswC5C41xni9hIjBkRT9pMAto6K/anp8bo=
Subject key identifier: 2A:4B:67:3D:AC:49:EC:A9:CA:1E:87:11:36:89:D1:A7:5D:1C:54:5B
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197143D0DFF887A80E4146D7D6411F888B5
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KktnPaxJ7KnKHocRNonRp10cVFs.roa
Signing time: Wed 28 May 2025 00:13:54 +0000
ROA not before: Wed 28 May 2025 00:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 May 2025 01:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:14:3d:0d:ff:88:7a:80:e4:14:6d:7d:64:11:f8:88:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 28 00:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a4b673dac49eca9ca1e87113689d1a75d1c545b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:f9:b8:e1:ff:5b:de:5f:01:08:3b:fd:a3:
f8:0f:72:f7:92:37:d1:a7:a1:50:82:41:0e:92:64:
4c:2f:0a:d6:c2:c5:06:ec:b3:ff:a9:eb:39:ee:30:
d9:65:12:fe:10:66:5a:7b:c0:63:e2:27:75:93:92:
b8:59:7c:17:d4:3e:0e:01:d6:cf:52:10:f4:d2:d0:
6d:88:a8:a3:70:ae:32:83:a6:3a:86:a0:0c:b5:4b:
ce:9c:41:38:ed:22:5e:b6:a5:b5:c4:37:6d:d3:80:
23:4d:2c:15:02:1d:08:d5:44:f5:32:e0:72:d8:ca:
e6:c1:05:07:a9:b0:db:25:5d:b7:4f:cd:e4:63:ea:
15:44:cf:ae:29:82:e7:d0:d8:1e:46:81:b4:a0:03:
bb:b2:fa:0f:25:e0:85:0f:48:e1:26:c5:f4:00:a7:
f0:41:fd:7e:b4:0f:7b:93:b2:cf:23:a4:26:95:d8:
9c:c2:d8:6f:5e:15:55:ce:67:f4:1b:b9:36:35:df:
0d:fb:96:55:58:c0:f7:00:d4:e7:1b:14:b4:08:50:
2a:04:40:7e:ef:3c:33:49:a3:eb:b1:f3:3c:8a:cd:
af:05:cb:e4:14:46:19:c9:80:c5:cc:e0:a8:63:d3:
34:99:54:39:d2:d9:38:0e:55:2d:c6:4d:84:66:20:
1e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4B:67:3D:AC:49:EC:A9:CA:1E:87:11:36:89:D1:A7:5D:1C:54:5B
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KktnPaxJ7KnKHocRNonRp10cVFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
Signature Algorithm: sha256WithRSAEncryption
25:75:d2:e7:b9:26:58:41:94:6a:65:42:1b:c1:ba:d4:50:f3:
d4:04:7c:d6:42:2d:62:eb:8c:7d:24:a4:aa:8f:e1:3d:81:61:
19:07:d1:38:83:6c:c2:53:a9:f3:fe:83:49:b3:5d:be:8f:2e:
ed:0a:f7:0f:46:20:87:19:6d:94:15:16:40:eb:85:8f:9c:32:
2c:84:5c:24:88:75:99:8f:aa:99:2d:f3:b9:9b:0e:d8:8e:9d:
95:7b:7d:6f:7a:26:3c:be:f9:42:83:c5:5e:8b:a0:98:c3:7d:
e0:17:d6:7f:a3:b5:13:7f:fb:aa:83:9a:7c:b2:39:d5:0f:bd:
b6:55:6c:02:96:de:82:ef:f4:3d:72:4d:ec:00:11:9c:7f:eb:
5a:0f:b6:ea:e0:6b:5e:5b:64:d9:35:0a:8b:54:51:69:f0:2a:
7b:ed:38:47:52:fc:95:4c:f3:a1:29:fb:1a:6a:03:16:1c:71:
79:92:50:6e:a0:45:12:9e:51:73:70:a3:e9:d7:b0:09:9b:5a:
28:7f:2f:1e:ac:c3:48:73:52:51:da:f5:3b:c8:f0:e6:43:65:
38:0d:ed:49:54:69:a7:a3:c2:b2:c4:d2:8d:0e:71:07:9c:2d:
64:6f:01:5c:a7:7a:34:c4:83:ba:74:ab:39:08:30:51:20:83:
42:68:b0:1f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcUPQ3/iHqA5BRtfWQR+Ii1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI4MDAxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRiNjczZGFjNDllY2E5Y2ExZTg3MTEzNjg5ZDFhNzVkMWM1NDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW75uOH/W95fAQg7/aP4D3L3kjfR
p6FQgkEOkmRMLwrWwsUG7LP/qes57jDZZRL+EGZae8Bj4id1k5K4WXwX1D4OAdbP
UhD00tBtiKijcK4yg6Y6hqAMtUvOnEE47SJetqW1xDdt04AjTSwVAh0I1UT1MuBy
2MrmwQUHqbDbJV23T83kY+oVRM+uKYLn0NgeRoG0oAO7svoPJeCFD0jhJsX0AKfw
Qf1+tA97k7LPI6QmldicwthvXhVVzmf0G7k2Nd8N+5ZVWMD3ANTnGxS0CFAqBEB+
7zwzSaPrsfM8is2vBcvkFEYZyYDFzOCoY9M0mVQ50tk4DlUtxk2EZiAebQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCpLZz2sSeypyh6HETaJ0addHFRbMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvS2t0blBheEo3S25LSG9jUk5vblJwMTBjVkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4wDQYJKoZIhvcNAQELBQADggEB
ACV10ue5JlhBlGplQhvButRQ89QEfNZCLWLrjH0kpKqP4T2BYRkH0TiDbMJTqfP+
g0mzXb6PLu0K9w9GIIcZbZQVFkDrhY+cMiyEXCSIdZmPqpkt87mbDtiOnZV7fW96
Jjy++UKDxV6LoJjDfeAX1n+jtRN/+6qDmnyyOdUPvbZVbAKW3oLv9D1yTewAEZx/
61oPturga15bZNk1CotUUWnwKnvtOEdS/JVM86Ep+xpqAxYccXmSUG6gRRKeUXNw
o+nXsAmbWih/Lx6sw0hzUlHa9TvI8OZDZTgN7UlUaaejwrLE0o0OcQecLWRvAVyn
ejTEg7p0qzkIMFEgg0JosB8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:25:48 2025 by rpki-client