Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kitpJpNKmuDG9adfuGf6chGS810.roa
File: kitpJpNKmuDG9adfuGf6chGS810.roa (raw, json)
Hash identifier: f5x1dhWRbNE03lmxwBCnIMfXllFLReXpAQSrRViJj5A=
Subject key identifier: 92:2B:69:26:93:4A:9A:E0:C6:F5:A7:5F:B8:67:FA:72:11:92:F3:5D
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197029C6AF9302F244CC85FA49E50FAC04B
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kitpJpNKmuDG9adfuGf6chGS810.roa
Signing time: Sat 24 May 2025 14:04:54 +0000
ROA not before: Sat 24 May 2025 14:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:29b:cd33/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 14:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:02:9c:6a:f9:30:2f:24:4c:c8:5f:a4:9e:50:fa:c0:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 14:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=922b6926934a9ae0c6f5a75fb867fa721192f35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cb:ff:fd:16:ea:83:61:65:8d:d4:fb:3d:0e:
53:76:fb:d3:7b:b4:26:87:36:70:40:a1:f9:2b:e6:
fd:50:17:c1:27:10:52:85:d5:d9:83:f7:31:4c:37:
70:c0:47:0f:2c:cd:0a:6a:a6:d0:06:97:c9:29:52:
8e:8d:87:8f:de:4e:42:c6:40:70:5e:7e:db:80:0f:
7d:b3:6f:a7:7b:c3:e3:ef:08:60:4d:9c:42:16:df:
b4:43:51:64:af:62:09:ec:b3:14:7d:35:54:31:f9:
f5:9b:39:7d:19:05:51:bb:82:2a:4d:c4:fa:69:43:
97:5b:33:57:a7:32:33:b9:92:4e:18:1c:54:07:7a:
ed:66:dc:fa:3c:a5:21:7d:3e:cd:f0:fb:77:a8:3d:
0d:a4:4a:be:48:24:43:78:09:e9:79:80:18:71:a9:
5a:5b:42:d1:e0:d3:b1:e7:5b:99:ba:8b:b3:cb:b5:
f1:ed:2f:7e:7f:cd:4c:97:0c:75:fe:fb:09:d2:3b:
de:3b:d0:26:04:bc:f4:23:60:2d:04:ad:52:39:ad:
90:c3:f6:61:23:41:56:9c:d4:0f:07:76:cc:56:1b:
82:3c:e9:59:3f:20:57:ef:0e:b8:2f:0d:90:15:26:
ce:64:82:26:cd:aa:ac:21:66:66:c5:16:48:1a:22:
25:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2B:69:26:93:4A:9A:E0:C6:F5:A7:5F:B8:67:FA:72:11:92:F3:5D
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kitpJpNKmuDG9adfuGf6chGS810.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:29b:cd33/128
Signature Algorithm: sha256WithRSAEncryption
7d:5e:e2:4a:9e:52:e9:54:49:12:63:0d:03:4e:33:d0:76:3e:
e9:01:89:b4:ec:1d:44:64:4a:89:81:f6:4a:26:f8:3e:d5:7c:
c6:4d:e4:25:f5:a1:5c:13:7c:18:bf:3f:ea:b3:42:04:a1:f7:
05:9b:c6:36:b7:71:07:16:c2:1f:ff:3e:94:d7:f3:0c:9c:df:
4a:2d:8b:74:28:21:7d:cf:36:74:06:a4:ca:41:b9:56:49:e3:
17:2e:9d:da:24:e9:29:3f:2a:40:87:d9:83:da:12:f8:04:1b:
26:4a:d3:5a:31:a5:ce:60:13:10:2c:ee:b2:ac:8c:6e:7a:d0:
2b:de:9e:da:a5:c6:2d:26:a0:fb:91:a5:37:36:6a:0c:79:07:
18:44:84:fd:4c:4c:06:fc:c3:e1:93:fa:ef:7c:5b:9f:87:38:
8f:c5:5a:7d:1a:15:69:71:d2:5f:0d:44:da:bc:f3:e3:cf:9d:
80:ce:c7:00:bf:f7:42:a2:d5:56:5f:aa:ae:3d:cd:16:88:9d:
19:b2:ab:54:17:38:41:3d:a9:34:6e:37:9e:4f:c9:44:b7:07:
4d:07:c6:5b:85:b3:bf:21:b9:ea:3b:59:68:a8:98:08:ec:b7:
11:15:1b:b1:92:25:93:e3:d0:21:d0:82:ce:db:6f:55:89:3c:
d1:a5:0a:c7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcCnGr5MC8kTMhfpJ5Q+sBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MTQwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJiNjkyNjkzNGE5YWUwYzZmNWE3NWZiODY3ZmE3MjExOTJmMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMv//Rbqg2FljdT7PQ5TdvvTe7Qm
hzZwQKH5K+b9UBfBJxBShdXZg/cxTDdwwEcPLM0KaqbQBpfJKVKOjYeP3k5CxkBw
Xn7bgA99s2+ne8Pj7whgTZxCFt+0Q1Fkr2IJ7LMUfTVUMfn1mzl9GQVRu4IqTcT6
aUOXWzNXpzIzuZJOGBxUB3rtZtz6PKUhfT7N8Pt3qD0NpEq+SCRDeAnpeYAYcala
W0LR4NOx51uZuouzy7Xx7S9+f81Mlwx1/vsJ0jveO9AmBLz0I2AtBK1SOa2Qw/Zh
I0FWnNQPB3bMVhuCPOlZPyBX7w64Lw2QFSbOZIImzaqsIWZmxRZIGiIlzwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJIraSaTSprgxvWnX7hn+nIRkvNdMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEva2l0cEpwTkttdURHOWFkZnVHZjZjaEdTODEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlwKbzTMwDQYJKoZIhvcNAQELBQADggEB
AH1e4kqeUulUSRJjDQNOM9B2PukBibTsHURkSomB9kom+D7VfMZN5CX1oVwTfBi/
P+qzQgSh9wWbxja3cQcWwh//PpTX8wyc30oti3QoIX3PNnQGpMpBuVZJ4xcundok
6Sk/KkCH2YPaEvgEGyZK01oxpc5gExAs7rKsjG560Cventqlxi0moPuRpTc2agx5
BxhEhP1MTAb8w+GT+u98W5+HOI/FWn0aFWlx0l8NRNq88+PPnYDOxwC/90Ki1VZf
qq49zRaInRmyq1QXOEE9qTRuN55PyUS3B00HxluFs78hueo7WWiomAjstxEVG7GS
JZPj0CHQgs7bb1WJPNGlCsc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:25 2025 by rpki-client