Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/kolHKO26yP2z2ZCcg73eef2jkN8.roa
File: kolHKO26yP2z2ZCcg73eef2jkN8.roa (raw, json)
Hash identifier: fC5xiLQUyPh3tgJJ0bkjA/epsaXa+e1EvzavkWjnXFk=
Subject key identifier: 92:89:47:28:ED:BA:C8:FD:B3:D9:90:9C:83:BD:DE:79:FD:A3:90:DF
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019779834DF2AE8F377A3DEB0C2A56310795
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/kolHKO26yP2z2ZCcg73eef2jkN8.roa
Signing time: Mon 16 Jun 2025 16:12:17 +0000
ROA not before: Mon 16 Jun 2025 16:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 16 Jun 2025 17:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:83:4d:f2:ae:8f:37:7a:3d:eb:0c:2a:56:31:07:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 16 16:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92894728edbac8fdb3d9909c83bdde79fda390df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:0c:95:3f:f6:6f:10:43:71:43:5f:f1:09:
e2:a9:9a:34:6f:b1:7e:3d:f6:c8:67:0b:00:e3:56:
46:ba:73:38:89:89:6f:c8:1c:d6:da:3f:f6:5a:82:
a7:66:68:a1:9c:0a:f8:4c:0f:f0:9e:a8:12:11:1a:
31:c3:ea:73:b0:54:3e:2a:c8:9f:29:9b:ba:1e:22:
54:4b:8c:7a:24:ab:bf:e2:fa:57:7f:35:d3:bc:0f:
88:0f:31:a6:2d:5b:f1:08:d9:79:d8:79:90:37:2b:
26:a6:a4:7f:fd:57:04:53:64:4b:21:0e:5b:a4:7e:
a1:f1:61:f1:15:4f:35:e6:36:8a:db:27:2d:d0:b5:
2d:73:bf:2e:c1:bd:21:5c:93:0d:70:8c:83:f7:e7:
f3:8e:34:ba:cd:9c:36:4f:66:c8:26:82:f2:f9:a4:
e5:9b:66:53:cc:56:d2:fe:cb:2c:18:0d:de:f3:8d:
d8:d4:7e:ec:59:a0:2c:b0:46:36:9a:ff:06:95:ab:
b3:ed:42:b3:2d:9a:ee:db:f9:72:e2:97:f3:50:61:
5b:7f:a2:64:f9:cc:f7:3f:0c:3e:28:29:7a:90:0d:
f4:6d:e9:9f:ae:68:88:4b:ec:c7:b5:e7:cb:da:79:
99:7d:9d:07:55:0d:eb:b7:40:8e:35:23:88:60:0e:
4c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:89:47:28:ED:BA:C8:FD:B3:D9:90:9C:83:BD:DE:79:FD:A3:90:DF
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/kolHKO26yP2z2ZCcg73eef2jkN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
83:44:a9:95:65:c6:45:0a:4e:6a:a5:93:86:62:a9:71:d0:a4:
0b:03:47:a9:b4:dc:40:92:e1:1f:52:3e:09:b1:8d:17:23:d6:
82:25:c2:1e:c2:32:c5:2e:49:bb:3c:51:9e:9b:e7:41:d4:c7:
1c:88:3a:56:7d:f1:7c:2b:cf:31:fd:cd:32:82:80:a2:69:03:
46:66:02:3c:c7:e7:ff:ae:2d:37:93:8b:ad:81:ef:da:5a:5d:
26:5e:2c:89:81:4f:db:1c:85:6c:88:ea:0e:7f:6c:1d:36:3c:
43:65:b6:b2:5f:bf:55:18:da:b7:fe:bf:ce:44:1e:d2:65:a5:
6d:54:41:de:fb:ed:51:3b:a1:c3:39:b9:f5:00:dd:c9:32:93:
8a:d0:36:b1:96:b2:d8:d4:af:2a:0f:91:b7:e2:51:1f:8f:77:
bc:3b:89:2e:a3:26:72:b8:bb:89:9c:75:ec:1b:4d:5c:91:24:
ac:f4:88:ba:bb:ba:29:3b:ef:0f:a2:ff:88:5e:21:c7:04:c3:
00:cd:f3:74:5c:ed:f2:cb:8e:d7:7c:a8:d8:f0:ba:90:18:83:
55:04:16:65:3d:ea:5e:73:33:e9:4e:e6:44:78:57:aa:c7:2a:
69:2d:01:f3:cb:a6:08:72:04:53:5a:c5:95:c6:b5:1f:87:88:
91:37:28:ba
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd5g03yro83ej3rDCpWMQeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE2MTYxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjg5NDcyOGVkYmFjOGZkYjNkOTkwOWM4M2JkZGU3OWZkYTM5MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEEMlT/2bxBDcUNf8QniqZo0b7F+
PfbIZwsA41ZGunM4iYlvyBzW2j/2WoKnZmihnAr4TA/wnqgSERoxw+pzsFQ+Ksif
KZu6HiJUS4x6JKu/4vpXfzXTvA+IDzGmLVvxCNl52HmQNysmpqR//VcEU2RLIQ5b
pH6h8WHxFU815jaK2yct0LUtc78uwb0hXJMNcIyD9+fzjjS6zZw2T2bIJoLy+aTl
m2ZTzFbS/sssGA3e843Y1H7sWaAssEY2mv8Glauz7UKzLZru2/ly4pfzUGFbf6Jk
+cz3Pww+KCl6kA30bemfrmiIS+zHtefL2nmZfZ0HVQ3rt0CONSOIYA5M3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJKJRyjtusj9s9mQnIO93nn9o5DfMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEva29sSEtPMjZ5UDJ6MlpDY2c3M2VlZjJqa044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAg0SplWXGRQpOaqWThmKpcdCk
CwNHqbTcQJLhH1I+CbGNFyPWgiXCHsIyxS5JuzxRnpvnQdTHHIg6Vn3xfCvPMf3N
MoKAomkDRmYCPMfn/64tN5OLrYHv2lpdJl4siYFP2xyFbIjqDn9sHTY8Q2W2sl+/
VRjat/6/zkQe0mWlbVRB3vvtUTuhwzm59QDdyTKTitA2sZay2NSvKg+Rt+JRH493
vDuJLqMmcri7iZx17BtNXJEkrPSIuru6KTvvD6L/iF4hxwTDAM3zdFzt8suO13yo
2PC6kBiDVQQWZT3qXnMz6U7mRHhXqscqaS0B88umCHIEU1rFlca1H4eIkTcoug==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:21:38 2025 by rpki-client