Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/kLqgu2rv848oHmKpqVJZ7T00C2k.roa
File: kLqgu2rv848oHmKpqVJZ7T00C2k.roa (raw, json)
Hash identifier: cQGtd7hUt5hv1alFWSb2Wigv9/illhw8j9P97NgezbQ=
Subject key identifier: 90:BA:A0:BB:6A:EF:F3:8F:28:1E:62:A9:A9:52:59:ED:3D:34:0B:69
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 019643B05053AE5BD9F3A267005086067BBE
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/kLqgu2rv848oHmKpqVJZ7T00C2k.roa
Signing time: Thu 17 Apr 2025 12:19:10 +0000
ROA not before: Thu 17 Apr 2025 12:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:8540::/32 maxlen: 32
2a0f:bb00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 28 Apr 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:b0:50:53:ae:5b:d9:f3:a2:67:00:50:86:06:7b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 17 12:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90baa0bb6aeff38f281e62a9a95259ed3d340b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:34:1d:62:9d:39:4f:37:51:42:8c:15:d3:d4:
e5:ae:1c:de:48:e0:88:b0:0b:ef:16:6b:9a:2c:f9:
08:2a:7c:eb:3e:bb:34:f8:6d:37:ea:fc:21:6e:d6:
db:27:09:1b:5f:c1:3d:03:34:18:b7:4c:66:57:18:
2f:db:41:1f:de:b3:42:3c:f5:04:75:85:17:dc:e9:
1b:77:30:13:49:85:a1:a7:9b:ae:d9:90:ca:58:37:
c4:8b:db:cc:05:f7:f1:7b:62:db:e4:bd:a3:3a:ca:
43:a1:a8:d2:7d:b4:d2:f5:0d:4e:d9:b4:f8:7a:fc:
c4:95:0c:47:b9:ed:fc:5b:b1:0d:1b:a4:ec:e5:a2:
12:b3:af:c7:0f:e1:57:2e:66:8c:69:71:49:8a:4b:
c3:ca:85:3c:9f:99:d3:44:9a:03:0b:cc:c0:34:ed:
5b:2d:25:05:cb:3c:0a:73:5c:5b:04:07:e3:0f:fe:
ec:d6:3c:1a:71:d3:91:bf:52:58:e6:2a:36:53:64:
4f:a1:9c:3f:b2:a3:90:dc:7e:09:c7:9d:fb:60:e5:
e0:23:6e:4f:9c:d2:a0:83:12:17:07:5a:1d:76:b0:
40:08:0c:6c:2a:8a:e8:af:05:29:de:53:71:4f:6f:
05:c0:37:de:60:be:c9:73:df:6f:86:51:4e:7d:6a:
27:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BA:A0:BB:6A:EF:F3:8F:28:1E:62:A9:A9:52:59:ED:3D:34:0B:69
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/kLqgu2rv848oHmKpqVJZ7T00C2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8540::/32
2a0f:bb00::/32
Signature Algorithm: sha256WithRSAEncryption
96:3f:77:c0:c1:4d:02:11:27:33:2c:fa:93:1f:2a:52:6b:2f:
20:ee:46:16:d8:1e:a2:9e:13:60:6b:c9:4c:fe:c1:5d:62:b9:
41:ed:37:f8:6c:e7:8c:63:f7:e1:ff:6a:d1:04:aa:cd:eb:a6:
5e:e5:5c:df:03:f8:33:ce:58:68:98:57:c9:da:5a:41:32:e8:
ea:bb:4b:0f:54:72:3f:4f:5e:a3:d1:93:e3:1a:aa:ff:24:d7:
e4:52:32:8f:d1:3b:05:01:b2:4a:bb:08:ae:53:6f:3d:87:36:
25:dc:25:7b:2c:58:46:ca:f6:e1:88:bf:21:30:19:e5:e9:02:
75:75:f8:99:19:0f:e6:76:76:4d:22:26:fc:dd:65:68:d4:c9:
65:a0:14:25:35:09:14:c5:c3:53:51:83:7c:b8:67:76:90:65:
9a:89:f2:34:f7:f3:ea:2b:01:54:b0:d1:20:76:6f:f7:ae:ab:
f9:8f:21:67:94:a6:b9:13:f5:fe:b7:11:74:8f:13:de:4d:8b:
3d:c0:2d:a9:e5:b1:06:b2:ba:dc:f7:e4:c0:69:92:bc:2a:ab:
4d:86:b6:c1:6c:a8:cc:bf:d7:a6:2e:53:c5:b8:8b:f9:01:fe:
4b:04:fa:ad:c4:c8:04:27:6d:f8:7d:60:1a:96:dd:10:96:40:
26:45:7f:da
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZDsFBTrlvZ86JnAFCGBnu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDE3MTIxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJhYTBiYjZhZWZmMzhmMjgxZTYyYTlhOTUyNTllZDNkMzQwYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjQdYp05TzdRQowV09TlrhzeSOCI
sAvvFmuaLPkIKnzrPrs0+G036vwhbtbbJwkbX8E9AzQYt0xmVxgv20Ef3rNCPPUE
dYUX3OkbdzATSYWhp5uu2ZDKWDfEi9vMBffxe2Lb5L2jOspDoajSfbTS9Q1O2bT4
evzElQxHue38W7ENG6Ts5aISs6/HD+FXLmaMaXFJikvDyoU8n5nTRJoDC8zANO1b
LSUFyzwKc1xbBAfjD/7s1jwacdORv1JY5io2U2RPoZw/sqOQ3H4Jx537YOXgI25P
nNKggxIXB1oddrBACAxsKororwUp3lNxT28FwDfeYL7Jc99vhlFOfWon0QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJC6oLtq7/OPKB5iqalSWe09NAtpMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEva0xxZ3UycnY4NDhvSG1LcHFWSlo3VDAwQzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg6FQAMF
ACoPuwAwDQYJKoZIhvcNAQELBQADggEBAJY/d8DBTQIRJzMs+pMfKlJrLyDuRhbY
HqKeE2BryUz+wV1iuUHtN/hs54xj9+H/atEEqs3rpl7lXN8D+DPOWGiYV8naWkEy
6Oq7Sw9Ucj9PXqPRk+Maqv8k1+RSMo/ROwUBskq7CK5Tbz2HNiXcJXssWEbK9uGI
vyEwGeXpAnV1+JkZD+Z2dk0iJvzdZWjUyWWgFCU1CRTFw1NRg3y4Z3aQZZqJ8jT3
8+orAVSw0SB2b/euq/mPIWeUprkT9f63EXSPE95Niz3ALanlsQayutz35MBpkrwq
q02GtsFsqMy/16YuU8W4i/kB/ksE+q3EyAQnbfh9YBqW3RCWQCZFf9o=
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:39:20 2025 by rpki-client