Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ko5P8HpROJ67Yf0gndtJT_FbIkM.roa
File: Ko5P8HpROJ67Yf0gndtJT_FbIkM.roa (raw, json)
Hash identifier: ba8tGBVu5FTp819RP875De8BaXL5k8nLEiMZu9hZtXA=
Subject key identifier: 2A:8E:4F:F0:7A:51:38:9E:BB:61:FD:20:9D:DB:49:4F:F1:5B:22:43
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019696DE94294B1A4ABB4EA12BA6C0430059
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ko5P8HpROJ67Yf0gndtJT_FbIkM.roa
Signing time: Sat 03 May 2025 15:58:11 +0000
ROA not before: Sat 03 May 2025 15:58:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47263
IP address blocks: 2a06:de02:1a02::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 03 May 2025 17:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:96:de:94:29:4b:1a:4a:bb:4e:a1:2b:a6:c0:43:00:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 3 15:58:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a8e4ff07a51389ebb61fd209ddb494ff15b2243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e7:4c:24:cd:93:0c:dc:68:0f:61:f1:d6:85:
9f:66:13:7b:99:ea:5e:51:51:18:65:75:46:9c:dd:
fb:74:86:26:36:c2:df:db:bc:c0:65:3b:a9:4d:52:
0d:2c:e6:f8:25:51:83:16:84:65:65:1c:be:38:6e:
ec:5b:23:de:3a:8e:5b:2e:6f:93:fd:0d:8d:ca:7c:
f3:11:0c:b0:59:fc:6a:8b:38:18:6a:93:a8:01:da:
80:c9:4a:da:6f:7c:ff:23:5e:63:8d:1d:9c:1d:99:
75:d5:54:1a:90:88:bf:2f:ca:fd:12:84:b7:42:0c:
9e:63:71:55:49:15:d6:ae:a1:a5:c4:89:a9:7b:7a:
52:95:36:56:41:78:29:a4:f1:33:0e:2d:dd:1b:2a:
31:40:75:ab:66:84:ad:64:c6:73:7d:d4:9d:bc:e3:
9e:7e:b8:d9:2a:ab:6f:a8:43:18:24:c6:4a:de:35:
19:6d:93:1d:ba:be:02:ef:09:e7:24:cb:79:35:1f:
5f:49:b9:0a:6f:13:0b:1a:84:f1:85:4a:04:86:cd:
a9:e8:99:1c:99:28:bb:4f:46:a6:fa:96:b3:29:3b:
36:23:73:f7:a4:ec:fd:82:27:06:87:21:82:06:e6:
21:b0:2d:20:dd:94:87:7b:2e:a1:ee:e1:f3:87:92:
5b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8E:4F:F0:7A:51:38:9E:BB:61:FD:20:9D:DB:49:4F:F1:5B:22:43
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ko5P8HpROJ67Yf0gndtJT_FbIkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de02:1a02::/48
Signature Algorithm: sha256WithRSAEncryption
77:01:5f:06:26:07:f9:d7:c1:bb:00:10:08:c0:6a:e1:e2:5c:
1e:b9:fa:93:6b:29:15:0d:86:54:fc:5e:b7:9a:0f:d8:7c:c5:
87:be:ae:53:60:8b:86:af:1b:48:22:13:ef:2d:38:11:8a:15:
c6:ce:27:b0:85:4e:bb:85:6b:54:77:79:80:dd:9f:1d:95:21:
d1:24:20:f2:78:cf:83:a8:cd:ec:45:62:aa:16:2e:fb:f1:3e:
30:82:93:be:2e:b3:8f:ae:43:c9:35:94:15:91:1a:f0:df:2b:
74:b2:f0:93:8b:7e:29:a5:d7:50:46:1b:98:73:cb:90:64:26:
43:c9:72:6c:74:68:90:26:9a:a3:fe:24:b3:bc:4c:d8:65:a7:
9e:e5:1d:28:bb:16:d6:86:7f:f4:cf:ac:73:cf:df:5c:54:7d:
38:24:de:4b:56:bd:4a:5d:ae:45:2a:a6:ab:e4:59:16:4b:ad:
ad:fa:99:e7:27:23:7e:69:aa:0a:0d:da:7b:71:30:38:eb:59:
7a:4c:c5:14:b1:9e:c9:9c:bf:1f:cb:52:3c:fd:6b:62:8a:5e:
5a:21:f3:83:4f:97:fc:66:df:52:88:eb:ca:e7:30:f9:5a:84:
fa:7d:0d:01:24:b3:63:56:ff:00:96:bc:24:00:e4:b3:6a:39:
a4:d8:09:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZaW3pQpSxpKu06hK6bAQwBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTAzMTU1ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThlNGZmMDdhNTEzODllYmI2MWZkMjA5ZGRiNDk0ZmYxNWIyMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOdMJM2TDNxoD2Hx1oWfZhN7mepe
UVEYZXVGnN37dIYmNsLf27zAZTupTVINLOb4JVGDFoRlZRy+OG7sWyPeOo5bLm+T
/Q2NynzzEQywWfxqizgYapOoAdqAyUrab3z/I15jjR2cHZl11VQakIi/L8r9EoS3
QgyeY3FVSRXWrqGlxImpe3pSlTZWQXgppPEzDi3dGyoxQHWrZoStZMZzfdSdvOOe
frjZKqtvqEMYJMZK3jUZbZMdur4C7wnnJMt5NR9fSbkKbxMLGoTxhUoEhs2p6Jkc
mSi7T0am+pazKTs2I3P3pOz9gicGhyGCBuYhsC0g3ZSHey6h7uHzh5JbIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCqOT/B6UTieu2H9IJ3bSU/xWyJDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS281UDhIcFJPSjY3WWYwZ25kdEpUX0ZiSWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbeAhoC
MA0GCSqGSIb3DQEBCwUAA4IBAQB3AV8GJgf518G7ABAIwGrh4lweufqTaykVDYZU
/F63mg/YfMWHvq5TYIuGrxtIIhPvLTgRihXGziewhU67hWtUd3mA3Z8dlSHRJCDy
eM+DqM3sRWKqFi778T4wgpO+LrOPrkPJNZQVkRrw3yt0svCTi34ppddQRhuYc8uQ
ZCZDyXJsdGiQJpqj/iSzvEzYZaee5R0ouxbWhn/0z6xzz99cVH04JN5LVr1KXa5F
Kqar5FkWS62t+pnnJyN+aaoKDdp7cTA461l6TMUUsZ7JnL8fy1I8/Wtiil5aIfOD
T5f8Zt9SiOvK5zD5WoT6fQ0BJLNjVv8AlrwkAOSzajmk2Ake
-----END CERTIFICATE-----
Generated at Fri May 16 05:07:50 2025 by rpki-client