Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/kkN6yy4LRkG4YCH5yOJzi6OZRSs.roa
File: kkN6yy4LRkG4YCH5yOJzi6OZRSs.roa (raw, json)
Hash identifier: czIcqL4ffCR2NZSV/UhO8mfGzWk955vDyaBEiTZwT6o=
Subject key identifier: 92:43:7A:CB:2E:0B:46:41:B8:60:21:F9:C8:E2:73:8B:A3:99:45:2B
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019643DF01268219986FEF7A26D1EC7C4CA7
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/kkN6yy4LRkG4YCH5yOJzi6OZRSs.roa
Signing time: Thu 17 Apr 2025 13:10:10 +0000
ROA not before: Thu 17 Apr 2025 13:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a14:6781::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Apr 2025 14:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:df:01:26:82:19:98:6f:ef:7a:26:d1:ec:7c:4c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 17 13:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92437acb2e0b4641b86021f9c8e2738ba399452b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:05:8b:b0:01:41:e0:a0:11:d7:d8:dc:fb:f2:
3f:76:02:b3:1f:70:c5:cf:84:2f:b0:0d:5e:7e:06:
cd:e1:23:62:7b:9e:a5:6f:cc:26:73:66:e1:e7:0e:
03:c5:ba:e2:62:c0:58:0b:64:be:9d:d9:b4:2f:9d:
ef:3e:d2:05:55:22:1d:fa:b0:52:87:e3:80:43:f2:
c0:ba:2e:2b:bd:24:2b:f9:31:0e:19:44:29:00:38:
07:8f:d6:b5:ea:f0:56:89:06:4b:e6:cf:63:94:44:
92:b5:24:d3:fb:dd:d0:5c:67:95:b1:b5:73:0a:14:
f2:2b:38:7c:ca:2c:1b:6a:09:0a:17:61:2c:7a:1f:
7c:e9:92:81:80:ec:9c:51:3b:bf:c0:93:ac:08:aa:
d8:a6:6a:08:84:7c:b7:ed:dc:c2:f8:31:42:3a:6b:
b7:6b:f9:55:63:4c:53:94:9b:26:e4:ba:93:5c:01:
de:e5:45:a9:ff:46:c9:07:f8:bb:f2:f1:20:d0:42:
21:d1:33:ea:c3:7d:b6:17:ed:ac:19:4f:22:cc:54:
61:ad:b8:39:bc:e3:ae:96:eb:20:da:28:23:ed:4b:
3a:0c:9e:20:79:e5:ed:13:b3:4d:d0:7e:69:7f:cb:
0b:a8:b5:4f:1f:da:cf:46:ec:b5:cd:7b:c2:e2:8a:
d0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:43:7A:CB:2E:0B:46:41:B8:60:21:F9:C8:E2:73:8B:A3:99:45:2B
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/kkN6yy4LRkG4YCH5yOJzi6OZRSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
89.36.35.0/24
212.232.18.0/24
IPv6:
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
6e:d9:f0:c6:98:88:db:64:fc:5e:3d:c9:eb:32:6a:97:23:27:
bd:fc:96:11:dd:fc:91:6c:11:4c:a5:fc:98:bf:17:00:c4:cd:
2c:9a:61:16:ad:0a:f9:ff:77:80:de:77:45:53:0a:2b:e1:52:
9d:5a:7c:70:89:3c:59:f1:bb:ae:b6:a5:c3:c9:a6:33:f4:9e:
56:a3:31:80:f4:06:50:3c:49:dd:05:9e:68:c6:8f:c4:76:58:
9a:5a:05:91:2d:85:a0:54:ae:78:0b:99:a9:70:e5:9c:2f:ba:
1b:f7:c2:7f:e8:7f:27:66:a2:a6:63:31:c9:0d:5f:78:fe:07:
08:73:c9:dd:eb:64:dc:8e:62:45:8b:4e:cf:84:8b:09:6f:4b:
03:74:f5:54:48:a6:f1:47:f5:84:03:81:48:67:e6:54:74:89:
0f:98:cd:ac:37:56:51:b6:f6:1f:ae:94:53:26:b1:90:2d:51:
27:6a:5f:e1:25:d8:d8:cb:a0:17:e3:17:cb:12:c0:c7:5d:3f:
08:9c:6f:40:87:f3:57:29:18:96:82:cd:4a:1b:cb:b6:fa:f5:
8f:61:12:8b:2d:cf:fa:26:02:b5:d0:25:62:60:07:7f:c5:72:
41:39:b8:fd:9b:75:4d:32:89:f8:bf:c3:c3:7e:00:54:50:30:
d8:7f:d1:08
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZZD3wEmghmYb+96JtHsfEynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNDE3MTMxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQzN2FjYjJlMGI0NjQxYjg2MDIxZjljOGUyNzM4YmEzOTk0NTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+AWLsAFB4KAR19jc+/I/dgKzH3DF
z4QvsA1efgbN4SNie56lb8wmc2bh5w4DxbriYsBYC2S+ndm0L53vPtIFVSId+rBS
h+OAQ/LAui4rvSQr+TEOGUQpADgHj9a16vBWiQZL5s9jlESStSTT+93QXGeVsbVz
ChTyKzh8yiwbagkKF2Eseh986ZKBgOycUTu/wJOsCKrYpmoIhHy37dzC+DFCOmu3
a/lVY0xTlJsm5LqTXAHe5UWp/0bJB/i78vEg0EIh0TPqw322F+2sGU8izFRhrbg5
vOOulusg2igj7Us6DJ4geeXtE7NN0H5pf8sLqLVPH9rPRuy1zXvC4orQhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJJDessuC0ZBuGAh+cjic4ujmUUrMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEva2tONnl5NExSa0c0WUNINXlPSnppNk9aUlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAHxkLAwQA
WSQjAwQA1OgSMA0EAgACMAcDBQAqFGeBMA0GCSqGSIb3DQEBCwUAA4IBAQBu2fDG
mIjbZPxePcnrMmqXIye9/JYR3fyRbBFMpfyYvxcAxM0smmEWrQr5/3eA3ndFUwor
4VKdWnxwiTxZ8buutqXDyaYz9J5WozGA9AZQPEndBZ5oxo/EdliaWgWRLYWgVK54
C5mpcOWcL7ob98J/6H8nZqKmYzHJDV94/gcIc8nd62TcjmJFi07PhIsJb0sDdPVU
SKbxR/WEA4FIZ+ZUdIkPmM2sN1ZRtvYfrpRTJrGQLVEnal/hJdjYy6AX4xfLEsDH
XT8InG9Ah/NXKRiWgs1KG8u2+vWPYRKLLc/6JgK10CViYAd/xXJBObj9m3VNMon4
v8PDfgBUUDDYf9EI
-----END CERTIFICATE-----
Generated at Tue May 13 02:49:22 2025 by rpki-client