Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/KyiU443LDA2nnTPDldQgzk6fG30.roa
File: KyiU443LDA2nnTPDldQgzk6fG30.roa (raw, json)
Hash identifier: qDT4Q3sHzGiVokkDO2Yv55Rkb3m2duKNy7PZfNFuSwE=
Subject key identifier: 2B:28:94:E3:8D:CB:0C:0D:A7:9D:33:C3:95:D4:20:CE:4E:9F:1B:7D
Certificate issuer: /CN=b8207697d0b7c24199e6dd1282b49b56cef0244f
Certificate serial: 01968077B2D8579E9A18BA1B727EC8C4C186
Authority key identifier: B8:20:76:97:D0:B7:C2:41:99:E6:DD:12:82:B4:9B:56:CE:F0:24:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/KyiU443LDA2nnTPDldQgzk6fG30.roa
Signing time: Tue 29 Apr 2025 07:34:10 +0000
ROA not before: Tue 29 Apr 2025 07:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60651
IP address blocks: 194.38.8.0/24 maxlen: 24
194.38.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 08:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:77:b2:d8:57:9e:9a:18:ba:1b:72:7e:c8:c4:c1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8207697d0b7c24199e6dd1282b49b56cef0244f
Validity
Not Before: Apr 29 07:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b2894e38dcb0c0da79d33c395d420ce4e9f1b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e9:bb:d9:a3:05:17:e3:57:10:da:a9:04:47:
bd:94:56:45:78:85:87:62:d3:7c:52:af:72:62:86:
5b:98:bb:f4:f0:87:77:26:11:f4:9d:8a:88:dc:95:
8a:ba:75:0f:00:d0:95:e2:b0:30:eb:51:8c:d2:0a:
f1:c4:7f:57:a2:47:39:95:86:89:09:06:f0:ac:a8:
f7:bf:6c:33:85:e4:a4:e7:1a:0d:b8:b6:50:fc:6e:
61:a9:96:4f:fd:a7:b3:ec:af:61:b2:4b:c0:5f:ab:
1a:bb:55:96:14:3b:38:2d:88:a6:4f:0a:c6:d8:11:
7f:9b:19:da:38:60:89:94:3a:b1:92:f8:13:7f:11:
83:d8:d7:dd:af:85:0d:16:8e:83:40:f4:40:8c:ab:
16:12:12:c6:0c:49:84:36:6d:80:4c:6e:17:ac:f9:
3b:7b:87:7f:21:b4:fa:dd:39:5f:ac:2f:8e:b9:db:
81:82:c0:da:e7:a8:a1:99:c9:f9:1a:ae:9d:2a:39:
1f:2c:5f:93:66:4f:33:a0:8c:a2:cb:fe:99:3a:6b:
c4:4d:0f:d4:31:f1:c6:28:f8:d6:cb:dc:1b:8c:6c:
d8:b3:60:51:64:59:64:4d:76:c0:b3:7b:20:98:45:
b4:c5:8f:44:73:70:06:04:ac:bf:8d:c9:b7:03:13:
94:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:28:94:E3:8D:CB:0C:0D:A7:9D:33:C3:95:D4:20:CE:4E:9F:1B:7D
X509v3 Authority Key Identifier:
keyid:B8:20:76:97:D0:B7:C2:41:99:E6:DD:12:82:B4:9B:56:CE:F0:24:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/KyiU443LDA2nnTPDldQgzk6fG30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.8.0/24
194.38.10.0/24
Signature Algorithm: sha256WithRSAEncryption
f3:af:7d:b6:bd:3e:db:5f:df:eb:0c:cb:b6:20:47:0c:d9:f5:
8c:81:f5:73:53:2c:c2:ea:d3:57:db:53:cb:f6:40:d0:92:dd:
63:d3:56:6e:4a:a3:39:c6:8f:9c:ff:3e:bb:04:60:3b:64:21:
97:5e:d9:9a:ed:90:6f:ef:b5:9a:91:fb:32:61:e2:ba:df:d7:
77:2e:9b:1a:15:a0:bc:2c:52:11:15:39:20:9e:d2:da:65:c5:
7b:8f:25:4b:41:7d:9d:57:80:e3:e0:f9:a0:f0:3c:c3:5b:fd:
fd:8e:09:62:20:e2:af:de:a5:68:08:59:15:64:b2:3e:5c:67:
4a:7d:3a:37:bd:72:f6:8f:be:1f:2c:f1:13:e8:73:23:78:38:
a6:90:bd:ad:62:85:fe:9b:c3:82:1a:e9:40:d9:2c:51:1a:bb:
e4:e9:6b:ba:7a:1e:ec:e2:1d:9b:9a:ec:a9:eb:8e:f0:6c:06:
72:b5:84:11:9a:91:2d:6c:64:61:64:22:7c:54:47:70:3b:61:
15:b4:d3:cb:79:f2:7d:8b:cc:e7:07:fc:7e:1f:78:a3:d1:b8:
5f:39:02:72:f3:86:27:7b:aa:31:4b:d7:74:16:9e:57:79:d3:
32:f1:40:ea:38:db:cb:c4:35:85:8b:c5:d6:12:04:16:40:b1:
9c:dd:79:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaAd7LYV56aGLobcn7IxMGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MjA3Njk3ZDBiN2MyNDE5OWU2ZGQxMjgyYjQ5YjU2Y2Vm
MDI0NGYwHhcNMjUwNDI5MDczNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI4OTRlMzhkY2IwYzBkYTc5ZDMzYzM5NWQ0MjBjZTRlOWYxYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOm72aMFF+NXENqpBEe9lFZFeIWH
YtN8Uq9yYoZbmLv08Id3JhH0nYqI3JWKunUPANCV4rAw61GM0grxxH9Xokc5lYaJ
CQbwrKj3v2wzheSk5xoNuLZQ/G5hqZZP/aez7K9hskvAX6sau1WWFDs4LYimTwrG
2BF/mxnaOGCJlDqxkvgTfxGD2Nfdr4UNFo6DQPRAjKsWEhLGDEmENm2ATG4XrPk7
e4d/IbT63TlfrC+OuduBgsDa56ihmcn5Gq6dKjkfLF+TZk8zoIyiy/6ZOmvETQ/U
MfHGKPjWy9wbjGzYs2BRZFlkTXbAs3sgmEW0xY9Ec3AGBKy/jcm3AxOUdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCsolOONywwNp50zw5XUIM5Onxt9MB8GA1UdIwQY
MBaAFLggdpfQt8JBmebdEoK0m1bO8CRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUNCMmw5QzN3a0daNXQwU2dyU2JWczd3SkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9iOTkzZWYtYWFhNy00MDBjLThkYjct
OTZkMzA0YzhkYjAyLzEvS3lpVTQ0M0xEQTJublRQRGxkUWd6azZmRzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9iOTkzZWYtYWFhNy00MDBjLThkYjctOTZkMzA0YzhkYjAy
LzEvdUNCMmw5QzN3a0daNXQwU2dyU2JWczd3SkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiYIAwQA
wiYKMA0GCSqGSIb3DQEBCwUAA4IBAQDzr322vT7bX9/rDMu2IEcM2fWMgfVzUyzC
6tNX21PL9kDQkt1j01ZuSqM5xo+c/z67BGA7ZCGXXtma7ZBv77WakfsyYeK639d3
LpsaFaC8LFIRFTkgntLaZcV7jyVLQX2dV4Dj4Pmg8DzDW/39jgliIOKv3qVoCFkV
ZLI+XGdKfTo3vXL2j74fLPET6HMjeDimkL2tYoX+m8OCGulA2SxRGrvk6Wu6eh7s
4h2bmuyp647wbAZytYQRmpEtbGRhZCJ8VEdwO2EVtNPLefJ9i8znB/x+H3ij0bhf
OQJy84Yne6oxS9d0Fp5XedMy8UDqONvLxDWFi8XWEgQWQLGc3Xlf
-----END CERTIFICATE-----
Generated at Thu May 15 23:43:51 2025 by rpki-client