Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LdRowkZaFYDBC5bB3D4uOPe4SPk.roa
File: LdRowkZaFYDBC5bB3D4uOPe4SPk.roa (raw, json)
Hash identifier: MTdFTWi1oYN3Nk6HyNyjv2I0/DvFokcM2+gcucOJJto=
Subject key identifier: 2D:D4:68:C2:46:5A:15:80:C1:0B:96:C1:DC:3E:2E:38:F7:B8:48:F9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196D2858FAC752E5870374CD96F309267E8
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LdRowkZaFYDBC5bB3D4uOPe4SPk.roa
Signing time: Thu 15 May 2025 05:58:10 +0000
ROA not before: Thu 15 May 2025 05:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57433
IP address blocks: 2a02:2fc0::/48 maxlen: 48
2a02:2fc0:1::/48 maxlen: 48
2a02:2fc0:3::/48 maxlen: 48
2a02:2fc0:a::/48 maxlen: 48
2a02:2fc0:b::/48 maxlen: 48
2a02:2fc1:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Jun 2025 10:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:85:8f:ac:75:2e:58:70:37:4c:d9:6f:30:92:67:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 15 05:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dd468c2465a1580c10b96c1dc3e2e38f7b848f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:41:dd:00:05:1a:ba:a3:bb:14:f9:67:3b:4e:
b8:42:c2:19:ee:b6:a2:af:cc:d9:e0:5e:ad:b4:db:
e1:18:f8:8a:ae:4c:84:d8:c7:58:52:ec:08:5c:a8:
25:70:c5:4e:e7:43:b3:bc:2c:88:38:9c:05:87:08:
df:84:56:03:f9:30:30:c3:fd:be:c8:2b:c2:92:15:
e0:39:a0:0e:36:21:b3:d1:e5:b5:36:39:4b:00:12:
c2:e1:69:3e:02:3c:a3:c4:d7:c4:55:d6:5c:14:77:
20:a0:26:6b:36:63:02:cb:3e:db:3a:8d:6d:0a:55:
d8:b1:6d:30:ee:bb:5d:c8:a3:26:5d:9a:7c:f8:07:
f9:a1:02:64:8b:05:ea:2b:91:2a:3a:b8:62:74:80:
82:d2:f6:75:16:3d:ec:01:93:a9:fc:1d:04:74:ab:
d9:32:0f:c1:a4:29:79:38:38:b3:f0:85:50:7f:5c:
cf:54:1b:8c:b9:f9:5e:8f:63:21:9b:00:35:5d:92:
58:19:7c:e2:f9:9b:ed:ca:f1:43:9b:c7:0b:85:50:
fb:01:45:4c:70:ac:5b:7b:ac:28:d1:4c:35:ce:9b:
af:37:2e:05:a1:87:ef:ef:14:fe:5c:e3:b2:85:d4:
a8:ed:47:eb:d2:51:b7:02:7e:98:4d:cf:51:a3:40:
27:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D4:68:C2:46:5A:15:80:C1:0B:96:C1:DC:3E:2E:38:F7:B8:48:F9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LdRowkZaFYDBC5bB3D4uOPe4SPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2fc0::/47
2a02:2fc0:3::/48
2a02:2fc0:a::/47
2a02:2fc1:1::/48
Signature Algorithm: sha256WithRSAEncryption
cd:21:1c:e7:bc:e2:3d:1c:6d:e9:1d:7d:61:28:cb:ef:51:89:
f5:b6:e9:a8:7c:d5:e9:ad:90:86:30:be:e9:57:55:84:84:af:
fc:a8:c8:b0:58:d8:e3:d1:b3:39:66:b9:7f:fc:e8:ce:f4:7e:
84:95:0a:c0:e4:2c:6c:4a:b9:2c:dd:4b:81:cf:2f:39:86:38:
4d:36:3a:73:f2:4e:2d:5a:a1:00:fd:a5:e2:ee:9a:9e:66:8b:
ea:60:ef:00:6c:44:20:d4:a3:06:7e:17:9d:d3:fe:d2:81:b9:
09:a5:ed:88:c1:a4:13:dc:30:55:9f:f0:c9:52:32:fd:58:b7:
b4:91:b3:98:ce:eb:d3:3a:a5:de:50:d5:38:44:61:67:b3:72:
74:8a:97:ca:ab:43:ad:88:2e:e4:77:71:84:df:21:c4:b2:8e:
c5:02:d2:ca:53:7d:c1:c8:b4:db:09:28:84:37:3a:7a:46:12:
ad:0a:25:7d:f4:79:f9:a2:34:49:b1:0f:03:05:f4:5e:3c:fd:
5d:fd:c9:a5:d0:06:f6:5f:7b:21:b0:e6:ad:a5:9f:45:5d:15:
9b:03:3a:2f:a1:7a:23:f6:84:e3:92:23:17:d9:1b:0b:26:a4:
1a:2f:30:43:9a:67:71:8c:f4:ea:5f:ec:67:7b:ad:6d:1d:ca:
2d:88:bc:49
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbShY+sdS5YcDdM2W8wkmfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTE1MDU1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ0NjhjMjQ2NWExNTgwYzEwYjk2YzFkYzNlMmUzOGY3Yjg0OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEHdAAUauqO7FPlnO064QsIZ7rai
r8zZ4F6ttNvhGPiKrkyE2MdYUuwIXKglcMVO50OzvCyIOJwFhwjfhFYD+TAww/2+
yCvCkhXgOaAONiGz0eW1NjlLABLC4Wk+AjyjxNfEVdZcFHcgoCZrNmMCyz7bOo1t
ClXYsW0w7rtdyKMmXZp8+Af5oQJkiwXqK5EqOrhidICC0vZ1Fj3sAZOp/B0EdKvZ
Mg/BpCl5ODiz8IVQf1zPVBuMuflej2MhmwA1XZJYGXzi+ZvtyvFDm8cLhVD7AUVM
cKxbe6wo0Uw1zpuvNy4FoYfv7xT+XOOyhdSo7Ufr0lG3An6YTc9Ro0AniQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC3UaMJGWhWAwQuWwdw+Ljj3uEj5MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTGRSb3drWmFGWURCQzViQjNENHVPUGU0U1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcBKgIvwAAA
AwcAKgIvwAADAwcBKgIvwAAKAwcAKgIvwQABMA0GCSqGSIb3DQEBCwUAA4IBAQDN
IRznvOI9HG3pHX1hKMvvUYn1tumofNXprZCGML7pV1WEhK/8qMiwWNjj0bM5Zrl/
/OjO9H6ElQrA5CxsSrks3UuBzy85hjhNNjpz8k4tWqEA/aXi7pqeZovqYO8AbEQg
1KMGfhed0/7SgbkJpe2IwaQT3DBVn/DJUjL9WLe0kbOYzuvTOqXeUNU4RGFns3J0
ipfKq0OtiC7kd3GE3yHEso7FAtLKU33ByLTbCSiENzp6RhKtCiV99Hn5ojRJsQ8D
BfRePP1d/cml0Ab2X3shsOatpZ9FXRWbAzovoXoj9oTjkiMX2RsLJqQaLzBDmmdx
jPTqX+xne61tHcotiLxJ
-----END CERTIFICATE-----
Generated at Mon Jun 16 00:06:30 2025 by rpki-client