Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/e4d20f-6dc8-497d-a8d6-9dddd6802088/1/khAq5tiQQ2NkUdqkECQiSRSaXvU.roa
File: khAq5tiQQ2NkUdqkECQiSRSaXvU.roa (raw, json)
Hash identifier: oMKUxrTP4dXhvMPE+TywmGD83jOA1nuqX4o8AOm2tk4=
Subject key identifier: 92:10:2A:E6:D8:90:43:63:64:51:DA:A4:10:24:22:49:14:9A:5E:F5
Certificate issuer: /CN=b63a3094439cac0f555701286cd54373bce6cb50
Certificate serial: 019613C88219EC3AE21E43993B5CC0093B2C
Authority key identifier: B6:3A:30:94:43:9C:AC:0F:55:57:01:28:6C:D5:43:73:BC:E6:CB:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjowlEOcrA9VVwEobNVDc7zmy1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/e4d20f-6dc8-497d-a8d6-9dddd6802088/1/khAq5tiQQ2NkUdqkECQiSRSaXvU.roa
Signing time: Tue 08 Apr 2025 05:03:49 +0000
ROA not before: Tue 08 Apr 2025 05:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211995
IP address blocks: 130.0.11.0/24 maxlen: 24
130.0.12.0/24 maxlen: 24
130.0.13.0/24 maxlen: 24
130.0.14.0/24 maxlen: 24
130.0.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 12:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:13:c8:82:19:ec:3a:e2:1e:43:99:3b:5c:c0:09:3b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b63a3094439cac0f555701286cd54373bce6cb50
Validity
Not Before: Apr 8 05:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92102ae6d89043636451daa410242249149a5ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:b7:50:38:75:3c:76:34:b0:65:bc:c7:a2:
64:1d:cc:dd:ff:f8:3b:1d:76:2e:0f:5c:2a:70:c6:
25:31:dc:37:7c:54:cf:ab:96:e6:19:ad:2a:28:e7:
72:02:29:cc:9d:8f:6d:ae:9d:45:e4:50:ee:ed:15:
95:ef:16:99:41:6a:e8:20:ef:2f:cd:a0:e7:dd:e7:
53:17:c0:fe:96:cd:6b:bb:a6:0e:1d:80:cd:67:84:
f7:e9:a3:4c:b4:8a:91:ec:ca:2f:24:5b:f9:6b:f2:
d3:7b:a4:49:02:f3:6a:12:70:ff:f1:42:a0:d5:bc:
ed:ec:ea:c2:a0:82:45:4a:2b:6c:36:19:6d:9b:36:
85:f6:96:fe:8c:75:8a:c9:14:fb:c6:9c:4b:bc:22:
7f:c2:c6:b7:21:6d:e3:02:61:4b:70:4e:fe:d1:b5:
cf:eb:09:4b:13:92:b6:2f:15:a6:54:e5:a6:c3:3d:
61:ca:c6:0e:c2:1e:5a:79:c3:4f:c7:ab:bf:da:a0:
08:7b:26:a7:46:40:a0:6b:ea:04:5f:8a:7b:d6:93:
30:d1:3a:49:1e:c9:fa:57:e7:12:a7:5e:76:c7:14:
aa:68:b8:2d:fd:9c:6c:ca:77:14:41:66:56:11:f9:
5d:e8:47:c0:76:a3:92:7c:78:d6:4a:4b:70:12:0f:
18:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:10:2A:E6:D8:90:43:63:64:51:DA:A4:10:24:22:49:14:9A:5E:F5
X509v3 Authority Key Identifier:
keyid:B6:3A:30:94:43:9C:AC:0F:55:57:01:28:6C:D5:43:73:BC:E6:CB:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjowlEOcrA9VVwEobNVDc7zmy1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/e4d20f-6dc8-497d-a8d6-9dddd6802088/1/khAq5tiQQ2NkUdqkECQiSRSaXvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/e4d20f-6dc8-497d-a8d6-9dddd6802088/1/tjowlEOcrA9VVwEobNVDc7zmy1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.11.0-130.0.15.255
Signature Algorithm: sha256WithRSAEncryption
7c:78:73:9c:2c:19:44:3c:48:be:bc:6b:d8:af:42:f3:df:28:
0f:48:ce:6a:97:4c:96:ff:e8:3a:e2:be:fb:22:1c:c1:5a:3c:
e9:f6:9e:99:2f:96:e0:75:88:d1:8a:13:a6:27:07:43:7e:bb:
d3:dc:e8:6b:cc:7b:f7:ce:3f:ae:0d:ed:5e:84:af:fa:5d:f5:
1e:9c:92:f7:80:1a:18:20:6f:20:80:cf:4d:aa:98:5c:7d:ea:
4b:af:df:2d:4d:3b:8b:64:39:9c:9d:77:48:a7:ed:6c:ec:b2:
a4:5c:7b:0a:70:0d:ba:2a:3a:07:a4:72:56:83:54:82:b4:c3:
2c:38:e7:9e:69:8c:dc:6c:0d:13:1e:0c:a3:4d:ce:c1:8e:d4:
a4:52:10:e0:4f:ef:16:bd:f3:26:5a:8c:96:36:db:7e:d4:71:
fc:6c:f1:6e:ec:52:7f:66:f3:51:60:92:c4:66:05:2e:b1:4b:
0c:e8:99:d3:58:42:bc:34:a3:d2:65:6b:07:e1:61:fb:5d:ff:
f4:a8:09:ad:5f:65:82:b8:43:6b:ab:b6:91:e6:36:83:05:61:
c4:4c:51:33:1f:2c:c6:04:39:d7:40:e1:28:2a:74:bd:3f:fe:
4f:4b:3a:82:d0:ef:45:96:fb:59:7e:91:8d:0e:ff:36:7e:00:
26:96:e4:58
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYTyIIZ7DriHkOZO1zACTssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2EzMDk0NDM5Y2FjMGY1NTU3MDEyODZjZDU0MzczYmNl
NmNiNTAwHhcNMjUwNDA4MDUwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjEwMmFlNmQ4OTA0MzYzNjQ1MWRhYTQxMDI0MjI0OTE0OWE1ZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDG3UDh1PHY0sGW8x6JkHczd//g7
HXYuD1wqcMYlMdw3fFTPq5bmGa0qKOdyAinMnY9trp1F5FDu7RWV7xaZQWroIO8v
zaDn3edTF8D+ls1ru6YOHYDNZ4T36aNMtIqR7MovJFv5a/LTe6RJAvNqEnD/8UKg
1bzt7OrCoIJFSitsNhltmzaF9pb+jHWKyRT7xpxLvCJ/wsa3IW3jAmFLcE7+0bXP
6wlLE5K2LxWmVOWmwz1hysYOwh5aecNPx6u/2qAIeyanRkCga+oEX4p71pMw0TpJ
Hsn6V+cSp152xxSqaLgt/ZxsyncUQWZWEfld6EfAdqOSfHjWSktwEg8YawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJIQKubYkENjZFHapBAkIkkUml71MB8GA1UdIwQY
MBaAFLY6MJRDnKwPVVcBKGzVQ3O85stQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpvd2xFT2NyQTlWVndFb2JOVkRjN3pteTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9lNGQyMGYtNmRjOC00OTdkLWE4ZDYt
OWRkZGQ2ODAyMDg4LzEva2hBcTV0aVFRMk5rVWRxa0VDUWlTUlNhWHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9lNGQyMGYtNmRjOC00OTdkLWE4ZDYtOWRkZGQ2ODAyMDg4
LzEvdGpvd2xFT2NyQTlWVndFb2JOVkRjN3pteTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACCAAsD
BASCAAAwDQYJKoZIhvcNAQELBQADggEBAHx4c5wsGUQ8SL68a9ivQvPfKA9IzmqX
TJb/6DrivvsiHMFaPOn2npkvluB1iNGKE6YnB0N+u9Pc6GvMe/fOP64N7V6Er/pd
9R6ckveAGhggbyCAz02qmFx96kuv3y1NO4tkOZydd0in7WzssqRcewpwDboqOgek
claDVIK0wyw4555pjNxsDRMeDKNNzsGO1KRSEOBP7xa98yZajJY2237Ucfxs8W7s
Un9m81FgksRmBS6xSwzomdNYQrw0o9JlawfhYftd//SoCa1fZYK4Q2urtpHmNoMF
YcRMUTMfLMYEOddA4SgqdL0//k9LOoLQ70WW+1l+kY0O/zZ+ACaW5Fg=
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:29:14 2025 by rpki-client