Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/1OOyGe05QC3rpvExufmfCn97zEE.roa
File: 1OOyGe05QC3rpvExufmfCn97zEE.roa (raw, json)
Hash identifier: QEvgBiYUTEv2aBB0YVCep2mYyISObmabBCBNt7YfURI=
Subject key identifier: D4:E3:B2:19:ED:39:40:2D:EB:A6:F1:31:B9:F9:9F:0A:7F:7B:CC:41
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019857C66A9BF12F23919632851C63687B47
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/1OOyGe05QC3rpvExufmfCn97zEE.roa
Signing time: Tue 29 Jul 2025 20:01:17 +0000
ROA not before: Tue 29 Jul 2025 20:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a05:1e40::/32 maxlen: 32
2a06:4380::/32 maxlen: 32
2a09:c700::/32 maxlen: 32
2a09:e702::/32 maxlen: 32
2a0e:3f40::/32 maxlen: 32
2a0e:5881::/32 maxlen: 32
2a0f:1807::/32 maxlen: 32
2a12:2fc6::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 04 Aug 2025 19:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:57:c6:6a:9b:f1:2f:23:91:96:32:85:1c:63:68:7b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Jul 29 20:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4e3b219ed39402deba6f131b9f99f0a7f7bcc41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ff:a5:e8:ca:10:46:9a:bc:86:11:42:10:68:
7b:96:5e:4a:c0:3e:0b:80:b1:3e:bc:0c:3a:f6:5c:
2d:63:f7:06:32:ae:c3:e2:e0:0b:72:0f:b1:af:3d:
46:8d:c9:cc:38:b6:39:32:04:61:a8:73:13:06:b2:
2c:3f:d3:8f:4d:41:04:96:65:96:e0:08:10:8c:bb:
cd:55:0e:85:bd:18:70:88:9f:24:35:db:c1:3c:b7:
a2:c9:fe:f7:ba:83:b5:e9:38:d1:2e:87:69:7a:a7:
35:6c:f1:8b:19:7d:24:5a:06:79:f0:4b:70:b4:22:
75:5d:8e:66:b8:0b:19:fe:98:73:f1:21:ff:43:eb:
cb:c1:fd:d4:b0:69:56:f6:a1:91:b5:ca:2e:ec:14:
a5:ef:ba:e8:c2:53:73:59:0d:f9:81:f4:01:d3:0c:
c5:96:88:74:97:81:ce:8d:14:b2:23:65:2f:da:cd:
9f:14:51:b0:69:e4:4f:79:02:19:d9:df:bc:93:58:
cc:94:f7:ce:8f:48:66:f7:b6:da:35:c1:86:37:36:
65:83:b5:28:a4:0b:f1:2f:49:3a:fd:e8:fb:8b:21:
50:ec:7f:5c:b4:a4:7a:d9:ae:97:4b:29:2d:ab:1e:
68:58:a3:81:4a:97:39:ac:15:af:99:5e:e9:61:59:
40:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E3:B2:19:ED:39:40:2D:EB:A6:F1:31:B9:F9:9F:0A:7F:7B:CC:41
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/1OOyGe05QC3rpvExufmfCn97zEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1e40::/32
2a06:4380::/32
2a09:c700::/32
2a09:e702::/32
2a0e:3f40::/32
2a0e:5881::/32
2a0f:1807::/32
2a12:2fc6::/32
Signature Algorithm: sha256WithRSAEncryption
55:4b:57:71:db:7c:67:26:b0:77:f4:29:1b:e9:19:99:a6:dd:
57:59:64:68:28:3b:5f:b7:51:27:f0:83:48:a3:4d:11:9a:34:
24:5a:57:85:ca:10:e4:79:c6:38:98:39:a5:6e:9f:f7:4b:25:
0e:c7:4b:81:a1:8c:25:d8:db:bb:f3:57:53:9c:28:5b:6c:51:
c9:71:22:e3:f6:ae:dd:0f:19:9d:c1:f9:d1:8b:f9:25:26:1b:
af:b3:18:81:fc:97:f1:5e:68:97:b8:a4:6e:44:3a:39:c2:35:
e0:92:1f:b4:33:ca:aa:6f:0a:30:2d:f6:cd:bf:ea:6d:7f:61:
2b:47:6f:ea:2c:b6:70:67:be:6c:52:64:02:cb:71:58:7b:95:
cf:a9:01:09:3d:16:bd:8f:0e:38:80:c1:3f:07:5d:46:0c:70:
96:08:b3:83:26:f3:2f:2c:33:8b:03:24:f0:29:ea:55:3e:95:
93:0b:9b:e0:0c:14:e3:5b:3f:18:6f:43:97:30:09:7a:9e:a1:
d5:18:ba:86:1f:0e:c4:32:e3:8b:fc:ee:3c:ce:7e:9e:0f:49:
be:9e:47:71:bd:7e:af:2d:95:a1:7b:db:94:f7:8e:a4:ac:c1:
ab:33:79:dd:c7:a9:c5:49:a8:3a:a9:d2:ac:3e:a5:42:83:5e:
dd:c5:c4:1d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZhXxmqb8S8jkZYyhRxjaHtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwNzI5MjAwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGUzYjIxOWVkMzk0MDJkZWJhNmYxMzFiOWY5OWYwYTdmN2JjYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/+l6MoQRpq8hhFCEGh7ll5KwD4L
gLE+vAw69lwtY/cGMq7D4uALcg+xrz1GjcnMOLY5MgRhqHMTBrIsP9OPTUEElmWW
4AgQjLvNVQ6FvRhwiJ8kNdvBPLeiyf73uoO16TjRLodpeqc1bPGLGX0kWgZ58Etw
tCJ1XY5muAsZ/phz8SH/Q+vLwf3UsGlW9qGRtcou7BSl77rowlNzWQ35gfQB0wzF
loh0l4HOjRSyI2Uv2s2fFFGwaeRPeQIZ2d+8k1jMlPfOj0hm97baNcGGNzZlg7Uo
pAvxL0k6/ej7iyFQ7H9ctKR62a6XSyktqx5oWKOBSpc5rBWvmV7pYVlAkQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNTjshntOUAt66bxMbn5nwp/e8xBMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvMU9PeUdlMDVRQzNycHZFeHVmbWZDbjk3ekVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKgUeQAMF
ACoGQ4ADBQAqCccAAwUAKgnnAgMFACoOP0ADBQAqDliBAwUAKg8YBwMFACoSL8Yw
DQYJKoZIhvcNAQELBQADggEBAFVLV3HbfGcmsHf0KRvpGZmm3VdZZGgoO1+3USfw
g0ijTRGaNCRaV4XKEOR5xjiYOaVun/dLJQ7HS4GhjCXY27vzV1OcKFtsUclxIuP2
rt0PGZ3B+dGL+SUmG6+zGIH8l/FeaJe4pG5EOjnCNeCSH7QzyqpvCjAt9s2/6m1/
YStHb+ostnBnvmxSZALLcVh7lc+pAQk9Fr2PDjiAwT8HXUYMcJYIs4Mm8y8sM4sD
JPAp6lU+lZMLm+AMFONbPxhvQ5cwCXqeodUYuoYfDsQy44v87jzOfp4PSb6eR3G9
fq8tlaF725T3jqSswaszed3HqcVJqDqp0qw+pUKDXt3FxB0=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:19:47 2025 by rpki-client