Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/U6a6Z5zXo3KMaBa0Zx7Iwotc-AU.roa
File: U6a6Z5zXo3KMaBa0Zx7Iwotc-AU.roa (raw, json)
Hash identifier: SGlSlmAN0XEOjUVpkYU5H6t49dkm2mXtfBiXXf31RN8=
Subject key identifier: 53:A6:BA:67:9C:D7:A3:72:8C:68:16:B4:67:1E:C8:C2:8B:5C:F8:05
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 01987A153DC71ED25D0185CA43B034727794
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/U6a6Z5zXo3KMaBa0Zx7Iwotc-AU.roa
Signing time: Tue 05 Aug 2025 11:54:29 +0000
ROA not before: Tue 05 Aug 2025 11:54:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a09:a501::/32 maxlen: 32
2a14:a401::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Aug 2025 12:41:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7a:15:3d:c7:1e:d2:5d:01:85:ca:43:b0:34:72:77:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Aug 5 11:54:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53a6ba679cd7a3728c6816b4671ec8c28b5cf805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:49:81:1d:5f:69:66:de:46:4e:e2:cf:31:73:
d3:47:63:74:00:1f:b4:2d:f8:b9:0c:c8:51:72:3a:
74:9d:ff:05:bd:c8:3d:31:b2:e7:f2:e4:03:b8:bb:
70:30:73:ff:cc:e0:b1:85:28:ed:d1:fd:ed:01:31:
6b:8d:f3:8d:1d:68:30:20:a6:08:2d:61:5a:31:94:
e3:fb:b3:64:c2:10:a2:73:0d:76:e1:5a:61:fe:cb:
98:10:60:cf:2c:e3:bb:73:c9:e8:a2:89:ad:95:c6:
91:da:f1:8a:32:5f:ee:f5:cd:07:a9:7c:20:53:a5:
03:fa:74:bf:02:2e:94:d7:43:e4:7c:f8:b4:de:41:
2e:42:62:17:2f:e5:2d:8f:9e:2c:ee:8b:9f:5c:40:
3b:0e:ae:03:5a:9b:4a:da:8e:38:30:ac:8d:a3:2e:
c6:1b:1b:76:2c:ea:5e:8c:cf:54:40:9e:1c:b2:98:
8d:78:9f:41:f2:73:43:81:0a:f3:dd:a1:39:4d:29:
ab:ec:0e:74:d8:b5:d1:b8:19:b4:c9:e4:9f:ce:ef:
e7:3a:83:b9:01:61:e4:5f:ee:02:42:aa:6a:1f:0b:
9a:b4:00:21:50:4a:1f:ab:94:cc:52:13:5a:ad:80:
e3:40:4d:aa:49:e5:3c:9f:74:6b:78:f9:fd:1b:2a:
c9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A6:BA:67:9C:D7:A3:72:8C:68:16:B4:67:1E:C8:C2:8B:5C:F8:05
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/U6a6Z5zXo3KMaBa0Zx7Iwotc-AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a501::/32
2a14:a401::/32
Signature Algorithm: sha256WithRSAEncryption
bd:9c:2c:ff:5d:08:4b:79:61:25:91:6d:64:0c:8d:dc:53:66:
14:1f:ca:da:63:23:1b:2b:25:51:35:79:96:a6:b1:fd:04:54:
23:dc:a6:60:f4:f1:dd:7c:83:16:c8:d6:96:42:fc:2f:8c:bb:
00:80:a4:1c:dc:9f:7f:79:3f:ff:87:92:42:0d:2b:81:32:ba:
cd:5f:0f:b3:af:f3:ff:89:12:be:24:cd:df:0f:2f:cc:66:d3:
92:89:9d:b7:7d:fa:9c:12:f3:54:62:e3:ef:b4:5b:f2:7a:eb:
e5:17:a5:64:c9:f1:ea:a4:a2:4a:6f:72:73:56:63:ed:11:b7:
73:a3:39:06:01:c9:57:9c:55:83:6b:d7:ed:d7:b1:c4:2a:28:
0a:0b:02:76:75:92:a2:e4:ea:90:d6:cc:b2:06:62:60:bc:bb:
00:67:15:55:79:d8:c2:5e:8a:06:d7:2b:2a:0f:48:3a:ca:91:
5c:81:21:c4:ea:63:0c:a5:e8:16:50:ef:e2:6d:02:74:85:54:
7b:75:d6:16:db:ab:68:3e:01:c6:2a:5f:3a:0d:c0:ed:db:87:
5c:b8:0b:6c:e6:10:00:f2:51:9b:76:aa:73:d5:dc:c3:b3:51:
c3:84:9c:cb:af:f8:79:88:1a:35:18:7c:18:f6:df:b8:8e:14:
3c:70:85:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZh6FT3HHtJdAYXKQ7A0cneUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODA1MTE1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E2YmE2NzljZDdhMzcyOGM2ODE2YjQ2NzFlYzhjMjhiNWNmODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUmBHV9pZt5GTuLPMXPTR2N0AB+0
Lfi5DMhRcjp0nf8Fvcg9MbLn8uQDuLtwMHP/zOCxhSjt0f3tATFrjfONHWgwIKYI
LWFaMZTj+7NkwhCicw124Vph/suYEGDPLOO7c8nooomtlcaR2vGKMl/u9c0HqXwg
U6UD+nS/Ai6U10PkfPi03kEuQmIXL+Utj54s7oufXEA7Dq4DWptK2o44MKyNoy7G
Gxt2LOpejM9UQJ4cspiNeJ9B8nNDgQrz3aE5TSmr7A502LXRuBm0yeSfzu/nOoO5
AWHkX+4CQqpqHwuatAAhUEofq5TMUhNarYDjQE2qSeU8n3RrePn9GyrJAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFOmumec16NyjGgWtGceyMKLXPgFMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvVTZhNlo1elhvM0tNYUJhMFp4N0l3b3RjLUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgmlAQMF
ACoUpAEwDQYJKoZIhvcNAQELBQADggEBAL2cLP9dCEt5YSWRbWQMjdxTZhQfytpj
IxsrJVE1eZamsf0EVCPcpmD08d18gxbI1pZC/C+MuwCApBzcn395P/+HkkINK4Ey
us1fD7Ov8/+JEr4kzd8PL8xm05KJnbd9+pwS81Ri4++0W/J66+UXpWTJ8eqkokpv
cnNWY+0Rt3OjOQYByVecVYNr1+3XscQqKAoLAnZ1kqLk6pDWzLIGYmC8uwBnFVV5
2MJeigbXKyoPSDrKkVyBIcTqYwyl6BZQ7+JtAnSFVHt11hbbq2g+AcYqXzoNwO3b
h1y4C2zmEADyUZt2qnPV3MOzUcOEnMuv+HmIGjUYfBj237iOFDxwhaU=
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:49:31 2025 by rpki-client