Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/F7XPncF3lOmk2WAyxPrCHO_VksY.roa
File: F7XPncF3lOmk2WAyxPrCHO_VksY.roa (raw, json)
Hash identifier: W3kliR9CS3gX6V9OgpEAruFnkVoMSJP+XFQhJtAUbOg=
Subject key identifier: 17:B5:CF:9D:C1:77:94:E9:A4:D9:60:32:C4:FA:C2:1C:EF:D5:92:C6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196388F38601E8C47B58885A71D32F803E9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/F7XPncF3lOmk2WAyxPrCHO_VksY.roa
Signing time: Tue 15 Apr 2025 08:27:12 +0000
ROA not before: Tue 15 Apr 2025 08:27:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 515137
IP address blocks: 2a10:2f00:167::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Apr 2025 11:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:8f:38:60:1e:8c:47:b5:88:85:a7:1d:32:f8:03:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 15 08:27:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b5cf9dc17794e9a4d96032c4fac21cefd592c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bc:17:27:51:5c:08:3f:d3:a7:4a:28:e5:87:
db:e6:92:c3:2d:d4:31:64:0b:94:02:c4:0a:78:91:
73:f5:e0:a7:df:1b:af:2e:6a:db:d9:f0:68:ce:56:
0c:d8:3f:13:f9:5c:0f:e2:d5:1f:18:27:31:70:7a:
00:b7:5e:7e:a5:4a:55:81:95:96:1c:7b:bc:da:e6:
b3:45:62:30:ee:04:cc:96:55:81:da:0e:ee:4a:00:
db:92:b7:91:bc:95:ea:0d:1d:13:9c:7e:78:29:85:
2a:05:eb:e8:ad:81:7c:61:d3:17:cd:e3:18:ed:e7:
2c:21:1c:dc:3a:bb:b0:38:35:98:ec:93:d0:86:1b:
a4:e8:35:ed:54:a4:28:1b:58:4f:9f:5c:0d:cb:d5:
75:da:3a:6b:47:67:28:78:b3:86:39:cf:84:25:a1:
2f:02:65:4d:91:42:bd:28:b6:f7:6b:f9:67:d6:37:
d6:c0:7c:50:68:9b:bf:f8:f2:3a:3b:60:12:fa:b2:
e7:d0:04:21:dd:ec:ba:9c:4b:53:74:e5:14:6d:12:
cf:78:a0:40:3b:6b:f3:af:80:c5:a9:28:b1:58:54:
50:85:10:af:6c:23:69:fd:cd:09:df:d7:92:50:36:
68:bd:77:76:54:14:46:81:f6:9f:78:8d:5a:62:b3:
b7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B5:CF:9D:C1:77:94:E9:A4:D9:60:32:C4:FA:C2:1C:EF:D5:92:C6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/F7XPncF3lOmk2WAyxPrCHO_VksY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:167::/48
Signature Algorithm: sha256WithRSAEncryption
04:61:f9:44:fe:03:1f:c4:d5:eb:10:cb:c0:62:08:16:e0:94:
c8:24:91:85:32:ab:d0:c0:21:0b:f8:81:1a:8e:67:9e:30:85:
2f:38:c6:1a:28:96:ea:c0:f0:89:d1:9d:77:b2:bd:c4:c2:51:
37:b9:96:cc:2e:a5:3b:60:65:80:c9:52:b4:ef:79:e4:ab:1f:
5a:18:34:3c:71:05:3f:e9:49:4c:0b:f7:2e:05:f7:d3:b8:5a:
1d:5f:b8:ab:8b:03:ed:3b:60:4b:e2:fb:49:7e:ab:3d:32:3e:
30:f4:e5:c5:3d:04:9f:ae:ae:f9:1f:5a:bf:0b:0c:65:56:e5:
bb:bd:f2:2f:74:af:83:2a:a2:89:ed:87:5f:73:e3:42:1e:77:
4d:93:d3:78:4c:b0:0c:c7:d4:e4:92:96:d0:ce:28:fb:06:7d:
3f:02:2a:a6:25:3e:1b:71:25:7f:dc:46:e8:ec:2e:b4:be:24:
bc:98:1b:32:6a:c5:be:e6:4b:b0:ff:79:6e:a2:79:1d:a3:e4:
92:b2:a8:7e:6d:d7:15:c9:ac:43:9c:a0:3d:da:2c:9c:38:33:
d4:74:76:06:3e:bd:6d:2d:d2:5b:67:d9:99:a1:3f:50:dd:7c:
40:6b:ee:1b:1b:98:99:0b:cd:4c:6d:21:78:5c:3a:b6:ab:79:
71:76:f8:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZY4jzhgHoxHtYiFpx0y+APpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNDE1MDgyNzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I1Y2Y5ZGMxNzc5NGU5YTRkOTYwMzJjNGZhYzIxY2VmZDU5MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7wXJ1FcCD/Tp0oo5Yfb5pLDLdQx
ZAuUAsQKeJFz9eCn3xuvLmrb2fBozlYM2D8T+VwP4tUfGCcxcHoAt15+pUpVgZWW
HHu82uazRWIw7gTMllWB2g7uSgDbkreRvJXqDR0TnH54KYUqBevorYF8YdMXzeMY
7ecsIRzcOruwODWY7JPQhhuk6DXtVKQoG1hPn1wNy9V12jprR2coeLOGOc+EJaEv
AmVNkUK9KLb3a/ln1jfWwHxQaJu/+PI6O2AS+rLn0AQh3ey6nEtTdOUUbRLPeKBA
O2vzr4DFqSixWFRQhRCvbCNp/c0J39eSUDZovXd2VBRGgfafeI1aYrO3vwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBe1z53Bd5TppNlgMsT6whzv1ZLGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRjdYUG5jRjNsT21rMldBeXhQckNIT19Wa3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAFn
MA0GCSqGSIb3DQEBCwUAA4IBAQAEYflE/gMfxNXrEMvAYggW4JTIJJGFMqvQwCEL
+IEajmeeMIUvOMYaKJbqwPCJ0Z13sr3EwlE3uZbMLqU7YGWAyVK073nkqx9aGDQ8
cQU/6UlMC/cuBffTuFodX7iriwPtO2BL4vtJfqs9Mj4w9OXFPQSfrq75H1q/Cwxl
VuW7vfIvdK+DKqKJ7Ydfc+NCHndNk9N4TLAMx9TkkpbQzij7Bn0/AiqmJT4bcSV/
3Ebo7C60viS8mBsyasW+5kuw/3luonkdo+SSsqh+bdcVyaxDnKA92iycODPUdHYG
Pr1tLdJbZ9mZoT9Q3XxAa+4bG5iZC81MbSF4XDq2q3lxdvj0
-----END CERTIFICATE-----
Generated at Thu Jun 19 01:23:14 2025 by rpki-client