Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SxKU8_bXOS3KCB6OgB-gUDNmP_E.roa
File: SxKU8_bXOS3KCB6OgB-gUDNmP_E.roa (raw, json)
Hash identifier: OphPWPYGVbEYwP1MaoiNuZ+DbEGEJCHEPobXtL6XTGo=
Subject key identifier: 4B:12:94:F3:F6:D7:39:2D:CA:08:1E:8E:80:1F:A0:50:33:66:3F:F1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196ABDDA37AE7C77FC7407BA47806371447
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SxKU8_bXOS3KCB6OgB-gUDNmP_E.roa
Signing time: Wed 07 May 2025 17:49:11 +0000
ROA not before: Wed 07 May 2025 17:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209074
IP address blocks: 2a0e:97c0:900::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 May 2025 00:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:dd:a3:7a:e7:c7:7f:c7:40:7b:a4:78:06:37:14:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 7 17:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b1294f3f6d7392dca081e8e801fa05033663ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4c:a6:1c:c5:e0:43:6a:6e:83:97:2d:ed:5d:
0d:ba:1e:8a:61:f9:90:63:6e:a5:d3:18:73:5f:45:
24:0b:2c:25:6f:41:5f:3f:0c:78:4f:bb:03:7f:1f:
24:3c:94:7b:6c:2c:4a:d3:1a:22:e4:66:81:ec:34:
11:93:ed:f6:7f:e2:e9:04:fb:93:cf:b5:8e:b4:f0:
88:d2:30:74:1e:f7:cc:7d:1a:97:72:56:e3:8e:c4:
62:a0:50:55:bb:d0:80:da:88:77:55:89:a2:bf:ad:
24:e5:09:72:85:01:31:59:e8:21:0f:2e:f0:98:eb:
38:44:b4:24:ab:c5:b1:e6:43:32:b4:17:82:17:4d:
93:8a:c1:e1:14:91:df:84:bb:62:80:fc:a9:00:eb:
14:e5:a7:5a:b2:64:9a:fe:fb:79:77:54:fe:12:b3:
82:fc:04:7f:79:e4:d6:76:ee:60:d3:ea:e4:85:ac:
46:9a:dd:41:46:64:7e:2f:e5:50:3a:aa:b8:8d:3f:
74:ee:e8:dc:75:6d:8b:ed:28:ee:b0:c7:e3:77:7b:
1f:e0:4a:a4:e1:01:29:28:04:49:0f:85:c0:aa:65:
8a:b5:07:e3:49:65:e5:84:1e:bd:01:e1:82:0e:01:
35:2a:0a:db:7e:69:fc:52:71:d6:8e:1a:5e:db:34:
12:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:12:94:F3:F6:D7:39:2D:CA:08:1E:8E:80:1F:A0:50:33:66:3F:F1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SxKU8_bXOS3KCB6OgB-gUDNmP_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:900::/48
Signature Algorithm: sha256WithRSAEncryption
67:22:c6:44:fc:a1:f4:fd:4e:39:c8:30:aa:4e:ca:9e:2f:cb:
60:dc:67:01:b5:b4:13:3e:86:0e:3f:4e:da:d4:f9:3b:05:be:
80:c7:45:e9:f0:74:66:45:1d:bc:4f:35:a6:a6:46:95:cc:b6:
bf:08:6b:99:1d:9f:c4:08:3e:36:3b:ab:2f:32:92:4c:f4:b6:
7d:68:e5:84:46:00:60:f1:f6:a8:7c:cb:04:18:95:f7:23:9e:
ef:05:0c:98:49:50:cf:5e:00:37:a3:c2:6a:77:35:1e:96:d4:
c5:2b:0d:2a:7e:65:eb:9a:c5:67:fe:d5:1c:0d:76:37:b7:fc:
83:a6:da:0a:22:b7:a5:35:d6:6c:c4:f9:69:7f:41:60:33:db:
68:fd:aa:8f:1b:d6:72:bd:22:33:c9:7a:78:a9:1e:0f:f4:36:
0e:2e:7e:b5:74:3f:ac:e2:3f:13:33:48:01:35:49:3a:b8:7a:
9c:d0:95:4f:27:5e:00:bc:c0:30:c0:a1:2e:0a:64:d5:99:79:
af:ba:e3:9f:92:7a:9a:2a:b9:36:02:a9:e3:4b:20:39:79:c4:
c9:fc:79:18:f3:b9:f2:4b:5d:21:83:69:4b:2a:f6:61:93:0f:
0d:7b:b1:31:11:42:fa:66:e4:dc:ef:d7:26:60:c0:2b:65:ff:
3f:ca:9d:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZar3aN658d/x0B7pHgGNxRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTA3MTc0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjEyOTRmM2Y2ZDczOTJkY2EwODFlOGU4MDFmYTA1MDMzNjYzZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykymHMXgQ2pug5ct7V0Nuh6KYfmQ
Y26l0xhzX0UkCywlb0FfPwx4T7sDfx8kPJR7bCxK0xoi5GaB7DQRk+32f+LpBPuT
z7WOtPCI0jB0HvfMfRqXclbjjsRioFBVu9CA2oh3VYmiv60k5QlyhQExWeghDy7w
mOs4RLQkq8Wx5kMytBeCF02TisHhFJHfhLtigPypAOsU5adasmSa/vt5d1T+ErOC
/AR/eeTWdu5g0+rkhaxGmt1BRmR+L+VQOqq4jT907ujcdW2L7SjusMfjd3sf4Eqk
4QEpKARJD4XAqmWKtQfjSWXlhB69AeGCDgE1Kgrbfmn8UnHWjhpe2zQSNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEsSlPP21zktyggejoAfoFAzZj/xMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU3hLVThfYlhPUzNLQ0I2T2dCLWdVRE5tUF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBnIsZE/KH0/U45yDCqTsqeL8tg3GcBtbQTPoYO
P07a1Pk7Bb6Ax0Xp8HRmRR28TzWmpkaVzLa/CGuZHZ/ECD42O6svMpJM9LZ9aOWE
RgBg8faofMsEGJX3I57vBQyYSVDPXgA3o8JqdzUeltTFKw0qfmXrmsVn/tUcDXY3
t/yDptoKIrelNdZsxPlpf0FgM9to/aqPG9ZyvSIzyXp4qR4P9DYOLn61dD+s4j8T
M0gBNUk6uHqc0JVPJ14AvMAwwKEuCmTVmXmvuuOfknqaKrk2AqnjSyA5ecTJ/HkY
87nyS10hg2lLKvZhkw8Ne7ExEUL6ZuTc79cmYMArZf8/yp0C
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:04:56 2025 by rpki-client