Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UlZL9M_rJhXFerRgL1ckeC52dKU.roa
File: UlZL9M_rJhXFerRgL1ckeC52dKU.roa (raw, json)
Hash identifier: Es7yXOT2PAM4J8oKIoeBmEYPeCFF+VKxLPgDEdDwBHw=
Subject key identifier: 52:56:4B:F4:CF:EB:26:15:C5:7A:B4:60:2F:57:24:78:2E:76:74:A5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196B003A50B25A5D05189A71D5E21D85E92
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UlZL9M_rJhXFerRgL1ckeC52dKU.roa
Signing time: Thu 08 May 2025 13:09:10 +0000
ROA not before: Thu 08 May 2025 13:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214971
IP address blocks: 2a06:de02:1a00::/44 maxlen: 48
2a06:de02:1a01::/48 maxlen: 48
2a06:de02:1a05::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 May 2025 22:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b0:03:a5:0b:25:a5:d0:51:89:a7:1d:5e:21:d8:5e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 8 13:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52564bf4cfeb2615c57ab4602f5724782e7674a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a8:6f:93:7d:80:01:ad:d9:58:5c:35:8f:7b:
9b:c9:72:92:47:3a:09:62:bb:3d:19:3b:21:7a:cb:
8b:53:98:a7:8b:07:d7:18:df:d7:a1:d7:d6:2e:57:
ac:e2:c3:ff:fd:ad:65:a8:38:89:3e:ec:a5:0b:3c:
38:51:21:82:66:42:33:65:fc:87:8f:cd:80:77:52:
db:d8:6d:ca:63:99:cd:26:c8:04:7f:77:af:70:98:
1e:3e:9b:e5:87:28:10:a2:cd:fd:1b:a1:b5:bd:52:
73:8f:43:1f:29:13:30:83:0e:0b:c1:01:02:18:87:
be:e3:ad:5c:79:0c:26:b9:93:6b:a8:24:f7:d8:ae:
26:98:53:e2:9c:c8:10:98:c7:61:87:30:4d:e5:0d:
ff:8e:92:84:20:5b:46:b7:6d:d0:87:10:a4:51:94:
35:9a:b6:f3:08:03:c5:96:96:85:c2:fd:4c:0e:a9:
12:e7:14:94:7c:f4:1d:b3:21:fa:eb:e0:53:9e:ba:
e7:54:1d:bc:06:04:50:da:aa:5a:10:56:6c:33:3a:
30:c2:9f:d0:72:b2:aa:c0:7f:9e:6e:55:0c:60:8c:
5e:06:c4:b7:2c:01:dd:b3:ae:3a:aa:1d:24:a8:df:
a0:ef:14:b7:67:6e:00:43:ec:96:f9:4c:2f:96:85:
98:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:56:4B:F4:CF:EB:26:15:C5:7A:B4:60:2F:57:24:78:2E:76:74:A5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UlZL9M_rJhXFerRgL1ckeC52dKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de02:1a00::/44
Signature Algorithm: sha256WithRSAEncryption
b8:32:3b:0b:a9:59:b9:5d:1f:e8:bf:68:61:97:68:55:cd:d4:
51:22:cb:c2:d8:71:91:f8:4a:3c:dc:3b:95:c4:11:16:f5:c0:
8c:e6:b6:8e:08:b3:16:9b:31:6c:f2:4e:e3:48:32:35:c8:1e:
4a:0a:3d:b2:bf:7b:59:b9:c0:30:6a:75:41:c3:a5:63:c0:07:
55:2b:64:c2:78:32:a7:b8:f5:a5:78:36:af:07:2d:ab:7e:4b:
c2:7f:9e:bd:fe:a1:f3:b5:2e:86:41:e8:6e:de:fe:68:6a:03:
be:41:af:8b:1a:5b:a1:0c:e0:db:01:26:dc:9f:18:f7:f1:dc:
ba:6e:ed:07:32:b6:52:d7:13:65:18:b7:46:d8:67:cf:79:1e:
4e:05:c7:12:a6:b2:e8:2d:af:2d:28:c8:40:b7:36:ca:f0:09:
67:59:55:34:00:d0:bf:cf:92:9d:97:26:31:52:ee:13:5f:50:
70:e7:56:91:9d:30:b5:50:f6:48:a3:9a:2a:0c:8f:bb:36:f6:
73:42:bc:4f:bf:46:f1:17:fc:cc:1e:22:73:82:d2:8c:e9:52:
a3:22:d2:f1:83:f0:6b:41:b5:46:12:77:51:65:e8:6c:7c:67:
35:bc:03:86:5f:94:a5:82:b3:89:39:f0:2b:13:7e:ec:19:ac:
c3:89:d4:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZawA6ULJaXQUYmnHV4h2F6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTA4MTMwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU2NGJmNGNmZWIyNjE1YzU3YWI0NjAyZjU3MjQ3ODJlNzY3NGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqhvk32AAa3ZWFw1j3ubyXKSRzoJ
Yrs9GTshesuLU5iniwfXGN/XodfWLles4sP//a1lqDiJPuylCzw4USGCZkIzZfyH
j82Ad1Lb2G3KY5nNJsgEf3evcJgePpvlhygQos39G6G1vVJzj0MfKRMwgw4LwQEC
GIe+461ceQwmuZNrqCT32K4mmFPinMgQmMdhhzBN5Q3/jpKEIFtGt23QhxCkUZQ1
mrbzCAPFlpaFwv1MDqkS5xSUfPQdsyH66+BTnrrnVB28BgRQ2qpaEFZsMzowwp/Q
crKqwH+eblUMYIxeBsS3LAHds646qh0kqN+g7xS3Z24AQ+yW+UwvloWYYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFJWS/TP6yYVxXq0YC9XJHgudnSlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVWxaTDlNX3JKaFhGZXJSZ0wxY2tlQzUyZEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAhoA
MA0GCSqGSIb3DQEBCwUAA4IBAQC4MjsLqVm5XR/ov2hhl2hVzdRRIsvC2HGR+Eo8
3DuVxBEW9cCM5raOCLMWmzFs8k7jSDI1yB5KCj2yv3tZucAwanVBw6VjwAdVK2TC
eDKnuPWleDavBy2rfkvCf569/qHztS6GQehu3v5oagO+Qa+LGluhDODbASbcnxj3
8dy6bu0HMrZS1xNlGLdG2GfPeR5OBccSprLoLa8tKMhAtzbK8AlnWVU0ANC/z5Kd
lyYxUu4TX1Bw51aRnTC1UPZIo5oqDI+7NvZzQrxPv0bxF/zMHiJzgtKM6VKjItLx
g/BrQbVGEndRZehsfGc1vAOGX5SlgrOJOfArE37sGazDidTA
-----END CERTIFICATE-----
Generated at Tue Jun 17 10:04:21 2025 by rpki-client