Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z5WiuBd2SNV7l7Q1iHDcK_TJMt8.roa
File: Z5WiuBd2SNV7l7Q1iHDcK_TJMt8.roa (raw, json)
Hash identifier: G9CkhS9NN3nAlZyi5UTGAuRk9KzujEO/HjdIVwwcZ2I=
Subject key identifier: 67:95:A2:B8:17:76:48:D5:7B:97:B4:35:88:70:DC:2B:F4:C9:32:DF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019697576C6D4C9B83D17C18961F837ECF2C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z5WiuBd2SNV7l7Q1iHDcK_TJMt8.roa
Signing time: Sat 03 May 2025 18:10:10 +0000
ROA not before: Sat 03 May 2025 18:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47263
IP address blocks: 2a06:de00:1f00::/44 maxlen: 48
2a06:de02:1a00::/44 maxlen: 48
2a06:de02:1a02::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 May 2025 22:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:97:57:6c:6d:4c:9b:83:d1:7c:18:96:1f:83:7e:cf:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 3 18:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6795a2b8177648d57b97b4358870dc2bf4c932df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4e:72:6f:28:c5:62:ca:70:0f:5a:e7:9b:9d:
3a:25:cf:f5:2d:b1:62:88:3c:5c:70:9f:d0:36:b0:
1e:75:d8:00:91:88:69:43:d8:5c:c5:c3:ce:6e:e8:
3c:c4:e4:30:79:83:c0:8d:86:87:f4:bb:62:2b:3c:
30:37:3b:13:de:62:90:dd:fa:52:bb:09:85:b6:62:
01:b8:14:e4:fb:2d:be:c3:40:1b:19:b0:5a:39:1a:
00:16:8e:10:c6:3d:66:91:a1:5e:21:1e:cb:42:03:
40:e7:f7:9f:6d:2d:60:42:78:3c:df:5c:b4:81:1c:
06:ab:5f:eb:21:59:8d:35:7b:a7:6d:0d:ed:16:39:
82:b8:fe:27:52:bc:e1:9c:4e:71:26:ff:09:47:d4:
cd:93:25:b7:b2:e9:15:77:af:2b:9c:1f:4a:30:b2:
b3:98:7c:90:4b:9d:74:66:23:c7:33:20:42:31:8b:
a8:f8:cf:4d:40:a2:2e:a0:6f:21:a0:b5:76:14:18:
88:03:ef:2b:28:c7:b6:91:71:2c:15:a8:37:f1:fa:
25:ef:33:18:30:2e:45:bf:73:46:89:f8:bf:26:bf:
30:83:e7:74:60:d7:cf:4f:dd:d8:e6:7d:de:dc:b8:
63:88:2d:90:0a:7a:07:ee:0e:94:82:9b:35:47:4e:
66:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:95:A2:B8:17:76:48:D5:7B:97:B4:35:88:70:DC:2B:F4:C9:32:DF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z5WiuBd2SNV7l7Q1iHDcK_TJMt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:1f00::/44
2a06:de02:1a00::/44
Signature Algorithm: sha256WithRSAEncryption
c2:31:3f:87:16:0b:af:df:65:25:ec:10:e7:22:45:16:e5:a4:
85:e1:09:f2:ed:a7:e1:38:c6:a3:d5:30:f4:79:cd:64:b0:f3:
ba:ae:3d:84:dc:0a:00:b9:c0:29:36:73:20:c9:16:9a:d2:90:
a1:1f:4a:1a:aa:c5:06:e3:ff:3f:2d:04:7b:b3:96:8d:32:1e:
87:06:04:0e:35:a7:3b:1e:26:dd:31:d3:36:f7:cf:17:ab:57:
c1:b9:ae:f9:9d:b6:85:51:1f:c4:6f:c6:be:e6:b5:ce:ce:46:
e8:df:2d:0b:ec:00:6e:f4:a9:ac:32:aa:aa:63:55:8c:b1:a7:
2d:88:87:26:91:05:b4:c1:86:24:3e:36:77:ad:c9:f0:78:eb:
fc:dd:80:2e:9d:fe:f5:28:21:7b:47:47:6f:25:84:b7:1e:fd:
ad:d4:6b:39:81:6a:b0:20:b1:50:c8:05:97:d4:84:c9:dc:62:
b7:cc:ca:93:da:37:1d:6b:8f:f8:c4:13:f9:89:cc:2c:e2:02:
c9:37:f6:27:be:10:ee:52:20:2a:c5:24:35:59:00:f9:e9:9b:
73:ac:f4:75:8d:bd:aa:4d:49:3f:76:0b:ee:56:01:aa:eb:72:
03:fc:18:0e:ce:35:cd:9f:ce:95:a3:5b:a7:3a:02:34:19:aa:
5f:83:cd:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaXV2xtTJuD0XwYlh+Dfs8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTAzMTgxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk1YTJiODE3NzY0OGQ1N2I5N2I0MzU4ODcwZGMyYmY0YzkzMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU5ybyjFYspwD1rnm506Jc/1LbFi
iDxccJ/QNrAeddgAkYhpQ9hcxcPObug8xOQweYPAjYaH9LtiKzwwNzsT3mKQ3fpS
uwmFtmIBuBTk+y2+w0AbGbBaORoAFo4Qxj1mkaFeIR7LQgNA5/efbS1gQng831y0
gRwGq1/rIVmNNXunbQ3tFjmCuP4nUrzhnE5xJv8JR9TNkyW3sukVd68rnB9KMLKz
mHyQS510ZiPHMyBCMYuo+M9NQKIuoG8hoLV2FBiIA+8rKMe2kXEsFag38fol7zMY
MC5Fv3NGifi/Jr8wg+d0YNfPT93Y5n3e3LhjiC2QCnoH7g6Ugps1R05mCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGeVorgXdkjVe5e0NYhw3Cv0yTLfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWjVXaXVCZDJTTlY3bDdRMWlIRGNLX1RKTXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAB8A
AwcEKgbeAhoAMA0GCSqGSIb3DQEBCwUAA4IBAQDCMT+HFguv32Ul7BDnIkUW5aSF
4Qny7afhOMaj1TD0ec1ksPO6rj2E3AoAucApNnMgyRaa0pChH0oaqsUG4/8/LQR7
s5aNMh6HBgQONac7HibdMdM2988Xq1fBua75nbaFUR/Eb8a+5rXOzkbo3y0L7ABu
9KmsMqqqY1WMsactiIcmkQW0wYYkPjZ3rcnweOv83YAunf71KCF7R0dvJYS3Hv2t
1Gs5gWqwILFQyAWX1ITJ3GK3zMqT2jcda4/4xBP5icws4gLJN/YnvhDuUiAqxSQ1
WQD56ZtzrPR1jb2qTUk/dgvuVgGq63ID/BgOzjXNn86Vo1unOgI0Gapfg82o
-----END CERTIFICATE-----
Generated at Tue Jun 17 06:15:37 2025 by rpki-client