Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sfIP1LiQuIJGLfwOaC7sZ7g-IWU.roa
File: sfIP1LiQuIJGLfwOaC7sZ7g-IWU.roa (raw, json)
Hash identifier: 21KuoRbtEVV9RncKi6L27uUbZHluGtIsoJuPA0I7ScM=
Subject key identifier: B1:F2:0F:D4:B8:90:B8:82:46:2D:FC:0E:68:2E:EC:67:B8:3E:21:65
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0197241A57356776568CE59EC7601ACD654B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sfIP1LiQuIJGLfwOaC7sZ7g-IWU.roa
Signing time: Sat 31 May 2025 02:09:55 +0000
ROA not before: Sat 31 May 2025 02:09:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197477
IP address blocks: 2a06:de01:70::/44 maxlen: 48
2a10:ccc2:10::/44 maxlen: 48
2a10:ccc2:1330::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Jun 2025 07:18:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:24:1a:57:35:67:76:56:8c:e5:9e:c7:60:1a:cd:65:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 31 02:09:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1f20fd4b890b882462dfc0e682eec67b83e2165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:77:ae:45:d6:8c:e7:d8:bf:2c:78:10:10:c0:
fc:36:70:cb:79:4b:9b:99:05:42:aa:38:3f:91:42:
a4:d2:3c:d7:e1:19:4d:73:ac:d5:57:e4:e6:5c:87:
84:19:c0:8d:df:4e:b1:78:d6:83:5f:47:58:d6:ef:
0a:c5:26:cd:3b:d3:d1:92:01:12:26:8d:7e:2c:75:
09:ea:ee:3e:63:bd:3b:03:5b:cf:6b:8f:99:f9:13:
4f:a2:cc:03:22:c6:51:65:41:05:7f:8b:ff:47:1b:
c7:87:5d:72:ab:32:83:40:6f:7d:00:74:28:01:b7:
b5:11:9f:f2:f4:d2:d4:e2:15:45:ed:60:29:97:b6:
1c:3d:99:3f:90:34:45:10:d3:bb:d0:95:d1:0d:4e:
ed:40:15:87:be:84:e3:b9:e1:9b:71:fa:cd:ab:0f:
dc:68:f6:57:a8:46:da:01:66:34:4b:79:de:26:38:
5b:be:3d:9c:f3:1f:b2:3b:84:91:d7:4d:ab:89:3b:
46:a5:aa:61:14:b7:d2:be:99:b9:77:32:fb:3f:0e:
39:ba:59:13:28:5f:06:a9:80:1a:11:7b:de:c2:97:
03:21:92:bc:f2:36:ef:d2:05:fd:a9:a4:05:ed:a8:
bb:43:e6:0d:dd:d5:27:5f:2b:28:3c:06:7d:2c:13:
67:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F2:0F:D4:B8:90:B8:82:46:2D:FC:0E:68:2E:EC:67:B8:3E:21:65
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sfIP1LiQuIJGLfwOaC7sZ7g-IWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:70::/44
2a10:ccc2:10::/44
2a10:ccc2:1330::/44
Signature Algorithm: sha256WithRSAEncryption
19:4f:29:94:fb:04:09:e5:0c:6a:a5:85:09:07:0c:4f:ca:9b:
e3:65:87:31:cd:0c:5c:a7:49:0a:bc:0b:61:97:b0:fc:75:76:
c0:88:41:a3:c7:7d:a0:b1:1a:5e:0b:7f:14:03:2c:b1:03:80:
b9:5b:5d:75:34:40:cb:1f:c5:01:bb:a3:1e:31:7a:f1:78:ba:
30:e3:c5:8c:cc:2c:c2:de:ea:6f:f0:2b:48:c6:7c:06:0f:fe:
f7:a5:61:51:85:2a:6c:89:e6:e6:c1:f5:32:e1:17:38:01:e5:
29:f2:55:fd:ec:e9:19:ec:d6:e2:49:7b:4b:ea:e5:bb:ed:b1:
cc:46:10:d6:2d:df:5b:93:a8:fa:56:32:47:70:94:fe:5a:b3:
fc:ff:9c:25:71:dc:d0:1c:c9:e9:40:0a:c9:9c:c3:29:f4:9f:
17:0b:48:5e:26:d1:61:67:8b:2e:5c:5d:c7:6d:0a:75:ad:d0:
7a:a0:ac:1e:4d:c3:db:cb:91:d5:78:09:d9:48:19:c6:ce:0e:
2e:3e:31:33:d8:f9:3e:73:4d:23:4b:7f:a7:ab:89:b3:95:ad:
33:e6:22:ae:73:d1:2c:98:37:96:64:87:b2:8d:88:23:d7:71:
f2:87:55:8b:04:a1:e3:78:f6:b7:79:a1:cc:cc:ec:4e:b9:c4:
68:e9:b9:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZckGlc1Z3ZWjOWex2AazWVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTMxMDIwOTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWYyMGZkNGI4OTBiODgyNDYyZGZjMGU2ODJlZWM2N2I4M2UyMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3euRdaM59i/LHgQEMD8NnDLeUub
mQVCqjg/kUKk0jzX4RlNc6zVV+TmXIeEGcCN306xeNaDX0dY1u8KxSbNO9PRkgES
Jo1+LHUJ6u4+Y707A1vPa4+Z+RNPoswDIsZRZUEFf4v/RxvHh11yqzKDQG99AHQo
Abe1EZ/y9NLU4hVF7WApl7YcPZk/kDRFENO70JXRDU7tQBWHvoTjueGbcfrNqw/c
aPZXqEbaAWY0S3neJjhbvj2c8x+yO4SR102riTtGpaphFLfSvpm5dzL7Pw45ulkT
KF8GqYAaEXvewpcDIZK88jbv0gX9qaQF7ai7Q+YN3dUnXysoPAZ9LBNnwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLHyD9S4kLiCRi38Dmgu7Ge4PiFlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc2ZJUDFMaVF1SUpHTGZ3T2FDN3NaN2ctSVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKgbeAQBw
AwcEKhDMwgAQAwcEKhDMwhMwMA0GCSqGSIb3DQEBCwUAA4IBAQAZTymU+wQJ5Qxq
pYUJBwxPypvjZYcxzQxcp0kKvAthl7D8dXbAiEGjx32gsRpeC38UAyyxA4C5W111
NEDLH8UBu6MeMXrxeLow48WMzCzC3upv8CtIxnwGD/73pWFRhSpsiebmwfUy4Rc4
AeUp8lX97OkZ7NbiSXtL6uW77bHMRhDWLd9bk6j6VjJHcJT+WrP8/5wlcdzQHMnp
QArJnMMp9J8XC0heJtFhZ4suXF3HbQp1rdB6oKweTcPby5HVeAnZSBnGzg4uPjEz
2Pk+c00jS3+nq4mzla0z5iKuc9EsmDeWZIeyjYgj13Hyh1WLBKHjePa3eaHMzOxO
ucRo6bng
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:28:14 2025 by rpki-client