Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vFo90d7DU8rw1SLRXCsGD0bgpaI.roa
File: vFo90d7DU8rw1SLRXCsGD0bgpaI.roa (raw, json)
Hash identifier: pfkU9LvIarLuXA5xUESkWD3zAlEKIeWzBRWTn7qGtwk=
Subject key identifier: BC:5A:3D:D1:DE:C3:53:CA:F0:D5:22:D1:5C:2B:06:0F:46:E0:A5:A2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019428BCA674B931DE30B1A78EB512A3B1EF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vFo90d7DU8rw1SLRXCsGD0bgpaI.roa
Signing time: Thu 02 Jan 2025 20:37:19 +0000
ROA not before: Thu 02 Jan 2025 20:37:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213641
IP address blocks: 2a0e:97c0:680::/44 maxlen: 48
2a0e:97c0:680::/48 maxlen: 48
2a0e:97c0:681::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 23:34:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:bc:a6:74:b9:31:de:30:b1:a7:8e:b5:12:a3:b1:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 20:37:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc5a3dd1dec353caf0d522d15c2b060f46e0a5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a5:7f:9b:58:38:1c:cb:fa:61:1b:8f:3b:a9:
9a:4a:c3:67:3c:1e:ba:d5:1d:da:99:71:88:7c:1e:
66:81:e4:52:8c:d9:12:73:35:39:32:f7:ee:d5:83:
e1:e9:5f:fc:45:97:e9:fa:51:25:72:d3:91:10:98:
4b:70:75:c0:70:20:9d:cb:6b:68:b5:7c:c7:8b:27:
e5:24:35:2f:4a:f0:08:c1:80:55:2c:3f:17:85:e2:
43:23:c5:c1:e6:e5:9d:b3:d4:03:8b:fb:74:c8:aa:
65:c9:71:8f:1c:73:3f:22:f4:8f:24:6d:0e:24:1c:
23:8b:07:2f:b6:26:b4:c3:19:66:20:0b:16:47:e8:
4b:d8:da:35:b2:94:f9:49:95:83:8b:33:d7:a1:0a:
04:8e:cd:a0:88:7e:4e:f5:12:c2:d9:ec:26:54:cc:
f5:e2:4f:af:9c:63:d6:f9:45:48:22:b5:a8:09:1a:
56:5a:26:98:0a:5f:ab:78:d7:9d:b8:b4:42:29:01:
75:2c:45:7f:cc:10:3f:89:2d:cc:61:60:d9:f2:c2:
ee:3f:7a:7f:f6:50:be:be:16:13:36:bd:63:31:64:
b1:9d:be:c2:98:2d:8d:b9:2a:96:c1:e6:8d:9d:9c:
6e:05:85:41:7e:af:99:cb:0a:bb:38:54:b7:b3:9f:
fa:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5A:3D:D1:DE:C3:53:CA:F0:D5:22:D1:5C:2B:06:0F:46:E0:A5:A2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vFo90d7DU8rw1SLRXCsGD0bgpaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:680::/44
Signature Algorithm: sha256WithRSAEncryption
97:dd:9d:02:9e:7b:9a:42:95:41:35:e3:b0:06:76:9c:d6:0f:
9d:0e:e1:31:35:6b:21:46:83:85:2c:51:86:98:87:e7:da:ce:
d5:23:1f:7f:f4:7a:34:9d:04:87:db:2f:99:59:e6:97:3b:cf:
c1:e3:cc:82:ac:a8:dd:27:fd:6f:59:9e:ea:95:9f:bc:c8:1a:
eb:b3:55:36:38:2b:79:22:bc:9d:3b:a5:ca:10:8b:a2:43:19:
b7:c0:1d:e8:dd:f4:9d:8e:ae:d7:95:5b:38:63:d2:22:93:89:
98:d5:7c:16:28:b4:0b:45:a2:ec:8c:75:b0:03:33:c7:f0:56:
17:ce:d7:25:95:c3:d0:69:de:81:29:2b:d2:e1:c0:ff:b6:24:
63:e5:3b:ad:a3:f4:8a:73:83:ee:3d:0e:95:e2:3c:98:13:4b:
18:e4:f8:16:fc:e8:37:83:9a:97:30:30:2d:58:f0:73:01:26:
ed:c1:5c:ed:78:70:00:76:fb:b2:83:99:4b:c1:4f:e5:ed:3a:
8e:26:fa:c4:d4:09:a7:24:90:d4:67:ca:a4:65:5e:1c:48:55:
a8:c0:b1:e2:ff:a5:96:00:70:44:02:c9:ff:c6:d3:c8:3a:3f:
1d:e8:40:10:58:ad:ef:3a:02:3b:44:e2:42:3e:11:70:85:52:
01:50:27:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQovKZ0uTHeMLGnjrUSo7HvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMjAzNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVhM2RkMWRlYzM1M2NhZjBkNTIyZDE1YzJiMDYwZjQ2ZTBhNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraV/m1g4HMv6YRuPO6maSsNnPB66
1R3amXGIfB5mgeRSjNkSczU5Mvfu1YPh6V/8RZfp+lElctOREJhLcHXAcCCdy2to
tXzHiyflJDUvSvAIwYBVLD8XheJDI8XB5uWds9QDi/t0yKplyXGPHHM/IvSPJG0O
JBwjiwcvtia0wxlmIAsWR+hL2No1spT5SZWDizPXoQoEjs2giH5O9RLC2ewmVMz1
4k+vnGPW+UVIIrWoCRpWWiaYCl+reNeduLRCKQF1LEV/zBA/iS3MYWDZ8sLuP3p/
9lC+vhYTNr1jMWSxnb7CmC2NuSqWweaNnZxuBYVBfq+Zywq7OFS3s5/6WwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLxaPdHew1PK8NUi0VwrBg9G4KWiMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdkZvOTBkN0RVOHJ3MVNMUlhDc0dEMGJncGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCX3Z0CnnuaQpVBNeOwBnac1g+dDuExNWshRoOF
LFGGmIfn2s7VIx9/9Ho0nQSH2y+ZWeaXO8/B48yCrKjdJ/1vWZ7qlZ+8yBrrs1U2
OCt5IrydO6XKEIuiQxm3wB3o3fSdjq7XlVs4Y9Iik4mY1XwWKLQLRaLsjHWwAzPH
8FYXztcllcPQad6BKSvS4cD/tiRj5Tuto/SKc4PuPQ6V4jyYE0sY5PgW/Og3g5qX
MDAtWPBzASbtwVzteHAAdvuyg5lLwU/l7TqOJvrE1AmnJJDUZ8qkZV4cSFWowLHi
/6WWAHBEAsn/xtPIOj8d6EAQWK3vOgI7ROJCPhFwhVIBUCcL
-----END CERTIFICATE-----
Generated at Thu Jun 19 14:29:16 2025 by rpki-client