Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/86uWorCCiyCLGOWYqGZNvjA319U.roa
File: 86uWorCCiyCLGOWYqGZNvjA319U.roa (raw, json)
Hash identifier: Qnnkg1CUQ4wMp+U7VJSuSx3wrZXLcHGrjsMkE3OkExE=
Subject key identifier: F3:AB:96:A2:B0:82:8B:20:8B:18:E5:98:A8:66:4D:BE:30:37:D7:D5
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 0198763E3C40D6CB88A27BA36F87FEE41EFC
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/86uWorCCiyCLGOWYqGZNvjA319U.roa
Signing time: Mon 04 Aug 2025 18:00:46 +0000
ROA not before: Mon 04 Aug 2025 18:00:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201364
IP address blocks: 2a05:d740::/32 maxlen: 32
2a06:e900::/32 maxlen: 32
2a07:4a01::/32 maxlen: 32
2a0a:37c0::/32 maxlen: 32
2a0b:9800::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Aug 2025 11:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:76:3e:3c:40:d6:cb:88:a2:7b:a3:6f:87:fe:e4:1e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Aug 4 18:00:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3ab96a2b0828b208b18e598a8664dbe3037d7d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5a:62:fa:17:e1:81:99:67:7b:af:fd:5b:37:
3b:66:17:45:4d:87:71:17:53:fe:af:01:eb:03:d7:
e2:c9:d9:9a:e3:55:08:1b:9c:2b:b4:9d:1d:c3:d4:
a8:1a:3a:b1:6a:ca:d7:a4:02:9d:fe:45:cc:17:a8:
c2:51:2d:b8:bc:33:95:e8:61:f3:ec:cf:8e:3d:f5:
f5:ac:3a:96:2e:4d:7e:a4:67:6b:85:d6:b6:47:2a:
7d:e5:ae:cb:fc:35:cc:ad:c0:e9:29:2f:90:b7:7c:
19:28:44:c7:81:fb:62:81:d8:2a:a9:7a:87:87:a7:
8d:82:78:30:fc:5c:42:e4:98:8f:a7:91:c0:26:46:
39:e7:71:f3:e9:f8:eb:e4:fa:25:e5:dc:e5:9c:ea:
c4:02:7a:e5:99:88:cf:95:e6:5d:d0:53:d1:86:bd:
4e:be:30:a1:95:bb:1a:c8:3e:6c:46:b7:06:da:e0:
42:cc:00:0a:bb:85:e2:a9:ac:03:75:42:a4:1d:31:
46:c3:1e:7c:a1:45:6a:8b:ef:7c:58:b4:da:48:d4:
d2:84:32:4f:ee:87:35:de:db:60:c0:dd:e1:e0:e4:
8f:ac:99:ab:19:1a:09:98:0d:a7:ef:a2:8f:f8:50:
ec:47:2f:8d:a9:e6:63:71:0e:76:75:7a:7c:9a:b7:
15:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AB:96:A2:B0:82:8B:20:8B:18:E5:98:A8:66:4D:BE:30:37:D7:D5
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/86uWorCCiyCLGOWYqGZNvjA319U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d740::/32
2a06:e900::/32
2a07:4a01::/32
2a0a:37c0::/32
2a0b:9800::/32
Signature Algorithm: sha256WithRSAEncryption
9b:0b:ae:e7:6f:23:e4:d9:51:18:be:29:f2:a0:c7:ae:77:70:
39:fc:8e:5d:60:15:5c:37:d1:10:cb:28:69:fc:d1:fa:b1:37:
86:0e:2a:e6:94:b2:20:0e:a2:d4:e4:79:3b:f1:ae:f7:34:62:
d6:d5:bf:ae:b6:14:24:53:87:3a:34:e1:9d:0f:85:31:b8:db:
8c:43:82:bf:95:40:f8:9b:a9:a6:7d:0f:cd:6d:78:99:5c:0d:
a7:3b:2c:50:02:41:bc:a8:85:91:72:4a:b5:97:e8:4c:dc:df:
19:df:99:ef:7d:37:75:ce:8c:f3:2e:54:fe:ec:ec:f3:e6:ca:
cf:4b:8d:78:6d:ca:0d:16:e8:ed:9c:90:be:a2:c3:36:13:36:
d2:78:bb:19:80:4b:ee:4f:8b:27:d1:f0:c9:3f:b3:52:87:e2:
ea:74:08:ec:b2:6b:01:d1:ef:83:7b:1a:f1:38:38:c5:b8:16:
3b:c4:0d:f8:56:23:1b:ca:f3:41:a9:f8:b7:e6:00:7a:18:b2:
77:be:6b:b0:00:60:6f:b8:ae:4e:56:3c:a6:e5:55:ef:84:de:
45:b1:e1:93:15:68:0d:a7:c9:cd:0d:dd:1f:6a:17:8f:3c:e6:
c5:49:f2:89:e2:ff:2e:88:ba:61:7a:36:b2:93:ea:8a:20:a7:
09:66:69:82
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZh2PjxA1suIonujb4f+5B78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjUwODA0MTgwMDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FiOTZhMmIwODI4YjIwOGIxOGU1OThhODY2NGRiZTMwMzdkN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Vpi+hfhgZlne6/9Wzc7ZhdFTYdx
F1P+rwHrA9fiydma41UIG5wrtJ0dw9SoGjqxasrXpAKd/kXMF6jCUS24vDOV6GHz
7M+OPfX1rDqWLk1+pGdrhda2Ryp95a7L/DXMrcDpKS+Qt3wZKETHgftigdgqqXqH
h6eNgngw/FxC5JiPp5HAJkY553Hz6fjr5Pol5dzlnOrEAnrlmYjPleZd0FPRhr1O
vjChlbsayD5sRrcG2uBCzAAKu4XiqawDdUKkHTFGwx58oUVqi+98WLTaSNTShDJP
7oc13ttgwN3h4OSPrJmrGRoJmA2n76KP+FDsRy+NqeZjcQ52dXp8mrcVXQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPOrlqKwgosgixjlmKhmTb4wN9fVMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvODZ1V29yQ0NpeUNMR09XWXFHWk52akEzMTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgXXQAMF
ACoG6QADBQAqB0oBAwUAKgo3wAMFACoLmAAwDQYJKoZIhvcNAQELBQADggEBAJsL
rudvI+TZURi+KfKgx653cDn8jl1gFVw30RDLKGn80fqxN4YOKuaUsiAOotTkeTvx
rvc0YtbVv662FCRThzo04Z0PhTG424xDgr+VQPibqaZ9D81teJlcDac7LFACQbyo
hZFySrWX6Ezc3xnfme99N3XOjPMuVP7s7PPmys9LjXhtyg0W6O2ckL6iwzYTNtJ4
uxmAS+5PiyfR8Mk/s1KH4up0COyyawHR74N7GvE4OMW4FjvEDfhWIxvK80Gp+Lfm
AHoYsne+a7AAYG+4rk5WPKblVe+E3kWx4ZMVaA2nyc0N3R9qF4885sVJ8oni/y6I
umF6NrKT6oogpwlmaYI=
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:34:12 2025 by rpki-client