Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/H0OviB7zoNU7h-zWgQmNt81lD6c.roa
File: H0OviB7zoNU7h-zWgQmNt81lD6c.roa (raw, json)
Hash identifier: rnC+QOz4oeE1Z2oDE7s3s6qhMkgjVxvF2w9Pw43gq/U=
Subject key identifier: 1F:43:AF:88:1E:F3:A0:D5:3B:87:EC:D6:81:09:8D:B7:CD:65:0F:A7
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01970E089D3B8EEB65807D955A99E81FDDA5
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/H0OviB7zoNU7h-zWgQmNt81lD6c.roa
Signing time: Mon 26 May 2025 19:18:54 +0000
ROA not before: Mon 26 May 2025 19:18:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0f:4345::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Jun 2025 17:53:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0e:08:9d:3b:8e:eb:65:80:7d:95:5a:99:e8:1f:dd:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: May 26 19:18:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f43af881ef3a0d53b87ecd681098db7cd650fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8b:90:dc:ab:93:c3:a3:c7:a7:cd:f4:5c:6c:
a1:30:e9:47:87:5d:7c:56:4f:56:c2:ff:7b:09:e9:
90:ce:8c:e1:ad:01:ae:07:20:c1:44:8c:7d:45:e6:
1e:6b:f6:3e:b9:56:b6:3e:a6:76:97:d4:cc:4e:f6:
c2:ab:53:8d:f1:9f:5e:34:9f:5c:b5:9c:be:88:a2:
3d:f8:32:aa:b3:34:2b:fb:b3:a7:37:fa:84:e1:c1:
f2:b0:b2:c3:3c:78:75:ff:5c:22:da:c9:d3:e2:94:
dc:b5:9c:27:93:1b:f3:23:bd:3a:81:05:fa:49:a2:
ae:f6:b3:c1:50:0c:7d:21:b8:7d:c9:42:22:f6:9f:
cb:c6:27:42:b6:f8:a5:bb:40:8a:3b:8c:9b:c9:26:
9b:e1:24:85:78:bf:97:51:a2:84:68:25:81:89:ae:
e1:bb:3d:cf:64:dc:88:3a:3a:ec:b1:b3:73:37:72:
db:01:67:b9:df:d3:80:e0:6e:21:63:cd:b1:fa:07:
23:45:b4:cb:7e:85:ea:8f:c3:ea:66:4e:4b:ce:1e:
c2:94:08:1d:dc:70:7c:a9:d5:6e:4f:09:88:09:c7:
23:ba:f4:2e:91:fa:0d:2e:ce:7f:9b:f9:be:69:a9:
89:9c:3a:61:68:5e:dc:b0:f6:44:d6:4e:d3:54:b9:
0b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:43:AF:88:1E:F3:A0:D5:3B:87:EC:D6:81:09:8D:B7:CD:65:0F:A7
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/H0OviB7zoNU7h-zWgQmNt81lD6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4345::/32
Signature Algorithm: sha256WithRSAEncryption
5b:c0:5c:e8:cc:d2:6f:50:cc:d1:8d:40:43:03:a6:2b:68:88:
02:fb:37:83:38:1f:49:18:3e:7f:7e:81:aa:fd:bc:18:75:61:
89:5c:60:1c:20:3b:f9:9c:25:79:82:94:d7:07:99:81:01:f8:
d9:fb:af:42:00:37:f3:25:70:d6:28:cf:be:2b:b8:e2:2a:f9:
68:02:46:ab:9c:3d:7b:31:f6:e9:53:22:7e:25:a3:0a:bb:c2:
8f:5e:5c:fb:2c:a3:1f:08:fc:ef:3e:c8:56:1a:84:d4:87:6d:
76:08:b8:70:9b:09:ab:06:db:62:f2:4e:eb:85:50:e4:a5:15:
67:90:5e:0a:d3:53:52:bb:9f:92:9e:22:26:3d:95:c7:58:db:
11:2b:10:6d:29:24:6c:f4:0b:77:83:c3:74:6f:5a:d8:5d:7a:
83:a8:18:30:92:4d:13:d2:cf:c4:7d:cb:8e:0c:e5:3d:28:b4:
47:1d:b1:48:d2:8c:25:f8:a2:ac:c9:d9:11:b4:a4:8a:d5:ad:
a8:af:19:52:dd:b4:c6:eb:83:db:fe:be:07:b7:0b:d9:9b:31:
c3:aa:7d:df:da:2e:6f:58:94:bb:8e:46:d6:d6:20:79:ce:fe:
4f:dd:7f:ca:10:45:79:2c:9d:33:9e:0a:95:50:1e:89:2e:fd:
15:72:0a:db
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcOCJ07jutlgH2VWpnoH92lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwNTI2MTkxODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQzYWY4ODFlZjNhMGQ1M2I4N2VjZDY4MTA5OGRiN2NkNjUwZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IuQ3KuTw6PHp830XGyhMOlHh118
Vk9Wwv97CemQzozhrQGuByDBRIx9ReYea/Y+uVa2PqZ2l9TMTvbCq1ON8Z9eNJ9c
tZy+iKI9+DKqszQr+7OnN/qE4cHysLLDPHh1/1wi2snT4pTctZwnkxvzI706gQX6
SaKu9rPBUAx9Ibh9yUIi9p/LxidCtvilu0CKO4ybySab4SSFeL+XUaKEaCWBia7h
uz3PZNyIOjrssbNzN3LbAWe539OA4G4hY82x+gcjRbTLfoXqj8PqZk5Lzh7ClAgd
3HB8qdVuTwmICccjuvQukfoNLs5/m/m+aamJnDphaF7csPZE1k7TVLkLxQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB9Dr4ge86DVO4fs1oEJjbfNZQ+nMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvSDBPdmlCN3pvTlU3aC16V2dRbU50ODFsRDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9DRTAN
BgkqhkiG9w0BAQsFAAOCAQEAW8Bc6MzSb1DM0Y1AQwOmK2iIAvs3gzgfSRg+f36B
qv28GHVhiVxgHCA7+ZwleYKU1weZgQH42fuvQgA38yVw1ijPviu44ir5aAJGq5w9
ezH26VMifiWjCrvCj15c+yyjHwj87z7IVhqE1Idtdgi4cJsJqwbbYvJO64VQ5KUV
Z5BeCtNTUrufkp4iJj2Vx1jbESsQbSkkbPQLd4PDdG9a2F16g6gYMJJNE9LPxH3L
jgzlPSi0Rx2xSNKMJfiirMnZEbSkitWtqK8ZUt20xuuD2/6+B7cL2Zsxw6p939ou
b1iUu45G1tYgec7+T91/yhBFeSydM54KlVAeiS79FXIK2w==
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:43:18 2025 by rpki-client