Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/7BY2Oe2zNjIgxfYygNdYo0_QAT0.roa
File: 7BY2Oe2zNjIgxfYygNdYo0_QAT0.roa (raw, json)
Hash identifier: Tl5ljtqNzZMVtnmponF5S6L9SSzlPg+SR8oapgUeDOE=
Subject key identifier: EC:16:36:39:ED:B3:36:32:20:C5:F6:32:80:D7:58:A3:4F:D0:01:3D
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0197641DB5292D355BB9C5E50F7BCEF52D7D
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/7BY2Oe2zNjIgxfYygNdYo0_QAT0.roa
Signing time: Thu 12 Jun 2025 12:29:17 +0000
ROA not before: Thu 12 Jun 2025 12:29:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58285
IP address blocks: 2001:3080::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 12 Jun 2025 19:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:1d:b5:29:2d:35:5b:b9:c5:e5:0f:7b:ce:f5:2d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 12 12:29:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec163639edb3363220c5f63280d758a34fd0013d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1e:27:ce:59:21:d2:1c:13:49:cd:b0:0a:18:
e8:54:e0:10:b7:c4:3d:4a:c9:e3:1e:97:a6:42:da:
77:b8:e6:85:a3:30:db:9e:2b:17:8d:4e:a3:02:ee:
c8:a7:2c:37:5a:4f:c4:e7:77:31:f2:22:dd:65:9b:
63:99:aa:f6:54:ec:0d:b7:5c:c8:ea:65:30:a5:5c:
6a:62:9c:ce:2c:57:de:ad:24:69:85:7c:f6:8b:80:
91:ef:21:93:de:9f:56:f2:7c:76:56:33:18:75:34:
ca:d5:b1:4e:f6:c3:16:c6:d6:0b:64:97:03:e2:02:
25:99:a8:46:f0:bc:92:3f:26:95:ef:99:c7:86:b6:
8f:03:b1:8e:ab:50:a4:d8:76:a7:1f:e0:f4:e2:81:
f1:75:3f:42:68:a6:2a:59:0a:34:bd:e6:94:8e:cc:
b4:0a:68:bf:f9:52:29:2e:90:d2:38:38:da:94:ad:
54:af:cd:55:16:7f:d4:37:46:cb:47:d2:4c:c5:fa:
1a:2d:76:b9:03:8b:99:b7:89:b6:de:b1:f0:d9:fe:
53:f2:1f:c6:41:84:23:17:d5:bd:72:d8:5b:38:22:
a2:5c:6b:a3:7b:92:f1:c8:25:e9:6b:fd:fb:81:57:
35:7a:a8:75:db:ab:f2:24:14:0a:c6:a7:cb:0d:97:
7c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:16:36:39:ED:B3:36:32:20:C5:F6:32:80:D7:58:A3:4F:D0:01:3D
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/7BY2Oe2zNjIgxfYygNdYo0_QAT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
Signature Algorithm: sha256WithRSAEncryption
29:49:7f:3e:5b:4b:f6:65:7b:59:28:75:7c:30:52:89:74:68:
28:58:57:7c:1b:f4:fc:d2:08:19:99:7d:8d:0d:e1:1c:36:da:
46:78:83:6b:7a:7d:04:69:c2:19:94:8e:28:58:39:b8:f2:f6:
ff:5c:2f:9d:fb:bf:96:18:47:b0:8c:09:18:12:b5:6a:f3:1b:
89:35:7e:61:a8:b6:7e:81:27:d6:15:68:f0:a6:27:a9:46:93:
be:11:34:8e:42:49:4f:85:43:70:b8:61:2d:aa:6d:e7:78:ad:
a6:95:2d:a6:62:4f:9d:f1:3a:c8:77:9f:26:a5:fd:69:33:88:
d9:d1:0c:00:55:dd:aa:a7:c9:99:c5:37:52:2b:4b:68:42:4d:
6c:14:d7:4f:22:1f:30:c6:ea:10:64:7e:25:35:9a:8d:c8:29:
1d:50:51:9e:18:dc:28:20:9f:e1:b4:c7:42:9f:6c:ba:5d:a5:
1f:c4:68:22:f9:28:d0:43:41:e7:67:9b:05:e0:93:a1:0a:54:
56:5e:1b:cc:8c:86:e3:48:45:65:df:59:09:cd:f0:ef:a0:e3:
9f:c0:53:9e:f2:a8:a7:26:d1:a1:0d:0c:bf:46:8c:a8:82:54:
00:66:0b:6f:97:3e:cd:1f:ad:f4:8e:6a:0d:39:74:73:e6:40:
24:85:0b:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZdkHbUpLTVbucXlD3vO9S19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNjEyMTIyOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzE2MzYzOWVkYjMzNjMyMjBjNWY2MzI4MGQ3NThhMzRmZDAwMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR4nzlkh0hwTSc2wChjoVOAQt8Q9
SsnjHpemQtp3uOaFozDbnisXjU6jAu7Ipyw3Wk/E53cx8iLdZZtjmar2VOwNt1zI
6mUwpVxqYpzOLFferSRphXz2i4CR7yGT3p9W8nx2VjMYdTTK1bFO9sMWxtYLZJcD
4gIlmahG8LySPyaV75nHhraPA7GOq1Ck2HanH+D04oHxdT9CaKYqWQo0veaUjsy0
Cmi/+VIpLpDSODjalK1Ur81VFn/UN0bLR9JMxfoaLXa5A4uZt4m23rHw2f5T8h/G
QYQjF9W9cthbOCKiXGuje5LxyCXpa/37gVc1eqh126vyJBQKxqfLDZd8swIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOwWNjntszYyIMX2MoDXWKNP0AE9MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvN0JZMk9lMnpOaklneGZZeWdOZFlvMF9RQVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAEwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAKUl/PltL9mV7WSh1fDBSiXRoKFhXfBv0/NIIGZl9
jQ3hHDbaRniDa3p9BGnCGZSOKFg5uPL2/1wvnfu/lhhHsIwJGBK1avMbiTV+Yai2
foEn1hVo8KYnqUaTvhE0jkJJT4VDcLhhLapt53itppUtpmJPnfE6yHefJqX9aTOI
2dEMAFXdqqfJmcU3UitLaEJNbBTXTyIfMMbqEGR+JTWajcgpHVBRnhjcKCCf4bTH
Qp9sul2lH8RoIvko0ENB52ebBeCToQpUVl4bzIyG40hFZd9ZCc3w76Djn8BTnvKo
pybRoQ0Mv0aMqIJUAGYLb5c+zR+t9I5qDTl0c+ZAJIULeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 19 02:25:17 2025 by rpki-client