Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/II4CPxjXcGCcRPIWpgAw79iAOtQ.roa
File: II4CPxjXcGCcRPIWpgAw79iAOtQ.roa (raw, json)
Hash identifier: e23hWy3ygSa4+boHm7Ur9mWDhYpnSI03QNH93rLYbXU=
Subject key identifier: 20:8E:02:3F:18:D7:70:60:9C:44:F2:16:A6:00:30:EF:D8:80:3A:D4
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019763928CF0D90352896284C6C7DB70AF67
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/II4CPxjXcGCcRPIWpgAw79iAOtQ.roa
Signing time: Thu 12 Jun 2025 09:57:18 +0000
ROA not before: Thu 12 Jun 2025 09:57:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209961
IP address blocks: 2001:3181::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Jun 2025 12:09:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:92:8c:f0:d9:03:52:89:62:84:c6:c7:db:70:af:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 12 09:57:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=208e023f18d770609c44f216a60030efd8803ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:48:0a:b5:d3:7a:26:29:05:94:8e:13:e1:aa:
36:70:bf:32:6f:06:a7:77:d9:df:80:88:e7:4e:02:
3c:ae:88:51:dc:16:e3:96:72:99:5f:4b:90:4d:40:
52:ae:92:bc:ea:14:25:97:11:a2:39:1a:8e:f2:90:
6d:d1:11:4f:e2:8f:75:4f:43:c3:b5:4d:5a:aa:d0:
48:b6:08:1f:ee:ec:16:82:eb:e8:4f:9b:4c:f4:cf:
38:70:b4:3f:01:14:f5:00:60:d0:a4:12:5e:28:ee:
15:ac:46:59:9b:05:af:1b:96:fc:df:ae:19:1c:4b:
25:4e:34:09:ad:75:c0:64:7d:f4:ae:fd:a7:88:32:
86:54:4f:60:f8:9c:6d:3e:de:2d:81:8d:14:2b:d3:
11:ea:48:d3:a8:63:22:9e:d9:5a:17:64:f6:c3:97:
51:39:52:34:59:c2:58:3e:75:fd:13:67:68:89:1f:
99:9f:b0:8b:97:46:17:7c:95:d5:ba:ec:8e:73:a4:
c6:ff:95:72:c2:37:36:41:66:d4:c6:f7:7d:62:e4:
ad:73:8f:a4:27:c6:20:eb:6c:c1:0a:4e:38:b3:80:
96:fb:22:a6:18:ec:66:20:4b:be:d2:ad:8a:cf:bf:
fc:e5:2d:66:47:6c:fb:16:85:de:6d:49:8c:b7:83:
0f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8E:02:3F:18:D7:70:60:9C:44:F2:16:A6:00:30:EF:D8:80:3A:D4
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/II4CPxjXcGCcRPIWpgAw79iAOtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3181::/32
Signature Algorithm: sha256WithRSAEncryption
1d:b8:26:e6:6c:fa:e9:cc:b6:72:df:03:53:82:80:55:51:4c:
13:20:a8:6a:fa:12:e1:1e:3b:25:91:bd:5e:89:8d:f8:5e:e7:
f7:19:75:a6:a6:0f:d3:c0:4a:73:9b:1e:f3:bb:49:f6:41:42:
72:2d:e6:6a:ab:55:77:bb:3e:b9:cd:a5:e1:48:f4:86:e7:73:
d0:8c:44:81:06:99:48:a1:b8:7c:3a:ff:91:63:d1:9f:a3:13:
c9:f8:79:60:ca:93:26:d1:57:e9:f2:ba:01:52:ca:e7:89:0f:
77:44:1d:17:1d:ed:04:88:79:9a:04:b9:93:3c:c7:51:53:eb:
ef:f1:d3:89:34:ee:6b:02:da:d3:09:4b:a0:81:f9:56:7b:b6:
89:3d:67:82:0e:1d:e7:17:4b:4b:9d:d1:9f:91:d6:b8:29:54:
83:1c:5f:d0:e0:0e:59:b8:83:08:cc:d1:66:c4:42:9f:1a:11:
ed:6f:ee:76:d9:d7:f9:92:f0:cf:8c:63:cf:2d:e8:ea:76:fa:
36:72:7b:d4:90:5e:a0:6f:83:c1:ab:62:03:5d:af:cc:06:b0:
43:93:39:d7:15:36:4a:13:1a:50:99:0b:c2:dd:16:0e:fe:7f:
ff:43:6d:8c:e2:b4:30:78:17:a6:db:3c:d5:b1:fd:09:3d:b7:
b6:3c:1a:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZdjkozw2QNSiWKExsfbcK9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNjEyMDk1NzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhlMDIzZjE4ZDc3MDYwOWM0NGYyMTZhNjAwMzBlZmQ4ODAzYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UgKtdN6JikFlI4T4ao2cL8ybwan
d9nfgIjnTgI8rohR3BbjlnKZX0uQTUBSrpK86hQllxGiORqO8pBt0RFP4o91T0PD
tU1aqtBItggf7uwWguvoT5tM9M84cLQ/ART1AGDQpBJeKO4VrEZZmwWvG5b8364Z
HEslTjQJrXXAZH30rv2niDKGVE9g+JxtPt4tgY0UK9MR6kjTqGMintlaF2T2w5dR
OVI0WcJYPnX9E2doiR+Zn7CLl0YXfJXVuuyOc6TG/5Vywjc2QWbUxvd9YuStc4+k
J8Yg62zBCk44s4CW+yKmGOxmIEu+0q2Kz7/85S1mR2z7FoXebUmMt4MP4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCCOAj8Y13BgnETyFqYAMO/YgDrUMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvSUk0Q1B4alhjR0NjUlBJV3BnQXc3OWlBT3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAExgTAN
BgkqhkiG9w0BAQsFAAOCAQEAHbgm5mz66cy2ct8DU4KAVVFMEyCoavoS4R47JZG9
XomN+F7n9xl1pqYP08BKc5se87tJ9kFCci3maqtVd7s+uc2l4Uj0hudz0IxEgQaZ
SKG4fDr/kWPRn6MTyfh5YMqTJtFX6fK6AVLK54kPd0QdFx3tBIh5mgS5kzzHUVPr
7/HTiTTuawLa0wlLoIH5Vnu2iT1ngg4d5xdLS53Rn5HWuClUgxxf0OAOWbiDCMzR
ZsRCnxoR7W/udtnX+ZLwz4xjzy3o6nb6NnJ71JBeoG+DwatiA12vzAawQ5M51xU2
ShMaUJkLwt0WDv5//0NtjOK0MHgXpts81bH9CT23tjwapg==
-----END CERTIFICATE-----
Generated at Thu Jun 19 02:22:27 2025 by rpki-client