Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/oUSEGyYMw_YzFWsIi4uRI0hQQig.roa
File: oUSEGyYMw_YzFWsIi4uRI0hQQig.roa (raw, json)
Hash identifier: iY5U9LDtRVutJw8X1Da4Lh7bDdekvAoArI0unPuwGX4=
Subject key identifier: A1:44:84:1B:26:0C:C3:F6:33:15:6B:08:8B:8B:91:23:48:50:42:28
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019741ED443EEF259ABD53A094AB6ADD1E67
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/oUSEGyYMw_YzFWsIi4uRI0hQQig.roa
Signing time: Thu 05 Jun 2025 21:09:17 +0000
ROA not before: Thu 05 Jun 2025 21:09:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207530
IP address blocks: 2a12:bec4:1a90::/44 maxlen: 44
2a12:bec4:1a90::/48 maxlen: 48
2a12:bec4:1a91::/48 maxlen: 48
2a12:bec4:1a92::/48 maxlen: 48
2a12:bec4:1a93::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Jun 2025 11:37:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:41:ed:44:3e:ef:25:9a:bd:53:a0:94:ab:6a:dd:1e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jun 5 21:09:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a144841b260cc3f633156b088b8b912348504228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4d:f9:d8:17:11:0b:3f:cd:c3:34:79:18:c5:
c7:ac:23:38:49:59:ad:e3:82:52:1f:f6:68:e9:47:
7e:78:2f:58:ee:43:1a:11:02:00:bc:bc:fb:a7:27:
fc:4b:c2:ef:28:49:c5:bb:d1:73:da:3b:6b:8a:f9:
55:19:e8:c7:5e:6c:a2:ef:b5:da:44:c1:23:66:55:
fe:89:1c:af:ca:74:0f:d1:32:dd:6f:23:3b:3a:17:
e9:79:4b:67:d7:4d:03:c3:13:83:c8:92:a6:d6:c3:
63:29:43:78:70:1d:a5:5f:29:74:f0:d8:87:5c:ca:
80:94:11:dd:75:d3:d3:2d:07:ad:55:fd:9e:b8:d7:
7c:26:9c:92:c8:ec:35:8f:70:a4:2a:8c:eb:05:5d:
cd:6c:95:bc:c0:ca:fe:85:c2:30:f9:e8:0c:7b:8e:
64:c8:c2:9b:18:ae:75:ee:51:8d:bc:47:2c:d6:f6:
22:93:08:84:bf:31:af:4d:fd:cd:de:50:85:2f:47:
eb:8e:b6:ec:8e:13:79:d8:1e:ff:25:da:7c:06:62:
54:0e:02:6b:e3:42:d6:4d:8a:c7:f8:b8:3d:69:c4:
03:f3:84:4e:2b:a4:75:0a:5c:96:20:da:ff:e5:3f:
22:81:5c:e3:2f:42:f3:2a:f8:c6:da:3a:f3:76:62:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:44:84:1B:26:0C:C3:F6:33:15:6B:08:8B:8B:91:23:48:50:42:28
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/oUSEGyYMw_YzFWsIi4uRI0hQQig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1a90::/44
Signature Algorithm: sha256WithRSAEncryption
50:94:42:00:59:07:14:78:81:bd:cb:7c:ba:34:ec:be:16:fc:
c2:06:00:02:41:27:4a:ed:c5:df:f6:2e:e4:8e:28:b9:b5:42:
33:c4:4d:7b:cd:1b:93:48:a4:f3:9f:c9:eb:c8:51:89:92:f5:
66:ac:1c:c7:eb:84:fc:34:bb:95:9c:18:98:cc:74:40:fc:cd:
42:96:43:ea:b3:dd:17:1f:3d:22:70:f5:ff:d7:fa:6e:33:0a:
ba:87:47:8b:93:4e:51:a5:f1:e4:6d:ec:13:91:c8:84:0a:d5:
07:1c:19:22:86:99:b7:d2:08:02:b5:e9:f4:e4:ac:e4:ee:90:
b7:d4:1a:e6:99:72:95:06:fd:b5:61:a4:71:a6:9d:7a:12:4d:
5f:3f:19:ff:73:17:a7:43:d7:6e:f2:e9:b3:22:41:55:40:6c:
1e:07:55:65:3f:28:3c:c4:58:60:4d:32:32:88:26:49:23:86:
3d:5d:60:6e:85:71:df:ba:f6:eb:6c:09:03:b5:f5:c2:db:e2:
d3:39:09:da:36:fb:77:0d:8b:93:b0:90:8b:f5:cf:bc:6f:ed:
b9:3d:e2:86:bc:6f:cb:8d:33:01:81:db:2f:68:e0:dd:02:b0:
36:cf:87:35:e8:0a:a1:12:cc:e1:1a:9f:07:8f:3a:1d:64:83:
81:a1:07:73
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZdB7UQ+7yWavVOglKtq3R5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwNjA1MjEwOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ0ODQxYjI2MGNjM2Y2MzMxNTZiMDg4YjhiOTEyMzQ4NTA0MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk352BcRCz/NwzR5GMXHrCM4SVmt
44JSH/Zo6Ud+eC9Y7kMaEQIAvLz7pyf8S8LvKEnFu9Fz2jtrivlVGejHXmyi77Xa
RMEjZlX+iRyvynQP0TLdbyM7OhfpeUtn100DwxODyJKm1sNjKUN4cB2lXyl08NiH
XMqAlBHdddPTLQetVf2euNd8JpySyOw1j3CkKozrBV3NbJW8wMr+hcIw+egMe45k
yMKbGK517lGNvEcs1vYikwiEvzGvTf3N3lCFL0frjrbsjhN52B7/Jdp8BmJUDgJr
40LWTYrH+Lg9acQD84ROK6R1ClyWINr/5T8igVzjL0LzKvjG2jrzdmK1fQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKFEhBsmDMP2MxVrCIuLkSNIUEIoMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvb1VTRUd5WU13X1l6RldzSWk0dVJJMGhRUWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBQlEIAWQcUeIG9y3y6NOy+FvzCBgACQSdK7cXf
9i7kjii5tUIzxE17zRuTSKTzn8nryFGJkvVmrBzH64T8NLuVnBiYzHRA/M1ClkPq
s90XHz0icPX/1/puMwq6h0eLk05RpfHkbewTkciECtUHHBkihpm30ggCten05Kzk
7pC31BrmmXKVBv21YaRxpp16Ek1fPxn/cxenQ9du8umzIkFVQGweB1VlPyg8xFhg
TTIyiCZJI4Y9XWBuhXHfuvbrbAkDtfXC2+LTOQnaNvt3DYuTsJCL9c+8b+25PeKG
vG/LjTMBgdsvaODdArA2z4c16AqhEszhGp8HjzodZIOBoQdz
-----END CERTIFICATE-----
Generated at Thu Jun 19 23:43:04 2025 by rpki-client