Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/1CuJxKRaRrCJpj4kRIUtn0dR5gQ.roa
File: 1CuJxKRaRrCJpj4kRIUtn0dR5gQ.roa (raw, json)
Hash identifier: xMFbWSlmJvqLffErvXucxFrGaDratG7/mIdmrNy0YiQ=
Subject key identifier: D4:2B:89:C4:A4:5A:46:B0:89:A6:3E:24:44:85:2D:9F:47:51:E6:04
Certificate issuer: /CN=473779e6a77c7e58213198764ce2ac0e6bee6236
Certificate serial: 0196A52F6C3E164F5F363EBB0D91B2CAB5FF
Authority key identifier: 47:37:79:E6:A7:7C:7E:58:21:31:98:76:4C:E2:AC:0E:6B:EE:62:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rzd55qd8flghMZh2TOKsDmvuYjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/1CuJxKRaRrCJpj4kRIUtn0dR5gQ.roa
Signing time: Tue 06 May 2025 10:41:10 +0000
ROA not before: Tue 06 May 2025 10:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42730
IP address blocks: 2a00:6800::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 May 2025 10:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:2f:6c:3e:16:4f:5f:36:3e:bb:0d:91:b2:ca:b5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473779e6a77c7e58213198764ce2ac0e6bee6236
Validity
Not Before: May 6 10:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d42b89c4a45a46b089a63e2444852d9f4751e604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4d:9b:71:9c:f7:e8:ae:f1:8c:77:e1:b3:4d:
12:d6:c1:35:4d:d4:40:4d:8b:fa:4d:f0:8f:77:93:
ca:b2:85:ab:6a:25:6a:6e:5c:72:f3:7e:9b:aa:f3:
a4:b2:e6:cd:f3:b5:48:ae:58:91:41:1f:a5:96:0e:
a6:76:f3:d5:fc:c3:5e:0e:cf:ea:5a:9d:69:a1:3f:
12:d3:9d:65:6d:d6:de:2a:e4:41:04:7c:54:00:98:
ba:63:14:7e:3e:41:c4:c2:5f:ed:05:76:88:f4:f4:
ec:0c:e5:fc:f3:bd:03:be:28:02:ed:f7:17:fe:0e:
3a:8f:15:45:64:f4:f5:e8:9c:02:c5:09:eb:ed:3c:
b2:89:dd:52:f0:06:cb:0c:df:dc:d3:a1:a0:ad:aa:
87:88:4d:48:19:d5:e9:c5:36:11:bf:f2:f6:cb:1f:
af:36:fc:ee:c0:0f:4c:ba:13:1b:ae:20:b7:76:e0:
71:e1:96:7e:c1:62:e8:0f:76:40:26:84:74:d6:90:
ef:f7:45:f7:1f:0b:43:5d:14:90:1e:e9:96:0b:ec:
ca:f6:4a:fe:20:62:0c:dd:8d:46:18:14:8f:5b:d2:
a0:a2:ef:e6:d9:97:dc:fb:ee:db:06:6c:94:6d:3b:
17:b6:54:cd:2d:46:45:d8:14:28:ee:2e:d4:2e:8f:
19:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2B:89:C4:A4:5A:46:B0:89:A6:3E:24:44:85:2D:9F:47:51:E6:04
X509v3 Authority Key Identifier:
keyid:47:37:79:E6:A7:7C:7E:58:21:31:98:76:4C:E2:AC:0E:6B:EE:62:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rzd55qd8flghMZh2TOKsDmvuYjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/1CuJxKRaRrCJpj4kRIUtn0dR5gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Rzd55qd8flghMZh2TOKsDmvuYjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:6800::/32
Signature Algorithm: sha256WithRSAEncryption
ca:37:29:e5:34:29:6c:07:b9:82:52:a1:1f:d2:46:1e:91:f8:
6f:34:89:af:e5:4b:88:fb:63:4f:bd:36:a0:03:57:7e:ae:fa:
ae:13:eb:84:ca:86:4b:49:9e:0e:ca:cc:1d:62:19:32:67:c4:
96:a8:18:06:2e:e6:78:6b:5f:d4:5b:d2:85:20:7a:e9:b3:b4:
b6:de:7d:ed:b0:14:b0:31:a6:0e:0c:ce:f4:35:bf:cb:a7:75:
c8:3d:8e:ca:c4:95:6d:21:97:02:05:44:1e:2e:c8:e1:61:a8:
53:54:d1:77:8f:65:92:03:90:3d:77:5e:7d:4d:51:2d:12:e5:
5d:fd:a8:71:bc:61:db:d6:e6:05:cf:f3:14:77:16:cf:51:7d:
3e:69:9e:fa:9e:eb:10:a2:a5:ec:76:97:f4:1b:43:0e:8c:84:
b5:9c:ed:e6:2e:71:ad:ee:3d:0d:b9:22:c1:51:b4:40:6e:a8:
2e:26:d4:5d:86:09:02:d7:06:8b:25:9d:c4:3a:ab:f9:dc:b8:
79:f7:d5:a7:95:a1:4c:fb:2b:82:e9:86:23:41:08:19:29:f9:
1c:40:a3:c8:44:a0:38:e9:1f:e7:49:b2:21:52:e2:ba:a6:04:
01:bf:03:3e:a4:fa:16:5e:68:e0:c4:60:86:94:d9:da:7c:e4:
7e:88:e6:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZalL2w+Fk9fNj67DZGyyrX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Mzc3OWU2YTc3YzdlNTgyMTMxOTg3NjRjZTJhYzBlNmJl
ZTYyMzYwHhcNMjUwNTA2MTA0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDJiODljNGE0NWE0NmIwODlhNjNlMjQ0NDg1MmQ5ZjQ3NTFlNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU2bcZz36K7xjHfhs00S1sE1TdRA
TYv6TfCPd5PKsoWraiVqblxy836bqvOksubN87VIrliRQR+llg6mdvPV/MNeDs/q
Wp1poT8S051lbdbeKuRBBHxUAJi6YxR+PkHEwl/tBXaI9PTsDOX8870DvigC7fcX
/g46jxVFZPT16JwCxQnr7Tyyid1S8AbLDN/c06GgraqHiE1IGdXpxTYRv/L2yx+v
NvzuwA9MuhMbriC3duBx4ZZ+wWLoD3ZAJoR01pDv90X3HwtDXRSQHumWC+zK9kr+
IGIM3Y1GGBSPW9Kgou/m2Zfc++7bBmyUbTsXtlTNLUZF2BQo7i7ULo8ZOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNQricSkWkawiaY+JESFLZ9HUeYEMB8GA1UdIwQY
MBaAFEc3eeanfH5YITGYdkzirA5r7mI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpkNTVxZDhmbGdoTVpoMlRPS3NEbXZ1WWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZDc1ODMtZDEwYy00N2RiLWFlZTEt
NThkNjY0MjEwNjY5LzEvMUN1SnhLUmFSckNKcGo0a1JJVXRuMGRSNWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZDc1ODMtZDEwYy00N2RiLWFlZTEtNThkNjY0MjEwNjY5
LzEvUnpkNTVxZDhmbGdoTVpoMlRPS3NEbXZ1WWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgBoADAN
BgkqhkiG9w0BAQsFAAOCAQEAyjcp5TQpbAe5glKhH9JGHpH4bzSJr+VLiPtjT702
oANXfq76rhPrhMqGS0meDsrMHWIZMmfElqgYBi7meGtf1FvShSB66bO0tt597bAU
sDGmDgzO9DW/y6d1yD2OysSVbSGXAgVEHi7I4WGoU1TRd49lkgOQPXdefU1RLRLl
Xf2ocbxh29bmBc/zFHcWz1F9Pmme+p7rEKKl7HaX9BtDDoyEtZzt5i5xre49Dbki
wVG0QG6oLibUXYYJAtcGiyWdxDqr+dy4effVp5WhTPsrgumGI0EIGSn5HECjyESg
OOkf50myIVLiuqYEAb8DPqT6Fl5o4MRghpTZ2nzkfojmmg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:48:30 2025 by rpki-client