Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OIz7A0xUCyVHagHugk2f-L-3ufk.roa
File: OIz7A0xUCyVHagHugk2f-L-3ufk.roa (raw, json)
Hash identifier: 1vCnN5a66gVNItx3r4J1g6c+qXJI7UkZvWmqBWJV20c=
Subject key identifier: 38:8C:FB:03:4C:54:0B:25:47:6A:01:EE:82:4D:9F:F8:BF:B7:B9:F9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01985508ED6B0514CAA093C64CF8AAF4D337
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OIz7A0xUCyVHagHugk2f-L-3ufk.roa
Signing time: Tue 29 Jul 2025 07:15:05 +0000
ROA not before: Tue 29 Jul 2025 07:15:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132750
IP address blocks: 2a0f:ea44:1312::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Aug 2025 12:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:08:ed:6b:05:14:ca:a0:93:c6:4c:f8:aa:f4:d3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 29 07:15:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=388cfb034c540b25476a01ee824d9ff8bfb7b9f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:72:18:fd:e5:2d:be:30:09:ad:e5:e3:10:4d:
56:49:53:f0:0c:a4:9e:6b:31:6a:32:49:54:ee:2f:
6d:f2:5c:75:9f:62:ba:b6:48:eb:a9:b1:5b:ae:40:
1c:53:da:71:68:0b:e5:a4:52:5f:d2:ea:b2:f9:51:
7c:24:d7:c8:42:eb:58:9a:71:b4:36:70:bc:82:7c:
09:cf:0c:13:a9:b8:4b:9e:16:e2:4c:8f:27:0a:72:
ec:73:2a:63:d5:fa:a4:1d:86:d0:d4:cd:dd:ff:31:
3b:d7:4b:00:65:01:7c:49:b8:95:2a:93:a6:1b:77:
94:5e:b1:4b:a2:ca:bc:d9:be:e1:0d:55:40:ac:6b:
a1:91:33:3c:88:b4:9d:ce:51:84:de:be:22:05:48:
4f:38:bf:fe:5a:bb:2c:63:e1:76:a7:26:7d:7f:8c:
8f:14:01:0b:5a:d0:6b:d4:92:7c:90:99:ac:eb:8b:
43:90:fe:82:c6:5d:d3:d4:fb:49:41:56:f2:df:70:
ec:54:1f:60:40:08:de:28:8a:db:e9:a6:2b:c2:fd:
72:1f:0b:35:62:1a:65:7b:b7:eb:98:02:73:9a:a7:
b4:de:41:a1:f9:f3:61:18:66:e7:8c:a6:b7:4b:ee:
e9:db:63:d3:34:23:f6:84:a2:95:6a:ef:54:15:91:
ec:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8C:FB:03:4C:54:0B:25:47:6A:01:EE:82:4D:9F:F8:BF:B7:B9:F9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OIz7A0xUCyVHagHugk2f-L-3ufk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ea44:1312::/48
Signature Algorithm: sha256WithRSAEncryption
c1:ea:97:10:ac:26:1b:db:af:f0:3c:b7:ee:be:f5:9f:51:05:
f0:1e:f1:5b:fa:ef:bb:2b:4b:0d:89:66:7b:ad:43:28:04:a2:
1b:ab:ff:a1:64:04:98:c5:b2:bc:89:96:27:d1:8e:09:da:03:
ae:f3:12:63:8c:04:ec:1a:64:b9:cd:06:9e:b6:c5:1e:36:b5:
18:30:c7:7c:0e:36:db:0c:18:13:5f:67:49:d1:a1:ad:17:a2:
45:56:c7:f2:38:d4:d3:37:6e:92:0f:1b:6c:16:01:fa:5a:e4:
a1:85:b0:23:59:88:55:d1:d9:65:1a:3d:96:9a:b1:b5:56:57:
6f:44:d2:d7:67:69:1c:41:ce:ac:89:dc:01:32:5b:3d:a2:5f:
93:50:c5:94:86:8a:62:a5:dd:4d:7f:79:f1:cd:6d:b9:2d:75:
5f:39:fd:b8:c8:1e:9c:f7:84:0b:cc:2b:d2:35:94:fd:fc:13:
57:7e:89:36:5f:7d:00:f7:43:1c:1e:3a:d4:26:6b:0f:54:77:
19:88:0f:26:62:b0:a3:b2:c0:f4:5f:27:ef:53:f5:8b:cf:6a:
db:2a:03:7d:ff:0f:39:1a:6a:02:83:fc:dd:d8:68:cb:24:a5:
f8:06:74:5e:95:1e:f0:b7:8d:8a:dd:f7:e7:df:67:3e:bb:b8:
fe:51:d8:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZhVCO1rBRTKoJPGTPiq9NM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzI5MDcxNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhjZmIwMzRjNTQwYjI1NDc2YTAxZWU4MjRkOWZmOGJmYjdiOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HIY/eUtvjAJreXjEE1WSVPwDKSe
azFqMklU7i9t8lx1n2K6tkjrqbFbrkAcU9pxaAvlpFJf0uqy+VF8JNfIQutYmnG0
NnC8gnwJzwwTqbhLnhbiTI8nCnLscypj1fqkHYbQ1M3d/zE710sAZQF8SbiVKpOm
G3eUXrFLosq82b7hDVVArGuhkTM8iLSdzlGE3r4iBUhPOL/+WrssY+F2pyZ9f4yP
FAELWtBr1JJ8kJms64tDkP6Cxl3T1PtJQVby33DsVB9gQAjeKIrb6aYrwv1yHws1
Yhple7frmAJzmqe03kGh+fNhGGbnjKa3S+7p22PTNCP2hKKVau9UFZHsBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDiM+wNMVAslR2oB7oJNn/i/t7n5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT0l6N0EweFVDeVZIYWdIdWdrMmYtTC0zdWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/qRBMS
MA0GCSqGSIb3DQEBCwUAA4IBAQDB6pcQrCYb26/wPLfuvvWfUQXwHvFb+u+7K0sN
iWZ7rUMoBKIbq/+hZASYxbK8iZYn0Y4J2gOu8xJjjATsGmS5zQaetsUeNrUYMMd8
DjbbDBgTX2dJ0aGtF6JFVsfyONTTN26SDxtsFgH6WuShhbAjWYhV0dllGj2WmrG1
VldvRNLXZ2kcQc6sidwBMls9ol+TUMWUhopipd1Nf3nxzW25LXVfOf24yB6c94QL
zCvSNZT9/BNXfok2X30A90McHjrUJmsPVHcZiA8mYrCjssD0XyfvU/WLz2rbKgN9
/w85GmoCg/zd2GjLJKX4BnRelR7wt42K3ffn32c+u7j+Udil
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:15:15 2025 by rpki-client