Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/i9rWJQvCPKX5ax4GS_YohHMD7tc.roa
File: i9rWJQvCPKX5ax4GS_YohHMD7tc.roa (raw, json)
Hash identifier: CkeONWLsI+SNMsRB4pIhEGhYq1hhRPsLIGxtac0XX1g=
Subject key identifier: 8B:DA:D6:25:0B:C2:3C:A5:F9:6B:1E:06:4B:F6:28:84:73:03:EE:D7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019846620336D791284CBC2A2A1C33275E91
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/i9rWJQvCPKX5ax4GS_YohHMD7tc.roa
Signing time: Sat 26 Jul 2025 10:58:05 +0000
ROA not before: Sat 26 Jul 2025 10:58:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211852
IP address blocks: 2a12:ecc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 04 Aug 2025 08:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:46:62:03:36:d7:91:28:4c:bc:2a:2a:1c:33:27:5e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 26 10:58:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bdad6250bc23ca5f96b1e064bf628847303eed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:64:e5:d2:18:e1:47:cd:14:c0:ca:86:9e:05:
69:a1:aa:c3:cf:6b:ec:30:e6:62:15:f3:f6:45:3b:
de:c7:81:92:9a:42:cc:9b:89:a2:7f:ae:d4:5f:77:
fe:97:33:db:db:af:cf:96:87:03:0e:2d:10:64:c6:
da:d1:a1:de:48:4c:0e:cd:3c:31:a2:b3:db:9b:d4:
89:21:da:33:a5:52:3e:58:25:bd:f3:b6:ba:a5:3b:
79:70:e6:2f:66:27:c2:bc:c5:83:17:ce:1e:b1:2c:
8a:01:cd:27:09:2c:7c:9b:b2:45:7a:63:47:34:3b:
82:cc:fc:29:1f:7e:1d:d8:bf:31:22:e7:05:40:af:
5d:4d:9e:05:55:09:2e:5c:53:4b:d4:ee:5a:9b:0e:
e0:69:4b:31:c2:4f:e6:32:e1:34:d6:c1:9e:a6:8d:
21:94:1e:ee:5e:a9:bd:75:5b:de:3e:68:e4:04:bb:
66:c5:19:9d:7f:1b:e8:c2:77:14:cd:cd:ee:15:da:
d0:d3:03:81:60:5c:8f:cd:a3:6e:ab:93:e5:3c:e9:
f3:fc:e8:94:45:9a:aa:37:0b:6b:65:f5:ab:2a:c7:
65:4a:12:9c:5e:9a:6a:21:39:9e:57:4f:54:09:a7:
7b:18:6a:0a:0b:b4:01:bb:e7:94:17:0f:ad:a7:ff:
e4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DA:D6:25:0B:C2:3C:A5:F9:6B:1E:06:4B:F6:28:84:73:03:EE:D7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/i9rWJQvCPKX5ax4GS_YohHMD7tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ecc2::/32
Signature Algorithm: sha256WithRSAEncryption
3d:17:83:46:21:08:a8:9b:d7:84:8f:5b:99:82:15:d3:c3:43:
b1:da:2c:30:de:e9:fa:4a:60:e5:ac:f4:e2:3a:de:65:c6:59:
6a:eb:b9:ca:f2:c1:71:d1:9f:91:a5:b4:5c:33:3a:5b:cc:78:
fb:e4:7b:1c:82:c5:da:f1:a3:b2:fc:45:4a:cb:02:14:d4:03:
9d:11:51:d2:52:fa:82:f5:0a:c9:61:b8:aa:bd:4d:30:4b:b7:
6c:4e:a1:80:ff:05:ca:19:fc:3f:c2:42:6c:5c:44:c6:89:55:
3f:10:35:8c:fd:cb:05:14:8e:23:71:02:22:23:db:dc:e6:b4:
c6:d2:37:de:5d:75:69:59:e0:6a:a9:0e:62:79:63:51:f4:00:
d1:f7:56:d2:9e:aa:78:f3:75:e6:f5:34:85:16:aa:35:84:31:
d9:aa:df:52:43:ef:6a:82:78:36:9e:07:ac:01:7b:08:4e:f3:
de:57:40:5d:36:05:f1:38:8a:eb:4e:4d:27:30:8a:b2:33:07:
4d:68:0a:d7:9a:6e:32:fd:39:a0:cb:e6:61:29:57:fc:81:1f:
c3:4c:ae:06:f0:d6:26:46:50:2d:74:b2:c0:16:f9:ba:91:e4:
99:ee:93:da:63:ab:d2:25:c1:18:aa:4b:45:83:0e:25:b7:32:
a5:64:49:50
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZhGYgM215EoTLwqKhwzJ16RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzI2MTA1ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRhZDYyNTBiYzIzY2E1Zjk2YjFlMDY0YmY2Mjg4NDczMDNlZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WTl0hjhR80UwMqGngVpoarDz2vs
MOZiFfP2RTvex4GSmkLMm4mif67UX3f+lzPb26/PlocDDi0QZMba0aHeSEwOzTwx
orPbm9SJIdozpVI+WCW987a6pTt5cOYvZifCvMWDF84esSyKAc0nCSx8m7JFemNH
NDuCzPwpH34d2L8xIucFQK9dTZ4FVQkuXFNL1O5amw7gaUsxwk/mMuE01sGepo0h
lB7uXqm9dVvePmjkBLtmxRmdfxvowncUzc3uFdrQ0wOBYFyPzaNuq5PlPOnz/OiU
RZqqNwtrZfWrKsdlShKcXppqITmeV09UCad7GGoKC7QBu+eUFw+tp//kEQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIva1iULwjyl+WseBkv2KIRzA+7XMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaTlyV0pRdkNQS1g1YXg0R1NfWW9oSE1EN3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhLswjAN
BgkqhkiG9w0BAQsFAAOCAQEAPReDRiEIqJvXhI9bmYIV08NDsdosMN7p+kpg5az0
4jreZcZZauu5yvLBcdGfkaW0XDM6W8x4++R7HILF2vGjsvxFSssCFNQDnRFR0lL6
gvUKyWG4qr1NMEu3bE6hgP8Fyhn8P8JCbFxExolVPxA1jP3LBRSOI3ECIiPb3Oa0
xtI33l11aVngaqkOYnljUfQA0fdW0p6qePN15vU0hRaqNYQx2arfUkPvaoJ4Np4H
rAF7CE7z3ldAXTYF8TiK605NJzCKsjMHTWgK15puMv05oMvmYSlX/IEfw0yuBvDW
JkZQLXSywBb5upHkme6T2mOr0iXBGKpLRYMOJbcypWRJUA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:04:25 2025 by rpki-client