Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YjwY6YNcKLuP0K47xh6dM9s81iM.roa
File: YjwY6YNcKLuP0K47xh6dM9s81iM.roa (raw, json)
Hash identifier: vQch8vjPlT74o893rSBgd/B4sND9Z1k+vwccK3ZJaRQ=
Subject key identifier: 62:3C:18:E9:83:5C:28:BB:8F:D0:AE:3B:C6:1E:9D:33:DB:3C:D6:23
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0195579298B1A2F24550F70AECFFCD0E533C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YjwY6YNcKLuP0K47xh6dM9s81iM.roa
Signing time: Sun 02 Mar 2025 15:56:19 +0000
ROA not before: Sun 02 Mar 2025 15:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 835
IP address blocks: 2a0f:b240::/32 maxlen: 48
2a0f:b244:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Mar 2025 13:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:57:92:98:b1:a2:f2:45:50:f7:0a:ec:ff:cd:0e:53:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Mar 2 15:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=623c18e9835c28bb8fd0ae3bc61e9d33db3cd623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cb:d8:06:10:6b:5b:91:da:09:95:bd:3f:48:
b6:cc:ab:de:23:5f:4c:75:c1:ff:f6:eb:13:12:ad:
3a:8f:82:d3:95:08:04:f4:9d:30:1d:e3:73:dc:25:
2d:24:ac:e5:05:24:d2:75:91:4b:f4:87:2e:dc:c5:
81:67:bc:30:07:18:08:b6:bf:9b:5e:46:09:74:35:
82:2a:cd:93:a1:7a:b3:fc:32:7c:ad:10:38:db:fc:
0a:cc:a2:50:3a:c4:33:bf:64:54:9a:9f:cb:4f:c6:
f0:93:6b:f5:9f:7c:01:e8:23:1b:8e:1e:3c:68:f4:
e8:b9:f2:5a:9d:fa:c4:5b:f8:59:47:81:61:da:60:
ed:02:5d:fb:e4:5a:55:9f:78:57:ce:fa:d6:fc:11:
8e:31:f5:eb:7b:8a:8a:46:ad:f9:11:82:20:93:cc:
a1:36:12:38:02:9e:24:29:d1:f8:d1:b0:45:61:ba:
76:23:d4:c3:af:b1:40:66:89:2c:c9:42:90:c9:8c:
6d:aa:da:a9:39:4d:3f:90:1d:44:10:22:6b:33:c3:
77:29:d3:34:cb:7c:a7:82:37:c4:4a:55:78:e4:57:
df:9f:18:a1:dd:df:35:02:f3:f4:1b:09:c3:6c:87:
2b:87:3a:13:47:1d:61:80:81:ed:ab:6f:67:44:33:
86:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3C:18:E9:83:5C:28:BB:8F:D0:AE:3B:C6:1E:9D:33:DB:3C:D6:23
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YjwY6YNcKLuP0K47xh6dM9s81iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b240::/32
2a0f:b244:100::/48
Signature Algorithm: sha256WithRSAEncryption
15:3d:63:48:c4:07:fd:26:a2:bd:22:c1:d9:cf:dd:a7:69:c0:
5c:75:61:69:5a:d4:63:39:1f:44:c3:6e:32:58:ca:78:60:54:
fe:57:90:61:47:71:d5:56:88:b3:fc:6a:f2:e6:1b:3f:bf:c8:
6d:c0:5d:b0:0e:ba:23:54:6d:b8:cc:57:2d:5f:55:29:bb:9e:
50:86:1d:87:ba:01:bf:9b:60:16:94:f3:9b:d0:ef:dd:71:dd:
84:cc:a2:d7:06:72:d6:0d:0d:3b:eb:ec:74:8d:3a:17:43:09:
11:cf:e3:a3:03:61:11:d3:2c:8c:27:9e:db:9e:01:f1:53:96:
1f:b7:a1:02:51:71:8b:26:a1:d6:f7:fd:25:ad:21:32:cb:bd:
f4:94:9e:8f:d7:e9:69:39:b1:de:88:7e:b5:b8:05:41:52:07:
c9:b1:0c:ea:6e:6d:bd:56:a1:67:da:e2:4f:57:4a:7e:f7:c1:
42:34:46:93:70:59:04:68:c8:e2:25:33:c2:e6:a9:8c:8c:cd:
12:70:db:e4:0f:3f:df:4f:07:ab:2e:9d:71:6a:4e:3e:64:fe:
36:7f:3c:56:d6:be:c1:79:2f:b7:c9:d0:c3:ab:11:03:7e:5d:
f2:69:d1:29:60:32:a2:6e:af:e8:b0:73:d6:5c:18:95:b6:4b:
65:bd:68:23
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZVXkpixovJFUPcK7P/NDlM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMzAyMTU1NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjNjMThlOTgzNWMyOGJiOGZkMGFlM2JjNjFlOWQzM2RiM2NkNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8vYBhBrW5HaCZW9P0i2zKveI19M
dcH/9usTEq06j4LTlQgE9J0wHeNz3CUtJKzlBSTSdZFL9Icu3MWBZ7wwBxgItr+b
XkYJdDWCKs2ToXqz/DJ8rRA42/wKzKJQOsQzv2RUmp/LT8bwk2v1n3wB6CMbjh48
aPToufJanfrEW/hZR4Fh2mDtAl375FpVn3hXzvrW/BGOMfXre4qKRq35EYIgk8yh
NhI4Ap4kKdH40bBFYbp2I9TDr7FAZoksyUKQyYxtqtqpOU0/kB1EECJrM8N3KdM0
y3yngjfESlV45Fffnxih3d81AvP0GwnDbIcrhzoTRx1hgIHtq29nRDOGowIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGI8GOmDXCi7j9CuO8YenTPbPNYjMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWWp3WTZZTmNLTHVQMEs0N3hoNmRNOXM4MWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwUAKg+yQAMH
ACoPskQBADANBgkqhkiG9w0BAQsFAAOCAQEAFT1jSMQH/SaivSLB2c/dp2nAXHVh
aVrUYzkfRMNuMljKeGBU/leQYUdx1VaIs/xq8uYbP7/IbcBdsA66I1RtuMxXLV9V
KbueUIYdh7oBv5tgFpTzm9Dv3XHdhMyi1wZy1g0NO+vsdI06F0MJEc/jowNhEdMs
jCee254B8VOWH7ehAlFxiyah1vf9Ja0hMsu99JSej9fpaTmx3oh+tbgFQVIHybEM
6m5tvVahZ9riT1dKfvfBQjRGk3BZBGjI4iUzwuapjIzNEnDb5A8/308Hqy6dcWpO
PmT+Nn88Vta+wXkvt8nQw6sRA35d8mnRKWAyom6v6LBz1lwYlbZLZb1oIw==
-----END CERTIFICATE-----
Generated at Wed Apr 30 15:08:46 2025 by rpki-client