Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/picwHOP5kLt1v3uFjsBirl9-A8Q.roa
File: picwHOP5kLt1v3uFjsBirl9-A8Q.roa (raw, json)
Hash identifier: 6xsbwTixdYjPQqyY51CoIGfLpYlf2kfD/fvGagsBkys=
Subject key identifier: A6:27:30:1C:E3:F9:90:BB:75:BF:7B:85:8E:C0:62:AE:5F:7E:03:C4
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 0196EDE8AAD847A6FEF9D3B108B2D630BF32
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/picwHOP5kLt1v3uFjsBirl9-A8Q.roa
Signing time: Tue 20 May 2025 13:36:10 +0000
ROA not before: Tue 20 May 2025 13:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20292
IP address blocks: 2a06:6fc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 25 May 2025 15:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:e8:aa:d8:47:a6:fe:f9:d3:b1:08:b2:d6:30:bf:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: May 20 13:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a627301ce3f990bb75bf7b858ec062ae5f7e03c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7d:fb:5c:d6:da:52:f0:d7:13:4e:3a:c0:c3:
1b:5e:41:e5:b0:cf:f9:4a:df:30:4a:56:18:d9:ac:
75:e1:da:d7:74:9a:10:2e:05:84:2f:83:15:b5:19:
88:8c:a4:e6:30:2c:84:27:6d:1b:79:e1:61:38:c7:
30:47:08:be:79:15:e8:54:cb:55:3c:1c:76:72:47:
7a:86:ad:7d:cb:77:29:6d:da:96:93:8a:dc:3c:8d:
09:86:d7:e5:a4:93:04:9a:1a:b4:37:2e:a7:1b:70:
de:62:7d:65:a9:6a:55:f4:f5:77:99:e7:8d:14:d2:
26:c1:9c:23:07:fa:5c:d0:fa:b8:42:aa:87:cb:54:
60:a4:1c:60:c5:1c:c2:60:09:d9:77:4f:e6:b9:06:
1b:58:4c:e3:a7:39:47:7b:8e:08:01:61:4f:33:2d:
e9:dc:2b:d6:a6:9b:e0:36:9a:2f:56:e3:93:e4:bd:
c7:d5:7c:c9:65:db:88:a5:b2:d4:9e:8e:6f:02:b4:
65:27:df:a6:da:58:b1:16:7a:5a:c2:3f:0b:c9:4d:
be:7f:db:aa:e1:89:c0:54:0e:cc:6e:77:c0:23:44:
ca:ba:03:ae:18:37:99:6c:c5:64:72:81:3c:cd:87:
87:ed:c8:86:b4:91:f9:74:49:62:57:1e:90:6b:93:
c4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:27:30:1C:E3:F9:90:BB:75:BF:7B:85:8E:C0:62:AE:5F:7E:03:C4
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/picwHOP5kLt1v3uFjsBirl9-A8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6fc1::/32
Signature Algorithm: sha256WithRSAEncryption
43:3c:59:fe:cf:73:b7:36:ed:26:a4:50:f0:de:cd:80:d4:a6:
81:2d:4e:6b:2c:ab:c9:40:57:5d:99:40:01:a7:ce:ad:54:29:
b6:a8:19:58:56:50:c0:af:2e:b4:03:bf:8f:02:3b:13:f9:3d:
61:5b:ae:5a:95:c7:ba:15:68:53:73:fa:fe:1a:08:cb:66:65:
2a:ac:2f:48:70:a1:f9:75:fc:7c:24:a8:32:ff:2c:4d:29:8a:
7a:c2:ca:e9:de:da:43:8d:a5:cf:29:e9:d0:f0:17:56:a0:41:
c4:d4:f0:bb:78:73:48:c6:0a:41:7e:0e:b6:b5:fa:e9:eb:e9:
67:ad:cb:e3:c0:49:1f:a1:e6:f7:40:9e:89:fb:61:8b:fd:c6:
2e:fe:84:92:65:da:f0:3b:ea:6a:30:e0:ab:98:d1:11:54:a3:
e6:97:b3:24:d5:49:71:72:22:85:4f:88:4f:6b:a5:6f:a8:fa:
d1:f7:f0:2d:1a:49:04:89:4f:fe:8e:b2:cb:c6:e6:ba:c8:31:
cf:c7:ed:e7:bb:e5:c6:00:4d:2e:b6:a1:27:ea:54:56:f0:1e:
d2:f7:14:87:44:cd:b6:0e:52:30:52:23:aa:1d:0f:46:d9:86:
7c:f1:8a:8e:95:5c:e9:6c:b9:67:1f:7f:46:2a:06:ad:18:64:
28:fb:50:cd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZbt6KrYR6b++dOxCLLWML8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUwNTIwMTMzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI3MzAxY2UzZjk5MGJiNzViZjdiODU4ZWMwNjJhZTVmN2UwM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH37XNbaUvDXE046wMMbXkHlsM/5
St8wSlYY2ax14drXdJoQLgWEL4MVtRmIjKTmMCyEJ20beeFhOMcwRwi+eRXoVMtV
PBx2ckd6hq19y3cpbdqWk4rcPI0JhtflpJMEmhq0Ny6nG3DeYn1lqWpV9PV3meeN
FNImwZwjB/pc0Pq4QqqHy1RgpBxgxRzCYAnZd0/muQYbWEzjpzlHe44IAWFPMy3p
3CvWppvgNpovVuOT5L3H1XzJZduIpbLUno5vArRlJ9+m2lixFnpawj8LyU2+f9uq
4YnAVA7MbnfAI0TKugOuGDeZbMVkcoE8zYeH7ciGtJH5dEliVx6Qa5PEhwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKYnMBzj+ZC7db97hY7AYq5ffgPEMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvcGljd0hPUDVrTHQxdjN1RmpzQmlybDktQThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgZvwTAN
BgkqhkiG9w0BAQsFAAOCAQEAQzxZ/s9ztzbtJqRQ8N7NgNSmgS1OayyryUBXXZlA
AafOrVQptqgZWFZQwK8utAO/jwI7E/k9YVuuWpXHuhVoU3P6/hoIy2ZlKqwvSHCh
+XX8fCSoMv8sTSmKesLK6d7aQ42lzynp0PAXVqBBxNTwu3hzSMYKQX4OtrX66evp
Z63L48BJH6Hm90Ceifthi/3GLv6EkmXa8DvqajDgq5jREVSj5pezJNVJcXIihU+I
T2ulb6j60ffwLRpJBIlP/o6yy8bmusgxz8ft57vlxgBNLrahJ+pUVvAe0vcUh0TN
tg5SMFIjqh0PRtmGfPGKjpVc6Wy5Zx9/RioGrRhkKPtQzQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 00:02:51 2025 by rpki-client