Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/CUElzM8WgGDC8V3z6OZh9kXFeyk.roa
File: CUElzM8WgGDC8V3z6OZh9kXFeyk.roa (raw, json)
Hash identifier: JQV7zHMxOi6sm3IH/DY2FAhI04gtqCC1xxMsKHhPSL8=
Subject key identifier: 09:41:25:CC:CF:16:80:60:C2:F1:5D:F3:E8:E6:61:F6:45:C5:7B:29
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01963FFF7D08ED198386B17365C47F41FE8F
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/CUElzM8WgGDC8V3z6OZh9kXFeyk.roa
Signing time: Wed 16 Apr 2025 19:07:10 +0000
ROA not before: Wed 16 Apr 2025 19:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:9fc5::/32 maxlen: 32
2a11:e7c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 28 Apr 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:ff:7d:08:ed:19:83:86:b1:73:65:c4:7f:41:fe:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Apr 16 19:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=094125cccf168060c2f15df3e8e661f645c57b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:89:15:d3:de:74:f8:2d:f8:54:3e:65:a8:a4:
c8:57:44:d4:a2:56:28:1e:59:5b:14:73:81:cb:ac:
e3:e9:7d:eb:51:a6:50:20:a5:be:98:ca:f0:4e:3b:
70:a6:8c:b7:a2:61:8f:c1:8c:a7:7f:b8:fb:90:70:
da:6f:c2:12:a7:1b:37:8f:c0:35:b6:cf:69:d3:5d:
23:40:c1:e2:f0:a8:61:b9:ce:44:61:5d:96:83:0b:
82:f9:50:eb:bf:7b:f2:0e:e5:3e:92:6a:65:38:3c:
20:f7:ed:2f:7d:bf:f7:c5:f1:30:5c:42:38:75:8a:
e0:6d:5c:65:a4:d8:a5:3c:f7:da:77:f5:2c:83:78:
a6:a1:65:5a:28:7b:b6:62:4f:71:37:0d:75:8f:50:
3e:a5:7f:b2:7f:f2:48:c6:55:0c:68:a4:96:af:78:
41:a3:34:47:bc:cd:50:11:67:af:09:e3:39:44:3f:
bd:c1:9a:39:6e:84:dd:7c:6b:97:5c:ed:c4:24:0e:
83:71:cd:69:f4:f5:2a:65:38:e0:90:5f:31:6e:c2:
c0:17:42:64:6b:91:51:40:78:f3:18:73:22:91:71:
35:29:d0:3a:3e:51:f6:0d:e3:8b:8b:83:db:e2:31:
b3:d6:08:b9:94:e3:d3:3c:ce:90:0a:0b:52:a3:ba:
08:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:41:25:CC:CF:16:80:60:C2:F1:5D:F3:E8:E6:61:F6:45:C5:7B:29
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/CUElzM8WgGDC8V3z6OZh9kXFeyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9fc5::/32
2a11:e7c1::/32
Signature Algorithm: sha256WithRSAEncryption
3d:a8:b0:7c:20:4f:1a:c1:d8:72:58:f4:25:76:42:a8:db:90:
5a:52:64:2b:bd:98:cc:b4:26:4d:26:8a:03:c2:24:ee:bb:44:
d9:df:e6:42:88:ef:56:c2:43:38:a2:4b:b6:ba:ca:a6:f7:26:
dd:e3:96:0b:d7:47:a5:9e:65:a3:20:72:2d:25:9e:b1:62:d5:
b4:13:95:c5:26:2e:69:32:b5:0c:fb:b2:da:e7:9b:f4:5d:33:
65:6e:cd:54:9e:6a:d0:bd:03:90:55:3a:43:8f:ce:cf:aa:fd:
42:06:77:18:52:98:24:eb:29:95:e0:fe:0d:57:dc:6c:47:aa:
50:c6:9d:09:62:1f:a1:29:80:a2:5a:83:96:9b:68:70:11:6d:
dd:aa:f7:c4:f5:45:9c:8e:f1:06:d7:bd:d3:c7:fe:1e:18:4b:
8e:85:ea:b4:b3:a7:cc:3c:98:9e:78:c9:5a:a8:52:b4:84:a3:
5b:7b:8c:4e:93:cd:03:ff:50:11:86:77:75:c5:21:a2:05:ba:
7d:cd:b6:96:9f:00:4d:a6:5b:b3:d3:81:1a:34:18:77:04:d0:
cc:9e:90:85:98:aa:a1:df:04:b6:7b:a0:b2:3c:4c:c3:83:b2:
0d:dd:49:68:07:1e:dc:75:75:e3:34:54:63:ce:33:ce:6d:df:
e4:35:d0:eb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZY//30I7RmDhrFzZcR/Qf6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNDE2MTkwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQxMjVjY2NmMTY4MDYwYzJmMTVkZjNlOGU2NjFmNjQ1YzU3YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4kV0950+C34VD5lqKTIV0TUolYo
HllbFHOBy6zj6X3rUaZQIKW+mMrwTjtwpoy3omGPwYynf7j7kHDab8ISpxs3j8A1
ts9p010jQMHi8Khhuc5EYV2WgwuC+VDrv3vyDuU+kmplODwg9+0vfb/3xfEwXEI4
dYrgbVxlpNilPPfad/Usg3imoWVaKHu2Yk9xNw11j1A+pX+yf/JIxlUMaKSWr3hB
ozRHvM1QEWevCeM5RD+9wZo5boTdfGuXXO3EJA6Dcc1p9PUqZTjgkF8xbsLAF0Jk
a5FRQHjzGHMikXE1KdA6PlH2DeOLi4Pb4jGz1gi5lOPTPM6QCgtSo7oITwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAlBJczPFoBgwvFd8+jmYfZFxXspMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvQ1VFbHpNOFdnR0RDOFYzejZPWmg5a1hGZXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhGfxQMF
ACoR58EwDQYJKoZIhvcNAQELBQADggEBAD2osHwgTxrB2HJY9CV2QqjbkFpSZCu9
mMy0Jk0migPCJO67RNnf5kKI71bCQziiS7a6yqb3Jt3jlgvXR6WeZaMgci0lnrFi
1bQTlcUmLmkytQz7strnm/RdM2VuzVSeatC9A5BVOkOPzs+q/UIGdxhSmCTrKZXg
/g1X3GxHqlDGnQliH6EpgKJag5abaHARbd2q98T1RZyO8QbXvdPH/h4YS46F6rSz
p8w8mJ54yVqoUrSEo1t7jE6TzQP/UBGGd3XFIaIFun3NtpafAE2mW7PTgRo0GHcE
0MyekIWYqqHfBLZ7oLI8TMODsg3dSWgHHtx1deM0VGPOM85t3+Q10Os=
-----END CERTIFICATE-----
Generated at Thu May 1 05:06:21 2025 by rpki-client