Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/i347yXjxHsFzzXuel4kCtaLi4sw.roa
File: i347yXjxHsFzzXuel4kCtaLi4sw.roa (raw, json)
Hash identifier: ShSNiJ3+MtQ5Hza7gQlLjqhNlaKYrvswq6PXbuJaKNI=
Subject key identifier: 8B:7E:3B:C9:78:F1:1E:C1:73:CD:7B:9E:97:89:02:B5:A2:E2:E2:CC
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195FD419A72AAB48B1E2C755082A0C70695
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/i347yXjxHsFzzXuel4kCtaLi4sw.roa
Signing time: Thu 03 Apr 2025 20:04:49 +0000
ROA not before: Thu 03 Apr 2025 20:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a0e:13c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 04 Apr 2025 14:03:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fd:41:9a:72:aa:b4:8b:1e:2c:75:50:82:a0:c7:06:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 3 20:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b7e3bc978f11ec173cd7b9e978902b5a2e2e2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ee:cd:55:65:2d:10:90:25:46:b1:ae:b7:aa:
9a:be:8b:f8:84:6e:82:fd:3c:6d:eb:2c:ad:50:a3:
9e:7c:a8:36:e7:8e:3a:f3:d0:23:b6:90:79:3f:aa:
ce:f2:0c:6c:70:0a:28:1b:8f:77:db:d8:54:d4:72:
ab:31:2a:79:c1:dd:a8:ed:d6:ce:a9:9b:e5:b2:87:
71:b2:fd:65:dc:41:a7:14:24:30:17:4b:a7:53:08:
5e:52:60:58:96:64:fa:ec:e7:9c:01:0b:72:00:c2:
d4:12:3a:8b:c8:50:45:db:68:e6:85:a1:d3:87:17:
8c:d7:0a:8d:29:78:e3:d4:15:50:38:0a:cd:42:99:
33:03:2c:97:65:43:59:09:e4:55:7d:13:79:89:59:
7e:89:12:a7:ff:4c:c0:c5:e4:fe:da:f9:5c:a6:0c:
23:0c:2c:e6:3c:73:d2:94:34:ba:1c:3d:42:c2:03:
ab:0d:56:00:e3:fb:26:c8:55:56:90:43:8a:95:bc:
14:ab:ae:e7:b3:77:f7:f0:87:32:e1:8c:9b:a7:44:
f1:eb:8a:54:30:32:9c:b3:c6:1f:be:d7:37:12:d4:
a2:c7:f5:5b:b0:54:3a:c1:e5:a6:b4:88:39:78:0f:
11:03:e2:3f:39:d8:a8:87:fc:2a:c3:da:cb:83:5c:
92:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7E:3B:C9:78:F1:1E:C1:73:CD:7B:9E:97:89:02:B5:A2:E2:E2:CC
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/i347yXjxHsFzzXuel4kCtaLi4sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c5::/32
Signature Algorithm: sha256WithRSAEncryption
ba:32:6f:fb:b5:4a:31:e7:ef:9f:6c:20:a8:8d:e6:da:4d:cd:
92:67:bd:20:5e:47:69:85:b9:cb:f2:df:69:d3:56:bc:51:0c:
4f:ab:e6:6d:fa:63:75:5d:b6:3a:92:94:1b:23:3c:9b:b7:6e:
25:85:30:db:15:be:9f:c3:e6:35:c5:c3:13:aa:50:7c:20:ee:
bf:2c:a6:bb:c6:7e:eb:f7:67:3a:32:43:15:0f:c5:f5:1b:fe:
c2:0a:32:5e:1a:e4:46:b1:4d:b4:04:89:70:40:d2:d5:61:9c:
20:26:aa:73:8c:26:04:93:67:87:49:0b:04:2f:a4:d4:85:75:
ab:1f:87:a6:04:bf:ef:39:55:e2:a0:0a:ba:65:bc:7b:2d:e5:
c4:88:3d:76:b2:45:f1:15:c0:83:9e:a5:39:4d:d7:44:96:2e:
bd:10:ac:e1:5b:01:09:65:d1:96:3d:a8:37:62:a4:4e:81:c3:
2c:dd:cb:91:c4:94:91:11:54:a3:72:8a:1d:89:22:dc:b2:ee:
aa:6b:ca:c5:a0:ea:47:fe:c9:cb:b1:9b:b4:41:dc:e4:d2:e3:
b2:4b:5c:2c:aa:fa:19:49:3d:07:51:ba:7b:06:c0:19:ef:c2:
51:00:c2:81:81:bb:a0:f0:1b:7e:55:29:70:2d:b0:24:83:1e:
47:c1:6d:62
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZX9QZpyqrSLHix1UIKgxwaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDAzMjAwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdlM2JjOTc4ZjExZWMxNzNjZDdiOWU5Nzg5MDJiNWEyZTJlMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO7NVWUtEJAlRrGut6qavov4hG6C
/Txt6yytUKOefKg2544689AjtpB5P6rO8gxscAooG49329hU1HKrMSp5wd2o7dbO
qZvlsodxsv1l3EGnFCQwF0unUwheUmBYlmT67OecAQtyAMLUEjqLyFBF22jmhaHT
hxeM1wqNKXjj1BVQOArNQpkzAyyXZUNZCeRVfRN5iVl+iRKn/0zAxeT+2vlcpgwj
DCzmPHPSlDS6HD1CwgOrDVYA4/smyFVWkEOKlbwUq67ns3f38Icy4Yybp0Tx64pU
MDKcs8Yfvtc3EtSix/VbsFQ6weWmtIg5eA8RA+I/Odioh/wqw9rLg1yS/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIt+O8l48R7Bc817npeJArWi4uLMMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvaTM0N3lYanhIc0Z6elh1ZWw0a0N0YUxpNHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg4TxTAN
BgkqhkiG9w0BAQsFAAOCAQEAujJv+7VKMefvn2wgqI3m2k3Nkme9IF5HaYW5y/Lf
adNWvFEMT6vmbfpjdV22OpKUGyM8m7duJYUw2xW+n8PmNcXDE6pQfCDuvyymu8Z+
6/dnOjJDFQ/F9Rv+wgoyXhrkRrFNtASJcEDS1WGcICaqc4wmBJNnh0kLBC+k1IV1
qx+HpgS/7zlV4qAKumW8ey3lxIg9drJF8RXAg56lOU3XRJYuvRCs4VsBCWXRlj2o
N2KkToHDLN3LkcSUkRFUo3KKHYki3LLuqmvKxaDqR/7Jy7GbtEHc5NLjsktcLKr6
GUk9B1G6ewbAGe/CUQDCgYG7oPAbflUpcC2wJIMeR8FtYg==
-----END CERTIFICATE-----
Generated at Wed Jun 18 21:43:34 2025 by rpki-client