Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/iXWAZqYhCPWt2FCRhFpWi90a8xE.roa
File: iXWAZqYhCPWt2FCRhFpWi90a8xE.roa (raw, json)
Hash identifier: 10HcpXgcB4xsYGxwfmpmcFF4/9Sr6T+0Er4n+NyAHxs=
Subject key identifier: 89:75:80:66:A6:21:08:F5:AD:D8:50:91:84:5A:56:8B:DD:1A:F3:11
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195FD3FC67A8170CFEEBCE065160C9FB59E
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/iXWAZqYhCPWt2FCRhFpWi90a8xE.roa
Signing time: Thu 03 Apr 2025 20:02:50 +0000
ROA not before: Thu 03 Apr 2025 20:02:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a0e:13c6::/32 maxlen: 32
2a0e:4346::/32 maxlen: 32
2a0f:bb06::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Apr 2025 18:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fd:3f:c6:7a:81:70:cf:ee:bc:e0:65:16:0c:9f:b5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 3 20:02:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89758066a62108f5add85091845a568bdd1af311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fd:9a:bb:11:c1:b5:b3:6e:61:15:ac:a7:7f:
4e:90:a3:1b:a4:aa:ec:be:23:71:5a:4d:a2:93:8d:
1e:6f:be:45:dd:0e:a1:3b:13:80:75:56:5d:86:9d:
c2:b6:bb:d8:66:6b:4c:48:96:b8:ba:c5:be:86:8c:
08:1a:a3:6d:cd:95:6a:77:25:d4:8c:d7:07:61:bb:
cb:56:c0:fe:fb:5e:0c:fc:3e:cd:0a:82:46:98:e4:
34:a5:b0:90:04:a9:fa:02:54:57:9d:7a:e4:b8:4b:
b4:31:b6:13:c7:1b:d1:b2:9e:60:fd:ec:0c:e9:d2:
4c:f1:69:c1:57:08:19:e9:e2:8a:fa:fe:e4:9d:31:
18:c7:98:ed:6e:94:f8:32:98:13:52:52:f4:49:cc:
fa:04:70:2a:40:c7:9c:01:ce:c3:99:91:f5:0a:23:
22:11:d3:c5:85:96:e4:df:4c:91:77:6e:6f:c7:a4:
7d:d3:ca:06:37:47:7c:ec:fb:71:b9:c1:55:35:89:
20:49:a1:7d:71:13:83:ed:29:9d:6a:b0:67:5c:f0:
c0:fa:0f:fd:69:81:de:73:cf:7b:ea:79:a3:e7:61:
39:46:f2:2b:b6:72:e9:7a:15:01:2a:5c:a5:93:81:
d8:ef:a9:14:25:c2:94:c2:fe:9c:cb:eb:d2:b5:38:
cb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:75:80:66:A6:21:08:F5:AD:D8:50:91:84:5A:56:8B:DD:1A:F3:11
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/iXWAZqYhCPWt2FCRhFpWi90a8xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c6::/32
2a0e:4346::/32
2a0f:bb06::/32
Signature Algorithm: sha256WithRSAEncryption
2b:fa:9e:a8:2d:e1:0a:7c:09:f6:3e:7b:98:50:8a:0d:3a:5a:
08:ec:fb:3a:97:8e:8a:a7:45:db:74:a0:66:3f:b5:a2:3c:4c:
24:3c:a2:52:06:f9:98:1b:ec:b3:9d:69:08:a0:6e:22:82:9a:
a2:e2:a7:2b:f1:cb:70:31:1e:c2:a1:e5:37:99:6f:46:d6:f0:
47:11:ef:c6:2c:4c:e9:a7:57:d2:ec:fc:e4:ab:84:0c:dc:a3:
ec:c6:23:52:6f:11:81:92:29:ba:3f:e2:8c:3f:06:31:ef:32:
cf:74:17:d1:7d:7f:c7:a7:29:ca:2b:b2:8a:d3:15:83:59:38:
ac:bd:d4:2f:8c:3d:f3:a9:96:18:e0:34:9b:04:92:a3:5f:65:
a6:8e:f2:dc:44:5e:ab:9f:ec:4b:b8:9f:9a:4b:32:e9:20:04:
46:2d:4f:1a:cb:77:04:e1:d8:3b:17:38:50:a5:96:b5:e7:8c:
3a:4b:39:77:49:e7:8e:14:99:2d:7b:41:17:90:32:08:8f:f5:
56:ea:2c:5e:3d:d9:c6:33:4c:5f:a8:85:ec:82:83:06:45:e2:
0d:ec:59:7b:7b:08:8c:dd:e0:d6:06:6a:f6:ab:79:60:7b:ef:
e9:38:b2:cb:0c:a7:83:80:7c:74:07:01:e5:df:7c:4d:f2:78:
70:bf:6e:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZX9P8Z6gXDP7rzgZRYMn7WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDAzMjAwMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc1ODA2NmE2MjEwOGY1YWRkODUwOTE4NDVhNTY4YmRkMWFmMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP2auxHBtbNuYRWsp39OkKMbpKrs
viNxWk2ik40eb75F3Q6hOxOAdVZdhp3CtrvYZmtMSJa4usW+howIGqNtzZVqdyXU
jNcHYbvLVsD++14M/D7NCoJGmOQ0pbCQBKn6AlRXnXrkuEu0MbYTxxvRsp5g/ewM
6dJM8WnBVwgZ6eKK+v7knTEYx5jtbpT4MpgTUlL0Scz6BHAqQMecAc7DmZH1CiMi
EdPFhZbk30yRd25vx6R908oGN0d87PtxucFVNYkgSaF9cROD7SmdarBnXPDA+g/9
aYHec8976nmj52E5RvIrtnLpehUBKlylk4HY76kUJcKUwv6cy+vStTjLlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIl1gGamIQj1rdhQkYRaVovdGvMRMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvaVhXQVpxWWhDUFd0MkZDUmhGcFdpOTBhOHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg4TxgMF
ACoOQ0YDBQAqD7sGMA0GCSqGSIb3DQEBCwUAA4IBAQAr+p6oLeEKfAn2PnuYUIoN
OloI7Ps6l46Kp0XbdKBmP7WiPEwkPKJSBvmYG+yznWkIoG4igpqi4qcr8ctwMR7C
oeU3mW9G1vBHEe/GLEzpp1fS7Pzkq4QM3KPsxiNSbxGBkim6P+KMPwYx7zLPdBfR
fX/HpynKK7KK0xWDWTisvdQvjD3zqZYY4DSbBJKjX2WmjvLcRF6rn+xLuJ+aSzLp
IARGLU8ay3cE4dg7FzhQpZa154w6Szl3SeeOFJkte0EXkDIIj/VW6ixePdnGM0xf
qIXsgoMGReIN7Fl7ewiM3eDWBmr2q3lge+/pOLLLDKeDgHx0BwHl33xN8nhwv25L
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:49:15 2025 by rpki-client