Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39690.roa
File: AS39690.roa (raw, json)
Hash identifier: 2GblI/2wFng+UTct2QJoDm853LR5bWlXp8U46SoconI=
Subject key identifier: D1:32:4B:91:A3:23:66:9F:B1:69:2B:54:51:A5:25:67:4B:78:26:2B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 154A89CD21AE06FC2B8CD0EC6207EF4E076C16C1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39690.roa
Signing time: Wed 11 Jun 2025 07:25:40 +0000
ROA not before: Wed 11 Jun 2025 07:20:40 +0000
ROA not after: Wed 10 Jun 2026 07:25:40 +0000
asID: 39690
IP address blocks: 2a06:2b81::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Jun 2025 12:55:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:4a:89:cd:21:ae:06:fc:2b:8c:d0:ec:62:07:ef:4e:07:6c:16:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 11 07:20:40 2025 GMT
Not After : Jun 10 07:25:40 2026 GMT
Subject: CN=D1324B91A323669FB1692B5451A525674B78262B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0b:40:e6:fd:7d:d6:63:85:84:e9:98:36:01:
55:c6:9b:8d:e1:5a:2c:d0:9c:db:a5:31:7a:32:2b:
1a:38:27:33:34:63:37:03:50:55:4e:fb:71:b2:b6:
70:35:8e:9b:8e:95:3e:a1:c2:12:be:88:ad:6a:ff:
bc:f5:e6:28:4f:c0:a8:2f:f0:de:fb:b3:d8:38:b7:
fc:a3:65:7a:3e:ad:15:ab:c1:35:ce:5c:55:27:15:
76:79:a7:60:40:47:bc:1e:22:d8:25:3a:64:49:c1:
79:e7:97:9e:fe:06:4a:f0:78:9d:5a:b9:e9:af:ba:
8a:f8:30:e2:20:06:d5:be:70:20:ef:a8:89:cd:72:
d8:8a:bd:d0:36:38:bd:fe:5c:40:8c:86:c5:c8:2d:
dd:40:a7:d1:1c:eb:5d:c4:91:59:25:c4:69:69:48:
ec:ab:84:74:52:07:81:cb:95:75:a0:36:7f:ec:00:
81:23:a5:52:ad:9e:0e:f0:13:e4:be:39:db:0f:30:
06:63:99:ae:53:28:f6:dd:a5:92:fa:77:e1:62:26:
18:60:49:c4:82:8e:70:ba:1b:bf:97:70:64:eb:7c:
ba:72:07:e6:9e:cb:60:41:c3:5d:4a:8a:77:4f:2c:
5b:ab:69:5f:28:eb:e1:b3:1c:a1:af:58:ff:fa:dc:
fc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:32:4B:91:A3:23:66:9F:B1:69:2B:54:51:A5:25:67:4B:78:26:2B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:2b81::/32
Signature Algorithm: sha256WithRSAEncryption
0c:2d:74:b7:a6:54:8e:fa:af:d9:95:54:20:d2:5f:40:3b:a2:
90:17:51:bf:3d:fe:56:17:5a:fa:3e:43:3f:d1:2d:05:4b:0c:
97:c8:1e:63:64:0c:f0:a5:f9:75:18:0d:8f:b3:0b:38:ae:e4:
75:8d:56:ed:2d:2f:75:70:a5:da:c4:08:a0:84:17:5f:96:29:
fa:31:a0:f8:8a:99:cf:3d:03:96:d6:02:17:51:df:82:a2:ae:
50:cb:e6:a3:8e:fd:69:06:55:7c:b6:0f:a2:93:84:eb:c3:bf:
1a:52:d5:d9:39:38:f4:db:60:b2:d6:3f:54:b7:ce:ff:cc:c6:
98:be:ec:cc:ac:03:b8:30:73:de:38:68:4e:5f:e5:de:27:30:
9f:cc:05:42:3b:21:53:64:2e:7f:1a:60:1c:3e:df:05:33:f6:
3a:8c:61:d1:41:a0:42:59:79:3c:cb:2d:b0:30:2c:48:f6:d0:
af:44:d3:c5:39:5d:6e:80:df:06:bd:fe:4a:a9:f5:9c:30:bc:
0e:ee:a0:5e:49:9c:e0:d4:29:ee:aa:57:81:80:3e:30:c8:60:
0b:5c:4b:51:cd:fd:68:14:c7:26:c8:65:43:cd:2c:c7:70:a3:
41:b3:ef:3b:f1:f2:39:7c:d0:a9:f4:de:f6:b0:84:29:b3:b6:
cd:a7:af:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUFUqJzSGuBvwrjNDsYgfvTgdsFsEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTEwNzIwNDBaFw0yNjA2MTAwNzI1NDBaMDMxMTAvBgNV
BAMTKEQxMzI0QjkxQTMyMzY2OUZCMTY5MkI1NDUxQTUyNTY3NEI3ODI2MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPC0Dm/X3WY4WE6Zg2AVXGm43h
WizQnNulMXoyKxo4JzM0YzcDUFVO+3GytnA1jpuOlT6hwhK+iK1q/7z15ihPwKgv
8N77s9g4t/yjZXo+rRWrwTXOXFUnFXZ5p2BAR7weItglOmRJwXnnl57+BkrweJ1a
uemvuor4MOIgBtW+cCDvqInNctiKvdA2OL3+XECMhsXILd1Ap9Ec613EkVklxGlp
SOyrhHRSB4HLlXWgNn/sAIEjpVKtng7wE+S+OdsPMAZjma5TKPbdpZL6d+FiJhhg
ScSCjnC6G7+XcGTrfLpyB+aey2BBw11KindPLFuraV8o6+GzHKGvWP/63PxxAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU0TJLkaMjZp+xaStUUaUlZ0t4JiswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk2OTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqBiuB
MA0GCSqGSIb3DQEBCwUAA4IBAQAMLXS3plSO+q/ZlVQg0l9AO6KQF1G/Pf5WF1r6
PkM/0S0FSwyXyB5jZAzwpfl1GA2Psws4ruR1jVbtLS91cKXaxAighBdflin6MaD4
ipnPPQOW1gIXUd+Coq5Qy+ajjv1pBlV8tg+ik4Trw78aUtXZOTj022Cy1j9Ut87/
zMaYvuzMrAO4MHPeOGhOX+XeJzCfzAVCOyFTZC5/GmAcPt8FM/Y6jGHRQaBCWXk8
yy2wMCxI9tCvRNPFOV1ugN8Gvf5KqfWcMLwO7qBeSZzg1CnuqleBgD4wyGALXEtR
zf1oFMcmyGVDzSzHcKNBs+878fI5fNCp9N72sIQps7bNp6/D
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:39:18 2025 by rpki-client