Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/B9M8ATHmMYPeVNa3QYr7zMZOp7M.roa
File: B9M8ATHmMYPeVNa3QYr7zMZOp7M.roa (raw, json)
Hash identifier: ql/s3tDgRNileMouARm+yNaPj8ZLeaKO+X/3YvhFSOM=
Subject key identifier: 07:D3:3C:01:31:E6:31:83:DE:54:D6:B7:41:8A:FB:CC:C6:4E:A7:B3
Certificate issuer: /CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647
Certificate serial: 01979789DA382DC7A0E1D9E4380A28DE8C05
Authority key identifier: 09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/B9M8ATHmMYPeVNa3QYr7zMZOp7M.roa
Signing time: Sun 22 Jun 2025 12:08:03 +0000
ROA not before: Sun 22 Jun 2025 12:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7
IP address blocks: 2a0b:3b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 22 Jun 2025 14:39:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:97:89:da:38:2d:c7:a0:e1:d9:e4:38:0a:28:de:8c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647
Validity
Not Before: Jun 22 12:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07d33c0131e63183de54d6b7418afbccc64ea7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d8:25:ad:3b:79:6f:5c:12:48:c6:61:89:bf:
d1:fd:c2:5a:86:05:dc:bc:f3:4d:08:eb:34:f7:a8:
f8:17:30:4c:d1:06:e2:37:07:af:cd:11:3f:05:9d:
15:60:84:68:db:b4:a9:d5:16:54:40:eb:b1:19:5a:
fa:4c:58:c5:71:09:e1:36:5a:b9:11:71:ae:25:e5:
b2:c8:2f:99:ca:95:cf:2b:f3:1b:1b:5b:4a:0b:ae:
20:b6:30:db:d4:cf:4b:d6:41:67:14:27:17:2f:eb:
cc:6d:7f:ff:f7:74:4f:e8:1a:0e:5b:eb:2c:0f:73:
46:f5:f2:77:a8:02:23:96:4b:2f:81:13:cc:51:43:
e9:d0:b6:c9:90:74:46:02:de:e8:ce:d2:8c:91:29:
5f:b9:52:c2:9c:04:a0:b5:bc:64:f6:02:d0:cc:25:
a0:bc:cc:50:b1:29:82:7d:58:a4:50:5c:62:e2:b3:
7d:50:85:7d:f9:43:b0:98:08:d9:db:1c:c2:c1:54:
0f:e2:61:1d:31:4c:01:2d:0e:54:63:ea:5e:21:7b:
2e:11:72:16:59:77:f3:40:94:7e:ae:8c:af:20:85:
4a:9b:d4:18:62:c5:96:47:fe:f5:90:2f:1d:54:9e:
06:b4:ab:eb:3e:f5:1f:4a:ab:2c:b0:fd:7b:a8:54:
e3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D3:3C:01:31:E6:31:83:DE:54:D6:B7:41:8A:FB:CC:C6:4E:A7:B3
X509v3 Authority Key Identifier:
keyid:09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/B9M8ATHmMYPeVNa3QYr7zMZOp7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
7b:d3:89:f4:a1:f5:20:4b:bf:24:1e:60:d5:37:67:d1:55:09:
76:f5:85:2c:a0:c5:b3:7a:50:0c:61:9a:c7:d4:d8:fa:10:aa:
4e:08:1e:98:12:a9:65:e8:43:6c:50:eb:1e:4b:50:bf:7f:c3:
1f:bc:33:1b:9a:cc:19:6c:65:63:88:c7:4e:83:99:43:b6:7a:
96:2a:5b:d3:52:8d:bd:69:21:36:ad:f7:90:3f:5f:3c:d9:1a:
bc:2d:e7:08:65:fa:1e:de:0a:1c:ca:ac:ff:32:25:d3:53:7b:
20:4f:31:ed:65:03:56:3a:55:b5:35:2b:7c:18:46:1d:7f:74:
27:75:db:74:9a:1e:4c:2d:d9:9f:28:56:c8:c0:5d:1f:84:0e:
a4:66:95:d0:30:32:9d:04:a6:7e:82:fc:0a:bd:3f:21:5a:0c:
6b:31:9d:aa:dd:b0:06:a4:4f:fd:0a:31:45:d6:ae:63:5c:a8:
c0:50:1f:47:e1:85:74:35:6a:94:f1:5d:eb:c2:e2:ad:ce:74:
e4:ee:f1:3f:79:7b:3f:6d:fc:bb:c1:24:ef:8c:52:dd:d7:e2:
d6:8c:93:07:a5:4c:af:1b:05:69:37:73:5c:cf:28:70:0b:62:
7c:7d:e4:90:1b:0a:29:c4:ef:19:61:8e:83:48:9e:5a:d5:49:
01:d4:b9:33
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZeXido4Lceg4dnkOAoo3owFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NmMzZTg2NTRmZTg3YmRhYjQ3MTFkNzc2ZTQ0YjRmMGNk
MWI2NDcwHhcNMjUwNjIyMTIwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QzM2MwMTMxZTYzMTgzZGU1NGQ2Yjc0MThhZmJjY2M2NGVhN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodglrTt5b1wSSMZhib/R/cJahgXc
vPNNCOs096j4FzBM0QbiNwevzRE/BZ0VYIRo27Sp1RZUQOuxGVr6TFjFcQnhNlq5
EXGuJeWyyC+ZypXPK/MbG1tKC64gtjDb1M9L1kFnFCcXL+vMbX//93RP6BoOW+ss
D3NG9fJ3qAIjlksvgRPMUUPp0LbJkHRGAt7oztKMkSlfuVLCnASgtbxk9gLQzCWg
vMxQsSmCfVikUFxi4rN9UIV9+UOwmAjZ2xzCwVQP4mEdMUwBLQ5UY+peIXsuEXIW
WXfzQJR+royvIIVKm9QYYsWWR/71kC8dVJ4GtKvrPvUfSqsssP17qFTjqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAfTPAEx5jGD3lTWt0GK+8zGTqezMB8GA1UdIwQY
MBaAFAlsPoZU/oe9q0cR13bkS08M0bZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEt
NGU3ZDU4NDhkZTAwLzEvQjlNOEFUSG1NWVBlVk5hM1FZcjd6TVpPcDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEtNGU3ZDU4NDhkZTAw
LzEvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgs7QDAN
BgkqhkiG9w0BAQsFAAOCAQEAe9OJ9KH1IEu/JB5g1Tdn0VUJdvWFLKDFs3pQDGGa
x9TY+hCqTggemBKpZehDbFDrHktQv3/DH7wzG5rMGWxlY4jHToOZQ7Z6lipb01KN
vWkhNq33kD9fPNkavC3nCGX6Ht4KHMqs/zIl01N7IE8x7WUDVjpVtTUrfBhGHX90
J3XbdJoeTC3ZnyhWyMBdH4QOpGaV0DAynQSmfoL8Cr0/IVoMazGdqt2wBqRP/Qox
RdauY1yowFAfR+GFdDVqlPFd68Lirc505O7xP3l7P238u8Ek74xS3dfi1oyTB6VM
rxsFaTdzXM8ocAtifH3kkBsKKcTvGWGOg0ieWtVJAdS5Mw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 04:31:14 2025 by rpki-client