Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/OmRA2d2u6isAld2KIvDdBFO7f4s.roa
File: OmRA2d2u6isAld2KIvDdBFO7f4s.roa (raw, json)
Hash identifier: Ys7axznXmBd8dDDK0VPmMEDPLZvODAnbsqaiFZwdGMo=
Subject key identifier: 3A:64:40:D9:DD:AE:EA:2B:00:95:DD:8A:22:F0:DD:04:53:BB:7F:8B
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01955D8349486037902228925248F43464B9
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/OmRA2d2u6isAld2KIvDdBFO7f4s.roa
Signing time: Mon 03 Mar 2025 19:37:19 +0000
ROA not before: Mon 03 Mar 2025 19:37:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0d:cdc5::/32 maxlen: 32
2a0e:eec4::/32 maxlen: 32
2a11:3c42::/32 maxlen: 32
2a11:6bc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:83:49:48:60:37:90:22:28:92:52:48:f4:34:64:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Mar 3 19:37:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a6440d9ddaeea2b0095dd8a22f0dd0453bb7f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:88:b7:57:f9:c9:b0:5d:c9:00:47:cd:3b:
2d:8c:62:d5:af:bb:f1:7b:20:96:f2:4c:d3:5f:53:
0d:a1:04:39:a7:cc:d8:36:bd:99:f3:88:a5:b0:9f:
a1:db:1b:5a:ec:69:0b:2b:e6:4b:f0:03:12:41:17:
57:7f:3f:e7:d2:2d:c8:95:bf:fe:90:a6:6a:ec:26:
02:fb:66:89:14:49:d3:bb:41:75:77:28:ac:21:5a:
58:3a:40:7a:5b:70:64:9e:ea:4f:1a:e0:3d:6b:22:
f3:1f:d8:2d:5a:c5:82:97:cb:ae:ec:99:c7:9a:73:
69:10:68:b0:8e:c7:b0:0e:10:4b:ed:b7:a8:11:83:
10:94:4a:1d:4b:9a:ad:f9:77:5c:4e:cb:c7:73:58:
a3:bc:5f:4e:a1:f0:1d:75:19:02:3e:98:5c:33:95:
34:d9:87:e2:d7:b0:74:a5:3f:24:5a:bf:45:10:4d:
70:7d:6e:7d:36:36:1f:2b:84:cd:25:9a:eb:ac:bd:
51:f0:f2:44:16:09:25:4a:ee:63:0e:31:bd:65:bc:
ca:da:47:fb:d0:49:00:29:10:f9:59:08:35:d2:9d:
82:a9:de:13:85:61:aa:ef:82:4f:77:7b:cf:18:27:
4f:a8:ce:16:cd:12:9e:12:41:bc:dc:8d:fe:3a:3e:
1e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:64:40:D9:DD:AE:EA:2B:00:95:DD:8A:22:F0:DD:04:53:BB:7F:8B
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/OmRA2d2u6isAld2KIvDdBFO7f4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cdc5::/32
2a0e:eec4::/32
2a11:3c42::/32
2a11:6bc5::/32
Signature Algorithm: sha256WithRSAEncryption
44:e6:f2:71:ab:47:79:aa:72:0f:a4:da:d1:34:6e:f3:ff:8e:
b6:c1:60:9f:23:fd:67:60:d0:cd:e5:33:0b:44:78:f1:c1:9c:
23:aa:00:76:8b:db:24:13:9a:0b:9d:04:d8:e9:ab:de:32:52:
a1:12:e7:1d:19:f1:e3:57:e1:e7:3f:f5:55:29:7e:38:6d:9a:
62:5b:fe:74:3e:ac:3c:5b:c5:11:34:2b:f9:e8:99:45:2f:a3:
72:9d:2c:77:ae:39:8c:ad:0b:21:64:bd:c2:0b:d8:90:bd:3c:
9b:24:0f:b8:a1:8c:0c:2c:ab:ea:07:93:20:06:f2:23:49:fb:
f2:0f:43:4d:ef:41:4c:c4:95:3d:7f:27:9d:74:cb:a8:0f:24:
83:31:ee:88:b8:35:9c:42:c4:c3:d5:ba:25:c1:98:3a:c4:9d:
00:8f:a9:ad:35:c8:be:95:38:85:27:4d:c7:fb:1d:16:cb:87:
a5:d3:d1:d5:71:99:e9:f0:bf:27:a6:a0:02:4f:03:5a:e3:54:
ca:d6:20:ec:2d:b5:8b:6f:72:18:5a:69:11:2b:77:46:6b:86:
29:b8:30:0d:e8:ed:4f:ad:73:8c:0c:59:5c:69:2d:e4:02:0b:
ce:10:a9:b2:b9:30:65:cf:d8:18:f9:a0:05:b0:66:22:f9:1e:
4e:54:54:33
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZVdg0lIYDeQIiiSUkj0NGS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMzAzMTkzNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY0NDBkOWRkYWVlYTJiMDA5NWRkOGEyMmYwZGQwNDUzYmI3ZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIiIt1f5ybBdyQBHzTstjGLVr7vx
eyCW8kzTX1MNoQQ5p8zYNr2Z84ilsJ+h2xta7GkLK+ZL8AMSQRdXfz/n0i3Ilb/+
kKZq7CYC+2aJFEnTu0F1dyisIVpYOkB6W3BknupPGuA9ayLzH9gtWsWCl8uu7JnH
mnNpEGiwjsewDhBL7beoEYMQlEodS5qt+XdcTsvHc1ijvF9OofAddRkCPphcM5U0
2Yfi17B0pT8kWr9FEE1wfW59NjYfK4TNJZrrrL1R8PJEFgklSu5jDjG9ZbzK2kf7
0EkAKRD5WQg10p2Cqd4ThWGq74JPd3vPGCdPqM4WzRKeEkG83I3+Oj4eXwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDpkQNndruorAJXdiiLw3QRTu3+LMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvT21SQTJkMnU2aXNBbGQyS0l2RGRCRk83ZjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg3NxQMF
ACoO7sQDBQAqETxCAwUAKhFrxTANBgkqhkiG9w0BAQsFAAOCAQEARObycatHeapy
D6Ta0TRu8/+OtsFgnyP9Z2DQzeUzC0R48cGcI6oAdovbJBOaC50E2Omr3jJSoRLn
HRnx41fh5z/1VSl+OG2aYlv+dD6sPFvFETQr+eiZRS+jcp0sd645jK0LIWS9wgvY
kL08myQPuKGMDCyr6geTIAbyI0n78g9DTe9BTMSVPX8nnXTLqA8kgzHuiLg1nELE
w9W6JcGYOsSdAI+prTXIvpU4hSdNx/sdFsuHpdPR1XGZ6fC/J6agAk8DWuNUytYg
7C21i29yGFppESt3RmuGKbgwDejtT61zjAxZXGkt5AILzhCpsrkwZc/YGPmgBbBm
IvkeTlRUMw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:51:15 2025 by rpki-client